urlscan.io logo urlscan.io
SecurityTrails logo

www.easycanvasprintsoffer.com Open in urlscan Pro
2606:4700:3031::ac43:a6e0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dceaehb.r.bh.d.sendibt3.com/tr/cl/FX5hFPg49qY0EFg10ESO0u9NtGJoTYNBrIVE0Cw6Sx_0vY29s0Kjh_rUgDj62k1tWoRfpNZnTy0uaAzzfrtLoeJPKS...
Effective URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Submission: On December 06 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 6 countries across 31 domains to perform 82 HTTP transactions. The main IP is 2606:4700:3031::ac43:a6e0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.easycanvasprintsoffer.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.
This is the only time www.easycanvasprintsoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.107.232.127 200484 (SENDINBLU...)
1 138.197.100.222 14061 (DIGITALOC...)
1 1 138.197.107.75 14061 (DIGITALOC...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
12 13.35.253.76 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.58.61 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.96.102.137 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.86.3.147 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.193.63.26 14618 (AMAZON-AES)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
3 151.101.193.44 54113 (FASTLY)
2 13.32.22.91 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.144.19.55 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.22.51 16509 (AMAZON-02)
1 13.35.253.7 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 99.81.27.250 16509 (AMAZON-02)
1 3 2a03:2880:f11... 32934 (FACEBOOK)
1 8 104.75.88.209 16625 (AKAMAI-AS)
1 34.246.204.212 16509 (AMAZON-02)
1 4 35.227.244.1 15169 (GOOGLE)
3 13.35.253.118 16509 (AMAZON-02)
2 23.37.35.193 16625 (AKAMAI-AS)
1 52.216.237.203 16509 (AMAZON-02)
2 35.190.54.17 15169 (GOOGLE)
1 75.2.91.175 16509 (AMAZON-02)
2 141.226.228.48 200478 (TABOOLA-AS)
1 13.32.22.72 16509 (AMAZON-02)
82 40
1    185.107.232.127 (Golfe-Juan, France)

ASN200484 (SENDINBLUE-ASN, FR)
dceaehb.r.bh.d.sendibt3.com
1    138.197.100.222 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
vesas.club
1    138.197.107.75 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
dealshopped.best
1    2606:4700:3031::ac43:a6e0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.easycanvasprintsoffer.com
12    13.35.253.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-76.fra6.r.cloudfront.net
builder-assets.unbounce.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    65.9.58.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-61.fra56.r.cloudfront.net
d2xxq4ijfwetlm.cloudfront.net
2    2600:9000:211e:cc00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    99.86.3.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-147.fra6.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.193.63.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-63-26.compute-1.amazonaws.com
events.ub-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a02:26f0:6c00:2aa::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
3    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    13.32.22.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-91.fra56.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700::6812:10c (United States)

ASN13335 (CLOUDFLARENET, US)
trackcmp.net
2    2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com
prism.app-us1.com
2    54.144.19.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-19-55.compute-1.amazonaws.com
10991072.collect.igodigital.com
nova.collect.igodigital.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.32.22.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-51.fra56.r.cloudfront.net
script.hotjar.com
1    13.35.253.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-7.fra6.r.cloudfront.net
vars.hotjar.com
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    99.81.27.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-27-250.eu-west-1.compute.amazonaws.com
in.hotjar.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
8    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
www.pinterest.com
www.pinterest.fr
1    34.246.204.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-204-212.eu-west-1.compute.amazonaws.com
ws24.hotjar.com
4    35.227.244.1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com
shop.pe
3    13.35.253.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-118.fra6.r.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
2    23.37.35.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-35-193.deploy.static.akamaitechnologies.com
static.easycanvasprints.com
1    52.216.237.203 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
addshoppers.s3.amazonaws.com
2    35.190.54.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com
shopper.shop.pe
1    75.2.91.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com
nytrng.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    13.32.22.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-72.fra56.r.cloudfront.net
cdn.nytrng.com
Apex Domain
Subdomains		 Transfer
12 unbounce.com
builder-assets.unbounce.com
42 KB
7 cloudfront.net
d2xxq4ijfwetlm.cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
90 KB
6 shop.pe
shop.pe
shopper.shop.pe
13 KB
6 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
ws24.hotjar.com
67 KB
5 taboola.com
cdn.taboola.com
trc.taboola.com
trc-events.taboola.com
27 KB
4 pinterest.fr
www.pinterest.fr
14 KB
4 pinterest.com
ct.pinterest.com
www.pinterest.com
2 KB
3 facebook.com
www.facebook.com
714 B
3 bing.com
bat.bing.com
11 KB
3 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
66 KB
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
79 KB
2 nytrng.com
nytrng.com
cdn.nytrng.com
860 B
2 easycanvasprints.com
static.easycanvasprints.com
2 KB
2 google.fr
www.google.fr
655 B
2 google.com
www.google.com
655 B
2 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
2 KB
2 igodigital.com
10991072.collect.igodigital.com
nova.collect.igodigital.com
3 KB
2 app-us1.com
diffuser-cdn.app-us1.com
prism.app-us1.com
6 KB
2 trackcmp.net
trackcmp.net
529 B
2 facebook.net
connect.facebook.net
113 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 pinimg.com
s.pinimg.com
19 KB
1 amazonaws.com
addshoppers.s3.amazonaws.com
4 KB
1 googleadservices.com
www.googleadservices.com
14 KB
1 ub-analytics.com
events.ub-analytics.com
245 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 googletagmanager.com
www.googletagmanager.com
103 KB
1 easycanvasprintsoffer.com
www.easycanvasprintsoffer.com
7 KB
1 dealshopped.best
dealshopped.best
333 B
1 vesas.club
vesas.club
410 B
1 sendibt3.com
dceaehb.r.bh.d.sendibt3.com
148 B
82 31
Domain Requested by
12 builder-assets.unbounce.com www.easycanvasprintsoffer.com
builder-assets.unbounce.com
4 shop.pe 1 redirects d3rr3d0n31t48m.cloudfront.net
shopper.shop.pe
4 www.pinterest.fr s.pinimg.com
vesas.club
3 d3rr3d0n31t48m.cloudfront.net shop.pe
3 ct.pinterest.com s.pinimg.com
www.easycanvasprintsoffer.com
3 www.facebook.com 1 redirects www.easycanvasprintsoffer.com
3 bat.bing.com vesas.club
bat.bing.com
www.easycanvasprintsoffer.com
3 dev.visualwebsiteoptimizer.com www.easycanvasprintsoffer.com
dev.visualwebsiteoptimizer.com
2 trc-events.taboola.com cdn.taboola.com
2 shopper.shop.pe shop.pe
d3rr3d0n31t48m.cloudfront.net
2 static.easycanvasprints.com
2 www.google.fr www.easycanvasprintsoffer.com
2 www.google.com www.easycanvasprintsoffer.com
2 trc.taboola.com cdn.taboola.com
2 trackcmp.net vesas.club
diffuser-cdn.app-us1.com
2 connect.facebook.net vesas.club
connect.facebook.net
2 static.hotjar.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 s.pinimg.com vesas.club
s.pinimg.com
2 d34qb8suadcc4g.cloudfront.net www.easycanvasprintsoffer.com
d34qb8suadcc4g.cloudfront.net
2 ajax.googleapis.com www.easycanvasprintsoffer.com
1 cdn.nytrng.com nytrng.com
1 nytrng.com d3rr3d0n31t48m.cloudfront.net
1 addshoppers.s3.amazonaws.com d3rr3d0n31t48m.cloudfront.net
1 www.pinterest.com 1 redirects
1 ws24.hotjar.com script.hotjar.com
1 nova.collect.igodigital.com www.easycanvasprintsoffer.com
1 in.hotjar.com script.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 vars.hotjar.com static.hotjar.com
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 script.hotjar.com static.hotjar.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 10991072.collect.igodigital.com www.googletagmanager.com
1 diffuser-cdn.app-us1.com vesas.club
1 cdn.taboola.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 events.ub-analytics.com www.easycanvasprintsoffer.com
1 fonts.gstatic.com fonts.googleapis.com
1 d9hhrg4mnvzow.cloudfront.net www.easycanvasprintsoffer.com
1 www.googletagmanager.com www.easycanvasprintsoffer.com
1 fonts.googleapis.com ajax.googleapis.com
1 d2xxq4ijfwetlm.cloudfront.net www.easycanvasprintsoffer.com
1 www.easycanvasprintsoffer.com vesas.club
1 dealshopped.best 1 redirects
1 vesas.club
1 dceaehb.r.bh.d.sendibt3.com 1 redirects
82 47

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.unbounce.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2020-06-19 -
2022-07-06		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.ub-analytics.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-14 -
2021-12-13		 3 months crt.sh
*.collect.igodigital.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-25 -
2022-02-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
static.buildasign.com
GeoTrust RSA CA 2018		 2021-01-11 -
2022-01-18		 a year crt.sh
*.shop.pe
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-06 -
2022-09-06		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
nytrng.com
Amazon		 2021-05-24 -
2022-06-22		 a year crt.sh
*.nytrng.com
Amazon		 2021-10-17 -
2022-11-14		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Frame ID: 492AADC1BE8BE3DB07CE954D919D55F1
Requests: 75 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: E913D553F3E7E4C8C0712E6D8ABEEC24
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.fr/ct.html
Frame ID: 340BCB5B2021C31EBC42C44FFB37F038
Requests: 4 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=d36419f50c4641e09ae287db143a865d
Frame ID: 779F3AA4A77925F212BB05495E77CC7A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Big Event (Lead Generation)

Page URL History Show full URLs

  1. https://dceaehb.r.bh.d.sendibt3.com/tr/cl/FX5hFPg49qY0EFg10ESO0u9NtGJoTYNBrIVE0Cw6Sx_0vY29s0Kjh_rUgDj62k1tWoRfpN... HTTP 302
    http://vesas.club/mp.html Page URL
  2. http://dealshopped.best/8cb8c4ccdeec8a25e6ca2b3769f65c59/out/000ec/167/5no52/14be/32/76 HTTP 302
    https://www.easycanvasprintsoffer.com/affiliate-unsub-page/ Page URL

Page Statistics

82
Requests

96 %
HTTPS

40 %
IPv6

31
Domains

47
Subdomains

40
IPs

6
Countries

722 kB
Transfer

2240 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dceaehb.r.bh.d.sendibt3.com/tr/cl/FX5hFPg49qY0EFg10ESO0u9NtGJoTYNBrIVE0Cw6Sx_0vY29s0Kjh_rUgDj62k1tWoRfpNZnTy0uaAzzfrtLoeJPKSPw6G9kCAMPJMB6gLeYcaRUKAoXr8Eq7nay-xg7hqCO-_qkp3rVGLJFuj9nZT9VOzmGOMObdJhsFd9divVKP3_qbsfL7oAfrLscDREiSQcl HTTP 302
    http://vesas.club/mp.html Page URL
  2. http://dealshopped.best/8cb8c4ccdeec8a25e6ca2b3769f65c59/out/000ec/167/5no52/14be/32/76 HTTP 302
    https://www.easycanvasprintsoffer.com/affiliate-unsub-page/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://dceaehb.r.bh.d.sendibt3.com/tr/cl/FX5hFPg49qY0EFg10ESO0u9NtGJoTYNBrIVE0Cw6Sx_0vY29s0Kjh_rUgDj62k1tWoRfpNZnTy0uaAzzfrtLoeJPKSPw6G9kCAMPJMB6gLeYcaRUKAoXr8Eq7nay-xg7hqCO-_qkp3rVGLJFuj9nZT9VOzmGOMObdJhsFd9divVKP3_qbsfL7oAfrLscDREiSQcl HTTP 302
  • http://vesas.club/mp.html
Request Chain 53
  • https://www.facebook.com/tr/?id=339274456211885&ev=PageView&dl=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&rl=http%3A%2F%2Fvesas.club%2F&if=false&ts=1638768411735&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638768411734.1302231598&it=1638768411501&coo=false&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&ec=0&ev=PageView&fbp=fb.1.1638768411734.1302231598&id=339274456211885&if=false&it=1638768411501&o=30&r=stable&redirect=0&rl=http%3A%2F%2Fvesas.club%2F&rqm=GET&sh=1200&sw=1600&ts=1638768411735&v=2.9.48
Request Chain 61
  • https://www.pinterest.com/ct.html HTTP 302
  • https://www.pinterest.fr/ct.html
Request Chain 63
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
mp.html
vesas.club/
Redirect Chain
  • https://dceaehb.r.bh.d.sendibt3.com/tr/cl/FX5hFPg49qY0EFg10ESO0u9NtGJoTYNBrIVE0Cw6Sx_0vY29s0Kjh_rUgDj62k1tWoRfpNZnTy0uaAzzfrtLoeJPKSPw6G9kCAMPJMB6gLeYcaRUKAoXr8Eq7nay-xg7hqCO-_qkp3rVGLJFuj9nZT9VOzm...
  • http://vesas.club/mp.html
112 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
http://vesas.club/mp.html
Protocol
HTTP/1.1
Server
138.197.100.222 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Date
Mon, 06 Dec 2021 05:26:50 GMT
Server
Apache/2.4.6 (CentOS)
Last-Modified
Wed, 13 Oct 2021 04:01:18 GMT
ETag
"70-5ce3403adc5bc"
Accept-Ranges
bytes
Content-Length
112
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

content-type
text/html; charset=utf-8
date
Mon, 06 Dec 2021 05:26:49 GMT
location
http://vesas.club/mp.html
x-content-type-options
nosniff
x-sib-server
red2.dc2.51b.tech
x-xss-protection
1
content-length
48
Primary Request /
www.easycanvasprintsoffer.com/affiliate-unsub-page/
Redirect Chain
  • http://dealshopped.best/8cb8c4ccdeec8a25e6ca2b3769f65c59/out/000ec/167/5no52/14be/32/76
  • https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Requested by
Host: vesas.club
URL: http://vesas.club/mp.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b895f6504512fb3122c3eb5a1a342530c2b08a5093d1abf325fcaa38d6d8173a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://vesas.club/mp.html#8cb8c4ccdeec8a25e6ca2b3769f65c59/out/000ec/167/5no52/14be/32/76

Response headers

date
Mon, 06 Dec 2021 05:26:50 GMT
content-type
text/html; charset=UTF-8
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
1f273463-0b58-45a2-8715-5a836d27a288
last-modified
Fri, 25 May 2018 16:42:14 GMT
x-unbounce-visitorid
e30b97ea-38c2-4909-8559-bbef3d1fa988
x-unbounce-variant
a
content-location
https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
link
<https://www.easycanvasprintsoffer.com/affiliate-unsub-page/>; rel="canonical"
x-proxy-backend
page-server
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=senY5sAJz0sYYo0294Zgc3yn6aGrzIlnYuyRtgS9WtCyvVgJvmg2DDzR1M3R6NXEMaNnSdXsmhHIndYYC01uWEJiF7iVvU3L%2BXXv1Nuq8UOSHcEm06nBhAj6r6kceqvYi8TwuruyK8vu4n%2BLXhm1gaM6rfKaKDdhVZQvWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b931a07eea65a13-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Mon, 06 Dec 2021 05:26:50 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
location
https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Content-Length
2
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
page-defaults-b3a2f21.z.css
builder-assets.unbounce.com/published/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published/page-defaults-b3a2f21.z.css
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3a2f210f3ae42b81e6b1c7f26dfe76214735ab427bcce1aaca7c37aa6f8e0bb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:56:19 GMT
content-encoding
gzip
last-modified
Wed, 30 May 2018 16:12:50 GMT
server
AmazonS3
age
4098633
etag
"3d53758747081df5fb15ef7a01404331"
x-cache
Hit from cloudfront
x-amz-version-id
OzxGAUEAx_hYQLBU7EtYh4Pp61biXWTO
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/css
content-length
3229
x-amz-cf-id
u8dRgJ4dvrHCY1QKn6YJxv8Zf2vukDMBQAb1s9UXnxoyLasKScPDbg==
jquery.ubpoverlay-45e86c0.z.css
builder-assets.unbounce.com/published/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published/jquery.ubpoverlay-45e86c0.z.css
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45e86c08d1189436d633ce40a5241f1a4ab80203cb8f1bbf3eb0a8e6f7c36ddd

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 00:39:40 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 23:35:27 GMT
server
AmazonS3
age
4164432
etag
"8512a773eaa628ceef9152e05b693d14"
x-cache
Hit from cloudfront
x-amz-version-id
.DzX8Nxz0l7JpjZ450hnwpNgcja3nN3V
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/css
content-length
1870
x-amz-cf-id
dKBtx4vcB0p0IkSXuHSF58Zm_N3cktIqQBE9SfoX_hrWWOuws5Wdrw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 12:58:21 GMT
x-content-type-options
nosniff
age
404910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72174
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Dec 2022 12:58:21 GMT
jquery.validate.min-3b750e1.z.js
builder-assets.unbounce.com/published/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published/jquery.validate.min-3b750e1.z.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b750e1fd19a765561780d5e548d2bffa3ea4fa499df73b19a9221171bdd5a31

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 07:17:55 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 23:35:23 GMT
server
AmazonS3
age
4399737
etag
"190546296dfd1730844bb7daa40f4ce1"
x-cache
Hit from cloudfront
x-amz-version-id
gFd1_ZN9Wdez5SO0Nvmn48sLYCilQkj0
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
6957
x-amz-cf-id
JNWHIlcnBThhzDv-DFg2PupKsBJ9S6jw_4aaXJgVoJUFRFHvG161eg==
additional-methods-09a5c5a.z.js
builder-assets.unbounce.com/published/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published/additional-methods-09a5c5a.z.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09a5c5afe792578c21a00b59e2acd8f437ff5670366108adc30e7b51e293d1c1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 06:53:44 GMT
content-encoding
gzip
last-modified
Fri, 06 Jul 2018 19:20:38 GMT
server
AmazonS3
age
4055588
etag
"d300dc4d4143683149e227f3ed6501f4"
x-cache
Hit from cloudfront
x-amz-version-id
qe1WTXqYfZugtuP6azf8YIgwuQE.o4Pu
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
3095
x-amz-cf-id
9Q9ps18eKFTk97Zy4XDmAmoH6wEgLN44CO6cZA2wrdFAJU9DugmgKQ==
jquery.ubpoverlay-d9900bb.z.js
builder-assets.unbounce.com/published/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published/jquery.ubpoverlay-d9900bb.z.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9900bb23e39aaeac5f62efad707a8a865f4f25cf259145ad25c44fd987265f5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 03:41:27 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 23:35:23 GMT
server
AmazonS3
age
4412725
etag
"c55c2ed99382a13268146fbb46757e03"
x-cache
Hit from cloudfront
x-amz-version-id
QJArjN_z6oJAm4byTOwHkezCXT2RDtBX
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
7737
x-amz-cf-id
NexneamUqXbSDO-8ZJbhgNYap3cCOfSqxlRRIhH31uThvFhGr-dvZA==
unbounce.js
d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/api/ 		641 B
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2xxq4ijfwetlm.cloudfront.net/m/lp-webapp/api/unbounce.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-61.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb23e74443fd3afd6f6a57e70cc0cd49afca31cb61c6224df8036dc7a11f555a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified
Tue, 07 Jan 2014 17:53:15 GMT
server
AmazonS3
age
17820
etag
"550bf4d55f148aa3459eafa64f3eb6a3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 06 Dec 2021 00:29:52 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
641
x-amz-cf-id
BKfx1QQsaOlUY5G8PWaqUwJ8akpFY0aCltys4LhlAkSV2aKBssz2wQ==
main-90cd9cc.z.js
builder-assets.unbounce.com/modules/lp-block/public/ 		1020 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/modules/lp-block/public/main-90cd9cc.z.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90cd9cc3f3648004b94945176c5331b6cbaf477e541623caf80d580933d0cb02

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 00:07:56 GMT
content-encoding
gzip
last-modified
Wed, 26 Sep 2018 23:30:31 GMT
server
AmazonS3
age
11510335
etag
"d842560f2f4cfe39a294c0f146f407b4"
x-cache
Hit from cloudfront
x-amz-version-id
w1fSbW._ZH40Sbo1PoSNI.QohsaGb0Cq
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
423
x-amz-cf-id
fcQ5y7vQne0ZjWsnLQ-_lYqkzBCcxr-7wamIiv4Pbwb6Xl_AauLOVQ==
matchMedia-ba7af92.z.js
builder-assets.unbounce.com/published/ 		925 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published/matchMedia-ba7af92.z.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba7af92cb3ffbf763257405d2bd170cca3fc4a68906b000f4f0b4a615bb0e9a0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 06:33:57 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 23:35:23 GMT
server
AmazonS3
age
4488775
etag
"8a3d44556a9fc8bb91dc41c3257f7ed7"
x-cache
Hit from cloudfront
x-amz-version-id
g.GoVUMSvf6WvcM6YYncLMIfUOararmI
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
562
x-amz-cf-id
eYxXSyyb7F7h5vwazooVv0_OHrGHwVI6BggDkbRL_ypJ4_3f05ezFw==
main-e1f2690.z.js
builder-assets.unbounce.com/modules/lp-text/public/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/modules/lp-text/public/main-e1f2690.z.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1f2690d533e7fc39b81cd43978faea779532bb4ab600f0f45566c737e03c874

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 03:04:57 GMT
content-encoding
gzip
last-modified
Fri, 06 Jul 2018 19:20:34 GMT
server
AmazonS3
age
526915
etag
"67645e1696f8a12286fb11a0edf2d9bd"
x-cache
Hit from cloudfront
x-amz-version-id
uodl5dNhHyS8c5ktZy.dPgqm6H1iWPxN
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
3508
x-amz-cf-id
55vdK6an84uOe00lNJQ6FF3t-RXpqaNZe4T-2IF0c1oHhR45Sx1RDQ==
main-4dbcea2.z.js
builder-assets.unbounce.com/modules/lp-form/public/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/modules/lp-form/public/main-4dbcea2.z.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dbcea2404a14de6ce5b4b540c50c4b3bea3ae6cc1b0c25f9ca8911eeb4ca57f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 11:50:09 GMT
content-encoding
gzip
last-modified
Fri, 25 May 2018 16:35:14 GMT
server
AmazonS3
age
19503403
etag
"011438368890fd41d1f54858ace790f8"
x-cache
Hit from cloudfront
x-amz-version-id
g6xd1MDtiGeBUnoQrN9DbTDn6p0UA1f6
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
7714
x-amz-cf-id
X18iNGJvYavp0u8YrjyG9X0LKjNs6IZFJsXX1cvkO1eOXULMv9DGyQ==
main-2fabf90.z.js
builder-assets.unbounce.com/modules/lp-button/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/modules/lp-button/public/main-2fabf90.z.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fabf90865a5fa61fb28c54d33ea19829678cbcffbf9c4e686589f5bc57aecdb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 16:30:12 GMT
content-encoding
gzip
last-modified
Fri, 06 Jul 2018 19:20:34 GMT
server
AmazonS3
age
4452999
etag
"45b6ed1a48ae14b17966070865a508d0"
x-cache
Hit from cloudfront
x-amz-version-id
0Alizy0SkKyOEhhEG0Xk7rIBDzW9Hk_c
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1296
x-amz-cf-id
dcfOITUOGpOq2U7iZK3b5MdSM0cMWBHf8l3FgZKoRuumF-D988P6cA==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.4.7/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 03:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
524075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6756
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Nov 2022 03:52:16 GMT
ub-browser-879f873.z.js
builder-assets.unbounce.com/published/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published/ub-browser-879f873.z.js
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
879f8736fc247740b8907a12dd85183f9d50a26f3eeb2a9982e49f769d8e9099

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 01:01:45 GMT
content-encoding
gzip
last-modified
Fri, 06 Jul 2018 19:20:38 GMT
server
AmazonS3
age
11507107
etag
"1239a51817ae12d8fa9588f05da935ca"
x-cache
Hit from cloudfront
x-amz-version-id
UvdW10DCH7N0kCZKImqqkxULDTEqs.Jl
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1091
x-amz-cf-id
h1XYtyd5yD6ahLmRiSLQVYMR1QwASbRSN6U5xtxGDQXplQ_Xi_9RIA==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:cc00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 03 May 2021 00:38:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
18766094
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
KeNH5Up5xWF-wAeJGQGUUn1qOaAwrtzKdYRHWUb69TVdQxlUuFJaEA==
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:regular
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 04:55:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Dec 2021 05:26:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Dec 2021 05:26:51 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=248699&u=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&r=0.7847785321867913
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel1 /
Resource Hash
e24c5f6fb215210d033347e5de004eba0bcfced52ae67bd53898a0a41364df10

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 06 Dec 2021 05:26:51 GMT
via
1.1 google
server
gbel1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		468 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5NPB3
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f82971c45d4c2499030b9da21f3a5080bd6f1832d6e4194ab43363abe955e34b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104800
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Dec 2021 05:26:51 GMT
c788991e-bigevent-leadgen-brick.png
d9hhrg4mnvzow.cloudfront.net/www.easycanvasprintsoffer.com/affiliate-unsub-page/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/www.easycanvasprintsoffer.com/affiliate-unsub-page/c788991e-bigevent-leadgen-brick.png
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-147.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81d02b631ef704ea3bfd398d6e811a40cc56a5fbbeaa3f1a4f130a9544f06544

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:08:56 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified
Fri, 25 May 2018 16:42:17 GMT
server
AmazonS3
age
1076
etag
"805d5c9d12b01e1d50515d38346138ff"
x-cache
Hit from cloudfront
x-amz-version-id
U8aU0LvOHsdNPbpahXukLKoHkM_fXdp6
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/png
content-length
4581
x-amz-cf-id
X8HIwnjGWhXlO3rVOKGRqwZXptczJkmOrGTSTLLKcPJz3U2DMkkO3Q==
triangle-toggle.png
builder-assets.unbounce.com/images/ 		281 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://builder-assets.unbounce.com/images/triangle-toggle.png
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published/page-defaults-b3a2f21.z.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28dd309f461b010d81e8d643647fde105766b0ac4593620d42dadb89fe36285a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://builder-assets.unbounce.com/published/page-defaults-b3a2f21.z.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 19:02:29 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jul 2018 23:42:56 GMT
server
AmazonS3
age
12651863
etag
"1c6bea8059291f5796b3d28a717325aa"
x-cache
Hit from cloudfront
x-amz-version-id
CkmB2QyFdYwNSetjAWH6nmcGnk76ALiU
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/png
content-length
281
x-amz-cf-id
3Mzd0ooIJrVIcMK8d2nNqcYOkqelhcNA-gr-0peDrO2UVahLV84mAA==
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:cc00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:20:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
23868377
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
J7pyu--tVyoBYGaHcUPLoNkpufc2Me0ZSPXjmJoXIwxOq8PYRLR3ZA==
va-9d6ac57dbcbba3321dd904e6ee78b647.js
dev.visualwebsiteoptimizer.com/7.0/ 		218 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=248699&u=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&r=0.7847785321867913
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel1 /
Resource Hash
a3f23882af078056246b6773a358d1d244b163ca8cb8c4016edc9e5a627c0cd7

Request headers

Referer
https://www.easycanvasprintsoffer.com/
Origin
https://www.easycanvasprintsoffer.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
br
last-modified
Wed, 01 Dec 2021 11:23:38 GMT
server
gbel1
etag
"61a75b3a-f7f3"
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63475
via
1.1 google
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=248699&d=easycanvasprintsoffer.com&u=D113D4B0FEEA03D4BE8D23080690B33EC&h=8aa0af9ee98c144c61e6a24312ba299d&t=false&r=0.09614043337924905
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:50 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.easycanvasprintsoffer.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 13:39:48 GMT
x-content-type-options
nosniff
age
229623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 13:39:48 GMT
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1638768411298&e=pv&url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&page=The%20Big%20Event%20(Lead%20Generation)&refr=http%3A%2F%2Fvesas.club%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=c01d272d-9c29-4983-ab91-b379ed0708ce&dtm=1638768411297&vp=1600x1200&ds=1600x1229&vid=1&sid=e9e7afa8-126b-467c-b9b6-fee042e4732d&duid=b7839a73-d3a0-42b7-8839-8433aa7cac9c&uid=e30b97ea-38c2-4909-8559-bbef3d1fa988&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMWYyNzM0NjMtMGI1OC00NWEyLTg3MTUtNWE4MzZkMjdhMjg4IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.63.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-63-26.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 05:26:51 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: vesas.club
URL: http://vesas.club/mp.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:50 GMT
content-encoding
gzip
last-modified
Sat, 13 Nov 2021 03:55:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A8BB1DC52CD344B2AE634F7F2626C208 Ref B: LTSEDGE0911 Ref C: 2021-12-06T05:26:51Z
etag
"80dc6f5342d8d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10442
core.js
s.pinimg.com/ct/ 		1 KB
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: vesas.club
URL: http://vesas.club/mp.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2aa::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"95580b4fad0d5513b92f05a5be0d5a38"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
x-fallback
e277efe9-2.16.186.237
accept-ranges
bytes
content-length
583
access-control-expose-headers
X-CDN
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5NPB3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6708
date
Mon, 06 Dec 2021 03:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 06 Dec 2021 05:35:03 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5NPB3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 05:26:51 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1388327/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1388327/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5NPB3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
788d20a80dbda719c69d1630c17f9f44509c32ef2bb44de1389977ac94ec1730

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
_fKuzxy73wyZUF2UxtnbICmF.IucUpza
content-encoding
gzip
etag
"31a269762645766f7e8aa90e8b9c7a5e"
age
0
x-cache
MISS
x-amz-replication-status
COMPLETED
content-length
24892
x-amz-id-2
BQzWnCaZjQKpk6MhKWUfkd3EQTXi6t23ZfSFfyzbhca1SlR1qlFcvA3ClyD0DDd72/ai9SLPXpc=
x-served-by
cache-cdg20725-CDG
last-modified
Sun, 28 Nov 2021 09:37:15 GMT
server
AmazonS3
x-timer
S1638768411.430931,VS0,VE89
date
Mon, 06 Dec 2021 05:26:51 GMT
vary
Accept-Encoding
x-amz-request-id
JAF04WZ0Y8RBGAZ1
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
44
x-cache-hits
0
hotjar-2709015.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2709015.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5NPB3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-91.fra56.r.cloudfront.net
Software
/
Resource Hash
d36fb07394c907a4747e327a51a4be382b5ae5f9b87531a43da91ea86d9e0d50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-C2
etag
W/b410d903f854382e23736913144c2e36
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
content-length
1921
via
1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-id
EcdgE7lQXKuP_oJdRwNDtkt-jHtdQAmzCwhhhFW_MRQadmZ9j9QIlg==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: vesas.club
URL: http://vesas.club/mp.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
xfIC7wXAPh2JYMMUW6+Z5oh6go9NNYe57wYJBqwBPI0YZyIY400fkevtLfrvhtBltQYL0qBL+pa11SRYRKg9vQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 06 Dec 2021 05:26:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
visit
trackcmp.net/ 		0
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackcmp.net/visit?actid=475233557&e=undefined&r=http%3A%2F%2Fvesas.club%2F&u=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F
Requested by
Host: vesas.club
URL: http://vesas.club/mp.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:10c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, private
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray
6b931a0c2ce80f76-MXP
content-length
0
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: vesas.club
URL: http://vesas.club/mp.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
71
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 21 Oct 2021 17:42:06 GMT
server
cloudflare
etag
W/"4d482a43613d3966f353ec9d97452e0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a7750b04e96e89c0816616ed8cc70afc.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
MXP64-C3
cf-ray
6b931a0bdd3e59fb-MXP
x-amz-cf-id
BWxtDTxr1OeANZgji02bND1BqxHcIOs2vuF-DNheki3v4EuNL5UuEQ==
collect.js
10991072.collect.igodigital.com/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://10991072.collect.igodigital.com/collect.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5NPB3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.19.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-19-55.compute-1.amazonaws.com
Software
/
Resource Hash
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:58:22 GMT
vary
Accept-Encoding
content-type
application/javascript
4029274.js
bat.bing.com/p/action/ 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/4029274.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 06 Dec 2021 05:26:50 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F8B3D9631B04440997D0377F07D4538C Ref B: LTSEDGE0911 Ref C: 2021-12-06T05:26:51Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=4029274&Ver=2&mid=df99d444-39c7-450f-acbb-ea33b761faa9&sid=1dde0230565511ecb4f061489cd3f169&vid=1dde3340565511eca2c94b470ad1b8c1&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Big%20Event%20(Lead%20Generation)&p=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&r=http%3A%2F%2Fvesas.club%2F&lt=1064&evt=pageLoad&msclkid=N&sv=1&rn=308744
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 55FFDDF1EA8B4BABA7D5563FC9D2F0DB Ref B: LTSEDGE0911 Ref C: 2021-12-06T05:26:51Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
339274456211885
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/339274456211885?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a722ffbef5c15068be205a5864a298595654a4d5b30eaaa3d3229a63da738ab5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
w4ygxeI/TlgJn1AFd3gnZEgUYuCQ6DntHB4jSEGI1uJbHmW81SuX6VSeD4GKBFGhCgzFp9B4LjOkm4ucO6fZiA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 06 Dec 2021 05:26:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=760490835&t=pageview&_s=1&dl=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&dr=http%3A%2F%2Fvesas.club%2F&ul=en-us&de=UTF-8&dt=The%20Big%20Event%20(Lead%20Generation)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=415305064&gjid=1185292006&cid=203494662.1638768412&tid=UA-71374-16&_gid=147932370.1638768412&_r=1&gtm=2wgc10M5NPB3&z=397809266
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.easycanvasprintsoffer.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.easycanvasprintsoffer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/996875938/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/996875938/?random=1638768411515&cv=9&fst=1638768411515&num=1&label=uGwOCP73tQYQor2s2wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&data=ecomm_prodid%3D1008%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D7.95&frm=0&url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&ref=http%3A%2F%2Fvesas.club%2F&tiba=The%20Big%20Event%20(Lead%20Generation)&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89d357fca8fccbe2c722abdadfb79a557f6d035f25e5a861300799d6ebefde7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1149
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.909c20fd8721306b1fa9.js
script.hotjar.com/ 		226 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.909c20fd8721306b1fa9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2709015.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-51.fra56.r.cloudfront.net
Software
/
Resource Hash
1ac32752b35d7d19ab735f0e9aa200625f0cda0d3a59f5a067e51116c2a43707
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
308025
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
60677
access-control-allow-origin
*
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
etag
"10fcc57bdff3ad7a3c23c5903b8e57c8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
_-ZAf7NlSjnDgKzMHr5T0LPw8t8ADnAyfjhJmmWG9m6K2WQVCNhHmw==
/
prism.app-us1.com/ 		248 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=475233557&u=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&r=http%3A%2F%2Fvesas.club%2F
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
4c03fbbadd66b55e7286a96c945589d820d54e9df7e34c474f1d52da8391aaae

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.2.34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, private
cf-ray
6b931a0c4d9559fb-MXP
json
trc.taboola.com/1388327/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1388327/trc/3/json?tim=1638768411558&data=%7B%22id%22%3A623%2C%22ii%22%3A%22%2Faffiliate-unsub-page%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1638768411553%2C%22cv%22%3A%2220211124-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F%3F%22%2C%22e%22%3A%22http%3A%2F%2Fvesas.club%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbuildasign-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22%2Faffiliate-unsub-page%2F%22%2C%22tim%22%3A1638768411558%2C%22ref%22%3A%22http%3A%2F%2Fvesas.club%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A97%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1388327/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0694904dca0a0ea232395155f1471b98e90fcc851ca0428806d4539793186096

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
gzip
server
nginx
x-timer
S1638768412.575315,VS0,VE17
x-served-by
cache-cdg20725-CDG
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
box-a1ae2079824d1c48aa9ce06efb256f18.html
vars.hotjar.com/ Frame E913 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2709015.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-7.fra6.r.cloudfront.net
Software
/
Resource Hash
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/

Response headers

content-type
text/html
content-length
1044
date
Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6215abf691a11c2f451680e635d30daa"
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
id9VlePmZvDfflk0OpAXenptPSob_UiPw2SDOPPV-zQLQC27pW6yOA==
age
308025
collect
stats.g.doubleclick.net/j/ 		4 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-71374-16&cid=203494662.1638768412&jid=415305064&gjid=1185292006&_gid=147932370.1638768412&_u=YGBACEAABAAAAC~&z=1054683329
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.easycanvasprintsoffer.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 06 Dec 2021 05:26:51 GMT
content-type
text/plain
access-control-allow-origin
https://www.easycanvasprintsoffer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
unip
trc.taboola.com/1388327/log/3/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1388327/log/3/unip?en=page_view&item-url=%2Faffiliate-unsub-page%2F&tim=1638768411558&ref=http%3A%2F%2Fvesas.club%2F&cv=20211124-11-RELEASE&tos=48&ssd=1&scd=97&vi=1638768411553&ri=0aa63a7d1b2a231ced2253a092008afb
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1388327/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Mon, 06 Dec 2021 05:26:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1638768412.612960,VS0,VE12
x-served-by
cache-cdg20725-CDG
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.easycanvasprintsoffer.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
/
www.google.com/pagead/1p-user-list/996875938/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/996875938/?random=1638768411515&cv=9&fst=1638766800000&num=1&label=uGwOCP73tQYQor2s2wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&data=ecomm_prodid%3D1008%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D7.95&frm=0&url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&ref=http%3A%2F%2Fvesas.club%2F&tiba=The%20Big%20Event%20(Lead%20Generation)&async=1&fmt=3&is_vtc=1&random=2621693711&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/996875938/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-user-list/996875938/?random=1638768411515&cv=9&fst=1638766800000&num=1&label=uGwOCP73tQYQor2s2wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&data=ecomm_prodid%3D1008%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D7.95&frm=0&url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&ref=http%3A%2F%2Fvesas.club%2F&tiba=The%20Big%20Event%20(Lead%20Generation)&async=1&fmt=3&is_vtc=1&random=2621693711&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.6ae4a9fc.js
s.pinimg.com/ct/lib/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2aa::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"9850391ff02e4a98b00efa3acfbbbb10"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
x-fallback
e277f060-2.16.186.237
accept-ranges
bytes
content-length
18814
access-control-expose-headers
X-CDN
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71374-16&cid=203494662.1638768412&jid=415305064&_u=YGBACEAABAAAAC~&z=1697357626
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71374-16&cid=203494662.1638768412&jid=415305064&_u=YGBACEAABAAAAC~&z=1697357626
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/2709015/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2709015/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.909c20fd8721306b1fa9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.27.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-27-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer
https://www.easycanvasprintsoffer.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=339274456211885&ev=PageView&dl=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&rl=http%3A%2F%2Fvesas.club%2F&if=false&ts=1638768411735&sw=1600&...
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&ec=0&ev=PageView&fbp=fb.1.1638768411734.1302231598&id=339274456211885&if=false&it=163...
44 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&ec=0&ev=PageView&fbp=fb.1.1638768411734.1302231598&id=339274456211885&if=false&it=1638768411501&o=30&r=stable&redirect=0&rl=http%3A%2F%2Fvesas.club%2F&rqm=GET&sh=1200&sw=1600&ts=1638768411735&v=2.9.48
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H3
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 06 Dec 2021 05:26:51 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:51 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
location
/tr/?coo=false&dl=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&ec=0&ev=PageView&fbp=fb.1.1638768411734.1302231598&id=339274456211885&if=false&it=1638768411501&o=30&r=stable&redirect=0&rl=http%3A%2F%2Fvesas.club%2F&rqm=GET&sh=1200&sw=1600&ts=1638768411735&v=2.9.48
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
expires
0
t_prism_sitemessages.php
trackcmp.net/ 		0
61 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackcmp.net/t_prism_sitemessages.php?trackid=475233557&prismid=e118b5d7-4eb1-45bd-b58b-81766dfaa4a0&url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:10c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, private
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray
6b931a0dadb30f76-MXP
content-length
0
/
ct.pinterest.com/user/ 		486 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614458680784&pd=%7B%22em%22%3A%22b4c9a289323b21a01c3e940f150eb9b8c542587f1abfd8f0e1cc1ffc5e475514%22%7D&cb=1638768411795
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de7c2706afa5e0452969fcdeeab16ed2941c958625e3b5d0c1be279fc42683e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.906656b8.1638768411.f644a9
x-envoy-upstream-service-time
0
x-pinterest-rid
1003433871936422
pin-unauth
dWlkPVl6Y3lOVGMyTWpVdE0yWmxZaTAwWmpBeUxUbGtNbVF0TkRVd09XVmpPVFZpTjJVNQ
access-control-allow-origin
https://www.easycanvasprintsoffer.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
361
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2614458680784&pd=%7B%22em%22%3A%22b4c9a289323b21a01c3e940f150eb9b8c542587f1abfd8f0e1cc1ffc5e475514%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F%22%2C%22ref%22%3A%22http%3A%2F%2Fvesas.club%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1638768411796
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:51 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.906656b8.1638768411.f644aa
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
7
content-length
35
x-pinterest-rid
4761564984126968
expires
Sat, 01 Jan 2000 00:00:00 GMT
track_page_view
nova.collect.igodigital.com/c2/10991072/ 		43 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/10991072/track_page_view?payload=%7B%22title%22%3A%22The%20Big%20Event%20(Lead%20Generation)%22%2C%22url%22%3A%22https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F%22%2C%22referrer%22%3A%22http%3A%2F%2Fvesas.club%2F%22%7D
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.19.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-19-55.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-runtime
0.008775
date
Mon, 06 Dec 2021 05:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
e509350f-5935-48fd-9c66-7cf2b61caf02
content
ws24.hotjar.com/api/v2/sites/2709015/recordings/ 		66 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws24.hotjar.com/api/v2/sites/2709015/recordings/content
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.909c20fd8721306b1fa9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.204.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-204-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
af1c059aceadb5d89fc2edb1af07e17d6a3f6385b7f9c7ff7cee2a1ddca1529f

Request headers

Referer
https://www.easycanvasprintsoffer.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Mon, 06 Dec 2021 05:26:51 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
/
ct.pinterest.com/md/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.easycanvasprintsoffer.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Dec 2021 05:26:52 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.906656b8.1638768412.f64510
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
x-pinterest-rid
7278444594622997
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=339274456211885&ev=Microdata&dl=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&rl=http%3A%2F%2Fvesas.club%2F&if=false&ts=1638768412237&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Big%20Event%20(Lead%20Generation)%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22The%20Big%20Event%20(Lead%20Generation)%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638768411734.1302231598&it=1638768411501&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.easycanvasprintsoffer.com
URL: https://www.easycanvasprintsoffer.com/affiliate-unsub-page/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 06 Dec 2021 05:26:52 GMT
ct.html
www.pinterest.fr/ Frame 340B
Redirect Chain
  • https://www.pinterest.com/ct.html
  • https://www.pinterest.fr/ct.html
413 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.fr/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
df5da046e1e610be77d5b4b85ec4b3450fed44ee33a7583373542f0c553fadcb
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-cc92ab962d12e1305ab4230b786f2b33' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-fr.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1568055686254048; frame-ancestors *
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/

Response headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p
CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-cc92ab962d12e1305ab4230b786f2b33' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-fr.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1568055686254048; frame-ancestors *
content-security-policy-report-only
script-src 'nonce-cc92ab962d12e1305ab4230b786f2b33' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
link
<https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
87
pinterest-generated-by
coreapp-webapp-prod-0a011507
content-encoding
gzip
pinterest-version
5db009e
referrer-policy
origin
x-pinterest-rid
1568055686254048
date
Mon, 06 Dec 2021 05:26:52 GMT
content-length
280
akamai-grn
0.906656b8.1638768412.f64686
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent, Accept-Encoding
x-ua-compatible
IE=edge
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location
https://www.pinterest.fr/ct.html
trailer
x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time
106
pinterest-generated-by
coreapp-webapp-prod-0a011e06
content-encoding
gzip
pinterest-version
5db009e
referrer-policy
origin
x-pinterest-rid
1753462766221166
date
Mon, 06 Dec 2021 05:26:52 GMT
akamai-grn
0.906656b8.1638768412.f645c8
x-cdn
akamai
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
hotjar-491495.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-491495.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5NPB3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-91.fra56.r.cloudfront.net
Software
/
Resource Hash
57c72fcb4a783f0d434160f081e2c9ccaa7c5293f22bfcca81f20fc8738af3b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:52 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-C2
etag
W/ca75b63519a803dcefcba1dd63680487
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
content-length
1964
via
1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-id
QtTOn_4OFyV88RWxUd3KgoC6nihrQn6QFRsuxtQvmGN5kkxr_IaCFA==
widget_async.js
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Protocol
H2
Server
13.35.253.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-118.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20002913c7e5e7c8d48c9e9e9d2e096e056dd9d62110fd593b5b93e628cd5198

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:20:05 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 18:49:48 GMT
server
AmazonS3
age
407
etag
"96168e983d92d1103069721da19b5c6c"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
898
x-amz-cf-id
eTnQRLkBsC5aSft1UZlw-bRuvhS0uHM7Zkr-DpBLaT4b7wrcTzy2Ow==
x-amz-meta-mtime
1637606986.9

Redirect headers

content-security-policy
frame-ancestors none;
via
1.1 google
referrer-policy
no-referrer-when-downgrade
server
nginx
date
Mon, 06 Dec 2021 05:26:52 GMT
x-frame-options
deny
content-type
text/html
location
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
clear
content-length
178
ecp_chat_icon_desktop.svg
static.easycanvasprints.com/cmsimages/ 		1 KB
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.easycanvasprints.com/cmsimages/ecp_chat_icon_desktop.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.35.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-193.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
1e868f0f23c0605d9d94759f02f43ab7ac1b867756a9b1a27485013a9243a568
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
2018-09-07T20:12:38--05:00
server
Microsoft-IIS/10.0
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, max-age=292754
content-length
618
ecp_chat_icon_mobile.svg
static.easycanvasprints.com/cmsimages/ 		1 KB
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.easycanvasprints.com/cmsimages/ecp_chat_icon_mobile.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.35.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-35-193.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5fac33c50949462bad222842e076e44e4428f0ba919898564ec605366c3011de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
2018-09-07T20:05:22--05:00
server
Microsoft-IIS/10.0
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, max-age=405050
content-length
621
triggerRunner.js
d3rr3d0n31t48m.cloudfront.net/widget/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=12a9f05
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-118.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d71aa41f2ba221f0bba812c5aaf838e575fe3af76f78a1311b3ee06c4d5e2703

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 18:50:36 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 18:49:50 GMT
server
AmazonS3
age
1161377
etag
"165d87924d3d3139d90f7bc59a5d143f"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
3710
x-amz-cf-id
LN5bQgiJR11L1C22Acn8W63_PT970uFScZHa_J9PULYyClsLGHsbfA==
x-amz-meta-mtime
1637606986.84
widget.js
d3rr3d0n31t48m.cloudfront.net/widget/ 		179 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4d2fe04
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-118.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e806129148a3c451528e855a6f441f9af33f8f5f7bfa5279e614964cb67cd06

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 18:50:36 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 18:49:49 GMT
server
AmazonS3
age
1161376
etag
"0175c8f6986c9392161bc63e1e329004"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
46990
x-amz-cf-id
-zIWYAKUhd_YVxSvFA9sD5DHYTOq1OR_MPdcjara5K4UzJ2wF107Gw==
x-amz-meta-mtime
1637606982.11
params
shop.pe/widget/main/init/ 		260 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=5cf58081bbddbd28399ad412&product=The%20Big%20Event%20(Lead%20Generation)&product_url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&external_referer=http%3A%2F%2Fvesas.club%2F&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=35586&cookie=&referer=http%3A%2F%2Fvesas.club%2F
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4d2fe04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ccd15a10012c8a07ab9ce44c91518fc675fc9df2d12b0a84a68e74e65b05b21
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:52 GMT
content-encoding
gzip
access-control-allow-origin
https://my.addshoppers.com
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
clear
data-regulation-gdpr-enforced
true
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
deny
etag
W/"b15a44312a31162446f5278e59853ced431ad4e8"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
via
1.1 google
access-control-allow-credentials
true
content-security-policy
frame-ancestors none;
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
/
www.pinterest.fr/_/_/csp_report/ Frame 340B 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.fr/_/_/csp_report/?rid=1568055686254048
Requested by
Host: vesas.club
URL: http://vesas.club/mp.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-91f729b71ea5910bb6f0ece66f7488d0' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-fr.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1132308546400482; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.fr/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-91f729b71ea5910bb6f0ece66f7488d0' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-fr.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1132308546400482; frame-ancestors 'self'
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.906656b8.1638768412.f6470f
content-security-policy-report-only
script-src 'nonce-91f729b71ea5910bb6f0ece66f7488d0' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
72
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1132308546400482
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
5db009e
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Mon, 06 Dec 2021 05:26:52 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a011da4
/
www.pinterest.fr/_/_/csp_report/ Frame 340B 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.fr/_/_/csp_report/?reportonly
Requested by
Host: vesas.club
URL: http://vesas.club/mp.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-c2524cbfb22fa7be5c45fe85df61b9a3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-fr.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1266669616682201; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.fr/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-c2524cbfb22fa7be5c45fe85df61b9a3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-fr.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1266669616682201; frame-ancestors 'self'
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.906656b8.1638768412.f64710
content-security-policy-report-only
script-src 'nonce-c2524cbfb22fa7be5c45fe85df61b9a3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
25
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1266669616682201
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
5db009e
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Mon, 06 Dec 2021 05:26:52 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a011e6c
/
www.pinterest.fr/_/_/csp_report/ Frame 340B 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.pinterest.fr/_/_/csp_report/?reportonly
Requested by
Host: vesas.club
URL: http://vesas.club/mp.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-75c80bd3e1685c6b4e624a1262bceef0' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-fr.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1044735008974778; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinterest.fr/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-75c80bd3e1685c6b4e624a1262bceef0' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-fr.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1044735008974778; frame-ancestors 'self'
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.906656b8.1638768412.f64712
content-security-policy-report-only
script-src 'nonce-75c80bd3e1685c6b4e624a1262bceef0' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time
25
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1044735008974778
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pinterest-version
5db009e
referrer-policy
origin
x-frame-options
SAMEORIGIN
date
Mon, 06 Dec 2021 05:26:52 GMT
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by
coreapp-webapp-prod-0a01197c
params
shop.pe/widget/main/init/ 		1 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.pe/widget/main/init/params?siteid=5cf58081bbddbd28399ad412&product=The%20Big%20Event%20(Lead%20Generation)&product_url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F&external_referer=http%3A%2F%2Fvesas.club%2F&callback=AddShoppersWidget.load_widget&rand=91462&cookie=2%7C1%3A0%7C10%3A1638768412%7C15%3Aaddshoppers.com%7C44%3AZDM2NDE5ZjUwYzQ2NDFlMDlhZTI4N2RiMTQzYTg2NWQ%3D%7Cf42c1148975fd00bc1cd650dee891e126efb2a5e83157ef623bc6baa557947cf&referer=http%3A%2F%2Fvesas.club%2F
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4d2fe04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bfe069bdf436d5abe49eab28c29bae754a3feb6aa018d994c94a48cd048d3db4
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:52 GMT
content-encoding
gzip
access-control-allow-origin
https://my.addshoppers.com
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
clear
data-regulation-gdpr-enforced
true
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
deny
etag
W/"131b13ae41581679210c671f4418ca538e41631d"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
via
1.1 google
access-control-allow-credentials
true
content-security-policy
frame-ancestors none;
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
A.js
addshoppers.s3.amazonaws.com/5cf58081bbddbd28399ad412/5cfaaeaabbddbd56125d34dc/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://addshoppers.s3.amazonaws.com/5cf58081bbddbd28399ad412/5cfaaeaabbddbd56125d34dc/A.js?_t=1604616862
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4d2fe04
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.237.203 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d1db5ba82be48b3fdcbf42719b8adbcd824b7ea06ca4787bb9febf2985c189b7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 06 Dec 2021 05:26:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Nov 2020 22:54:23 GMT
Server
AmazonS3
x-amz-request-id
ETVHGRQ4CBT9R031
ETag
"08c2b47f059ce00e203d7d19e8b15f0e"
x-amz-version-id
_vSb257.YHimc1SMuigzt0BDmJvaXU6D
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
3796
x-amz-id-2
5h0oBzCcS+5NGYiPjuajesvUXfAaRszDHmkCAUxTuKJMCrtmxWFD7ulqB5s/P3r5C3X2Tp2TnK4=
input.js
shopper.shop.pe/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopper.shop.pe/input.js
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.54.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7a5539dcff177aa38e846625a78600dd181df7bd930cf30a6eaf846a5b1c3393

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 03:38:06 GMT
content-encoding
gzip
age
6526
x-guploader-uploadid
ADPycduRc6o78CFRSPTkyOIrNdARFm3lXm76ZdzYLzkg9h091t8WJ-Z62tPUHdtJJMsyiTAY5SIwJ6dFKkViSbilqnoXfGBZqw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8726
last-modified
Mon, 11 Oct 2021 15:23:20 GMT
server
UploadServer
etag
"c9393142714ec735315299d05a1582df"
vary
Accept-Encoding
x-goog-hash
crc32c=34TYGQ==, md5=yTkxQnFOxzUxUpnQWhWC3w==
x-goog-generation
1633965800307532
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
x-goog-stored-content-length
8726
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Mon, 06 Dec 2021 07:38:06 GMT
iframe
nytrng.com/ Frame 779F 		427 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=d36419f50c4641e09ae287db143a865d
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4d2fe04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.91.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn/19.9.0 /
Resource Hash
da8dbb9bc6757a2ed892bedba0c654741058bad2fdebfd5856e79c841d92e671

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/

Response headers

date
Mon, 06 Dec 2021 05:26:53 GMT
content-type
text/html; charset=utf-8
content-length
427
server
gunicorn/19.9.0
consent
shop.pe/query/datareg/ 		0
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shop.pe/query/datareg/consent
Requested by
Host: shopper.shop.pe
URL: https://shopper.shop.pe/input.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 05:26:53 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
clear
content-length
0
data-regulation-gdpr-enforced
true
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
deny
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
HEAD, GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Data-Regulation-Gdpr-Enforced
content-security-policy
frame-ancestors none;
access-control-allow-headers
X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced
unip
trc-events.taboola.com/1388327/log/3/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1388327/log/3/unip?en=pre_d_eng_tb&tos=1551&scd=97&ssd=1&est=1638768411556&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1638768413108&vi=1638768411553&ri=0aa63a7d1b2a231ced2253a092008afb&ref=http%3A%2F%2Fvesas.club%2F&cv=20211124-11-RELEASE&item-url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1388327/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://www.easycanvasprintsoffer.com
pragma
no-cache
date
Mon, 06 Dec 2021 05:26:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pixel.png
shopper.shop.pe/ 		609 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://shopper.shop.pe/pixel.png?data=eyJhY3RpdmVfY2FydCI6dHJ1ZSwiY3VzdG9tX3ZhbHVlcyI6eyJhc19uZXR3b3JrIjp0cnVlfSwiaWRzaG9wcGVyIjoiNWNmNTgwODFiYmRkYmQyODM5OWFkNDEyIiwic2Vzc2lvbl9pZCI6ImQzNjQxOWY1MGM0NjQxZTA5YWUyODdkYjE0M2E4NjVkIiwiZGF0YXJlZ19nZHByX2NvbnNlbnRlZCI6ZmFsc2V9
Requested by
Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=4d2fe04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.54.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 04:39:53 GMT
age
2820
x-guploader-uploadid
ADPycdtN0J7JZ-h_q3ymansM07wR8YtOvpW2ANkN2qkHbtcjEC8gA4IaOTAH1-SLiksShfQdRvrAmfHDLGxI5V8tuP0wjJZ0bg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
609
last-modified
Wed, 20 Sep 2017 16:12:07 GMT
server
UploadServer
etag
"6802175f61adc40617e8ba87a30aa6bd"
x-goog-hash
crc32c=Yf0PfA==, md5=aAIXX2GtxAYX6LqHowqmvQ==
x-goog-generation
1505923927946539
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
609
accept-ranges
bytes
content-type
image/png
expires
Mon, 06 Dec 2021 05:39:53 GMT
pl.2.2.min.js
cdn.nytrng.com/ Frame 779F 		0
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nytrng.com/pl.2.2.min.js
Requested by
Host: nytrng.com
URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=d36419f50c4641e09ae287db143a865d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://nytrng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jul 2019 16:57:19 GMT
server
AmazonS3
age
1200971
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Error from cloudfront
content-type
text/plain
date
Mon, 22 Nov 2021 07:50:48 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
0
x-amz-cf-id
gCILLAKPWO7NY4nS7SIgOtldtI8PH0IGgtWI6XqrjVYNBlwK3kACDA==
unip
trc-events.taboola.com/1388327/log/3/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1388327/log/3/unip?en=pre_d_eng_tb&tos=4552&scd=97&ssd=1&est=1638768411556&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1638768416109&vi=1638768411553&ri=0aa63a7d1b2a231ced2253a092008afb&ref=http%3A%2F%2Fvesas.club%2F&cv=20211124-11-RELEASE&item-url=https%3A%2F%2Fwww.easycanvasprintsoffer.com%2Faffiliate-unsub-page%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1388327/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.easycanvasprintsoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://www.easycanvasprintsoffer.com
pragma
no-cache
date
Mon, 06 Dec 2021 05:26:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| module function| $ function| jQuery object| ub object| lp boolean| Ba object| webfont object| WebFont object| _vwo_code number| settings_timer number| _vwo_settings_timer object| dataLayer function| updateViewport object| UnbounceSnowplowNamespace function| ubSnowplow number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| uetq function| pintrk string| GoogleAnalyticsObject function| ga object| __tfa_pixel_init object| _tfa function| hj object| _hjSettings string| visibilityEvent boolean| hiddenState function| visibilityChanged function| fbq function| _fbq string| trackcmp_email object| trackcmp object| trackcmp_s undefined| trackcmp_h string| visitorGlobalObjectAlias function| vgo string| cookieName string| cookieValue string| cookiePath string| expirationTime object| date number| dateTimeNow function| UET function| UET_init function| UET_push object| ueto_7fb39cead5 object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| prismGlobalObjectAlias object| visitorGlobalObject object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| _etmc object| _etmc_temp string| func_name object| args string| collect_url object| fcSettings boolean| freshChateLoaded string| chatIconDesktop string| chatIconMobile undefined| desktopContactElement object| phoneLink object| desktopChatLink object| mobileChatLink function| openFreshChat object| menuItem object| mobileNav object| AddShoppersWidgetOptions object| js object| AddShoppersLoader function| AddShoppersTriggerRunner function| as_cleanse_field function| as_detect_cc function| as_gaPageView function| as_gaSocial function| as_gaEvent function| as_gaSet object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang object| result boolean| is_mocked object| addshopSettings undefined| addshopMutationObserverConfig undefined| addshopMutationObserver function| addshopNetwork object| addshopReadyEvent function| addshopValidateEmail string| stringified string| cleansed

35 Cookies

Domain/Path Name / Value
www.easycanvasprintsoffer.com/affiliate-unsub-page/ Name: ubpv
Value: a%2C1f273463-0b58-45a2-8715-5a836d27a288
www.easycanvasprintsoffer.com/ Name: ubvs
Value: e30b97ea-38c2-4909-8559-bbef3d1fa988
.easycanvasprintsoffer.com/ Name: ubvt
Value: e30b97ea-38c2-4909-8559-bbef3d1fa988
.easycanvasprintsoffer.com/ Name: _vwo_uuid_v2
Value: D113D4B0FEEA03D4BE8D23080690B33EC|8aa0af9ee98c144c61e6a24312ba299d
.easycanvasprintsoffer.com/ Name: _vis_opt_s
Value: 1%7C
.easycanvasprintsoffer.com/ Name: _vis_opt_test_cookie
Value: 1
.easycanvasprintsoffer.com/ Name: _vwo_uuid
Value: D113D4B0FEEA03D4BE8D23080690B33EC
.easycanvasprintsoffer.com/ Name: _vwo_ds
Value: 3%241638768411%3A61.60385971%3A%3A
.easycanvasprintsoffer.com/ Name: _vwo_sn
Value: 0%3A1
.easycanvasprintsoffer.com/ Name: _gcl_au
Value: 1.1.2074222701.1638768411
www.easycanvasprintsoffer.com/ Name: campaigntracking
Value: direct-undefined
.bing.com/ Name: MUID
Value: 1BD4639271BE67A136657297704566AD
.easycanvasprintsoffer.com/ Name: _uetsid
Value: 1dde0230565511ecb4f061489cd3f169
.easycanvasprintsoffer.com/ Name: _uetvid
Value: 1dde3340565511eca2c94b470ad1b8c1
.easycanvasprintsoffer.com/ Name: _ga
Value: GA1.2.203494662.1638768412
.easycanvasprintsoffer.com/ Name: _gid
Value: GA1.2.147932370.1638768412
.easycanvasprintsoffer.com/ Name: _gat_UA-71374-16
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.easycanvasprintsoffer.com/ Name: _hjSessionUser_2709015
Value: eyJpZCI6ImU0Yjc1YzlmLTc3YjItNTMyNS05NDhhLTlkYzkxMTg4YjEzZSIsImNyZWF0ZWQiOjE2Mzg3Njg0MTE2NjEsImV4aXN0aW5nIjpmYWxzZX0=
.easycanvasprintsoffer.com/ Name: _hjFirstSeen
Value: 1
.easycanvasprintsoffer.com/ Name: _hjSession_2709015
Value: eyJpZCI6IjgxN2NhY2JmLWU3ZTMtNDY5ZC05ZTc3LTFhOTVmNmViMDMzMSIsImNyZWF0ZWQiOjE2Mzg3Njg0MTE3MDZ9
www.easycanvasprintsoffer.com/ Name: _hjIncludedInSessionSample
Value: 1
.easycanvasprintsoffer.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.easycanvasprintsoffer.com/ Name: _fbp
Value: fb.1.1638768411734.1302231598
prism.app-us1.com/ Name: prism_475233557
Value: e118b5d7-4eb1-45bd-b58b-81766dfaa4a0
.easycanvasprintsoffer.com/ Name: prism_475233557
Value: e118b5d7-4eb1-45bd-b58b-81766dfaa4a0
.facebook.com/ Name: fr
Value: 0wUTpmjccLs70sgim..BhrZ8b...1.0.BhrZ8b.
.igodigital.com/ Name: igodigitaltc2
Value: 1e172e3a-5655-11ec-bdd9-42bb8b708600
.igodigital.com/ Name: igodigitalst_10991072
Value: 1e1735b0-5655-11ec-bdd9-42bb8b708600
.igodigital.com/ Name: igodigitalstdomain
Value: 2000015977
.easycanvasprintsoffer.com/ Name: _pin_unauth
Value: dWlkPVl6Y3lOVGMyTWpVdE0yWmxZaTAwWmpBeUxUbGtNbVF0TkRVd09XVmpPVFZpTjJVNQ
trackcmp.net/ Name: cmp475233557
Value: 10591a8174e1121347bdcf7ebdbba88b
www.pinterest.fr/ Name: _pinterest_sess
Value: TWc9PSZqMVVtZU5VdWlkZklxUUhrTFI2L1hEczl6OUw5MWQ1VWtJUVBJVFdLNUl2S0o1RXdyRVRacysyUkZha0N2cDZ6a05TM1BRL2xzZitOQmoxeTR6QWZ0dUx1N2hpQklrZEhPOWxTblFjTmo2cGZQMk40Q0c1cmRxdWxGSWF2aXI1byZVbVcrdnZxVTllUUZuZ3lYdW9hcVpnYTl4a1U9
shop.pe/ Name: addshoppers
Value: "2|1:0|10:1638768412|11:addshoppers|44:ZDM2NDE5ZjUwYzQ2NDFlMDlhZTI4N2RiMTQzYTg2NWQ=|0a11515dd29e9cffd28733866779448f02b5e2d1334182daf0870502f1645058"
www.easycanvasprintsoffer.com/ Name: addshoppers.com
Value: 2%7C1%3A0%7C10%3A1638768412%7C15%3Aaddshoppers.com%7C44%3AZDM2NDE5ZjUwYzQ2NDFlMDlhZTI4N2RiMTQzYTg2NWQ%3D%7Cf42c1148975fd00bc1cd650dee891e126efb2a5e83157ef623bc6baa557947cf

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-cc92ab962d12e1305ab4230b786f2b33' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10991072.collect.igodigital.com
addshoppers.s3.amazonaws.com
ajax.googleapis.com
bat.bing.com
builder-assets.unbounce.com
cdn.nytrng.com
cdn.taboola.com
connect.facebook.net
ct.pinterest.com
d2xxq4ijfwetlm.cloudfront.net
d34qb8suadcc4g.cloudfront.net
d3rr3d0n31t48m.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dceaehb.r.bh.d.sendibt3.com
dealshopped.best
dev.visualwebsiteoptimizer.com
diffuser-cdn.app-us1.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
nova.collect.igodigital.com
nytrng.com
prism.app-us1.com
s.pinimg.com
script.hotjar.com
shop.pe
shopper.shop.pe
static.easycanvasprints.com
static.hotjar.com
stats.g.doubleclick.net
trackcmp.net
trc-events.taboola.com
trc.taboola.com
vars.hotjar.com
vesas.club
ws24.hotjar.com
www.easycanvasprintsoffer.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.pinterest.com
www.pinterest.fr
104.75.88.209
13.32.22.51
13.32.22.72
13.32.22.91
13.35.253.118
13.35.253.7
13.35.253.76
138.197.100.222
138.197.107.75
141.226.228.48
142.250.186.130
151.101.193.44
185.107.232.127
23.37.35.193
2600:9000:211e:cc00:1d:11cf:5800:93a1
2606:4700:3031::ac43:a6e0
2606:4700::6811:915b
2606:4700::6812:10c
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9a
2a02:26f0:6c00:2aa::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.193.63.26
34.246.204.212
34.96.102.137
35.190.54.17
35.227.244.1
52.216.237.203
54.144.19.55
65.9.58.61
75.2.91.175
99.81.27.250
99.86.3.147
0694904dca0a0ea232395155f1471b98e90fcc851ca0428806d4539793186096
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
09a5c5afe792578c21a00b59e2acd8f437ff5670366108adc30e7b51e293d1c1
0b960c8f9b3fb4ca1d0b1f43e40b5defd11dbf0fd60ebad49ad50ecc06119170
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
1ac32752b35d7d19ab735f0e9aa200625f0cda0d3a59f5a067e51116c2a43707
1e868f0f23c0605d9d94759f02f43ab7ac1b867756a9b1a27485013a9243a568
20002913c7e5e7c8d48c9e9e9d2e096e056dd9d62110fd593b5b93e628cd5198
28dd309f461b010d81e8d643647fde105766b0ac4593620d42dadb89fe36285a
2e806129148a3c451528e855a6f441f9af33f8f5f7bfa5279e614964cb67cd06
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2fabf90865a5fa61fb28c54d33ea19829678cbcffbf9c4e686589f5bc57aecdb
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b750e1fd19a765561780d5e548d2bffa3ea4fa499df73b19a9221171bdd5a31
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
45e86c08d1189436d633ce40a5241f1a4ab80203cb8f1bbf3eb0a8e6f7c36ddd
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
4c03fbbadd66b55e7286a96c945589d820d54e9df7e34c474f1d52da8391aaae
4dbcea2404a14de6ce5b4b540c50c4b3bea3ae6cc1b0c25f9ca8911eeb4ca57f
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
57c72fcb4a783f0d434160f081e2c9ccaa7c5293f22bfcca81f20fc8738af3b3
5fac33c50949462bad222842e076e44e4428f0ba919898564ec605366c3011de
6ccd15a10012c8a07ab9ce44c91518fc675fc9df2d12b0a84a68e74e65b05b21
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
788d20a80dbda719c69d1630c17f9f44509c32ef2bb44de1389977ac94ec1730
7a5539dcff177aa38e846625a78600dd181df7bd930cf30a6eaf846a5b1c3393
81d02b631ef704ea3bfd398d6e811a40cc56a5fbbeaa3f1a4f130a9544f06544
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
879f8736fc247740b8907a12dd85183f9d50a26f3eeb2a9982e49f769d8e9099
89d357fca8fccbe2c722abdadfb79a557f6d035f25e5a861300799d6ebefde7f
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
90cd9cc3f3648004b94945176c5331b6cbaf477e541623caf80d580933d0cb02
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3f23882af078056246b6773a358d1d244b163ca8cb8c4016edc9e5a627c0cd7
a722ffbef5c15068be205a5864a298595654a4d5b30eaaa3d3229a63da738ab5
af1c059aceadb5d89fc2edb1af07e17d6a3f6385b7f9c7ff7cee2a1ddca1529f
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3a2f210f3ae42b81e6b1c7f26dfe76214735ab427bcce1aaca7c37aa6f8e0bb
b895f6504512fb3122c3eb5a1a342530c2b08a5093d1abf325fcaa38d6d8173a
ba7af92cb3ffbf763257405d2bd170cca3fc4a68906b000f4f0b4a615bb0e9a0
bb23e74443fd3afd6f6a57e70cc0cd49afca31cb61c6224df8036dc7a11f555a
bfe069bdf436d5abe49eab28c29bae754a3feb6aa018d994c94a48cd048d3db4
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
d1db5ba82be48b3fdcbf42719b8adbcd824b7ea06ca4787bb9febf2985c189b7
d36fb07394c907a4747e327a51a4be382b5ae5f9b87531a43da91ea86d9e0d50
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d71aa41f2ba221f0bba812c5aaf838e575fe3af76f78a1311b3ee06c4d5e2703
d9900bb23e39aaeac5f62efad707a8a865f4f25cf259145ad25c44fd987265f5
da8dbb9bc6757a2ed892bedba0c654741058bad2fdebfd5856e79c841d92e671
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7c2706afa5e0452969fcdeeab16ed2941c958625e3b5d0c1be279fc42683e5
df5da046e1e610be77d5b4b85ec4b3450fed44ee33a7583373542f0c553fadcb
e1f2690d533e7fc39b81cd43978faea779532bb4ab600f0f45566c737e03c874
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e24c5f6fb215210d033347e5de004eba0bcfced52ae67bd53898a0a41364df10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f82971c45d4c2499030b9da21f3a5080bd6f1832d6e4194ab43363abe955e34b