nosotroda.com Open in urlscan Pro
2606:4700:3037::6815:5774 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dynamicsgreat.com/1mvkq/LG-xaQY5doN-oRsaasRwshNlRhxThaNl668hNR12xJvIAJbmz37NC16xK1O9TuOrK8eEKDXN_hOKOadaNJvIAyfIxN...
Effective URL:
https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
Submission: On October 09 via manual (October 9th 2023, 1:48:41 pm UTC) from US — Scanned from US

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3037::6815:5774, located in United States and belongs to CLOUDFLARENET, US. The main domain is nosotroda.com.
TLS certificate: Issued by GTS CA 1P5 on September 8th 2023. Valid for: 3 months.

This is the only time nosotroda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	92.119.198.9 92.119.198.9	207279 (MARKAHOST...) (MARKAHOST-TELEKOMUNIKASYON-LIMITED-SIRKETI MARKAHOST)
1	77.81.121.128 77.81.121.128	200514 (KNOWNSRV) (KNOWNSRV)
1 1	185.8.62.231 185.8.62.231	58269 (AS-CLOUDH...) (AS-CLOUDHOSTING)
1 1	50.115.174.175 50.115.174.175	32875 (VIRP) (VIRP)
1 10	2606:4700:303... 2606:4700:3037::6815:5774	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:8f07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e2:... 2606:4700:e2::ac40:8209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3037::6815:4392	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 5	44.210.169.31 44.210.169.31	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:201... 2600:9000:2015:5200:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:27b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3.211.188.32 3.211.188.32	14618 (AMAZON-AES) (AMAZON-AES)
1	99.86.227.55 99.86.227.55	16509 (AMAZON-02) (AMAZON-02)
1	44.197.10.209 44.197.10.209	14618 (AMAZON-AES) (AMAZON-AES)
44	16

1 92.119.198.9 (Ashburn, United States) 1 redirects

ASN207279 (MARKAHOST-TELEKOMUNIKASYON-LIMITED-SIRKETI MARKAHOST, TR)
PTR: dynamicsgreat.com

dynamicsgreat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.81.121.128 (Amsterdam, Netherlands)

ASN200514 (KNOWNSRV, GB)
PTR: benchmark.benchmark-finance.com

lottaremu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.8.62.231 (Latvia) 1 redirects

ASN58269 (AS-CLOUDHOSTING, LV)
PTR: vps-62-231.cloudhosting.lv

jetprezzy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.115.174.175 (United States) 1 redirects

ASN32875 (VIRP, US)
PTR: bonerelik.com

gibbonsne.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3037::6815:5774 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nosotroda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:8f07 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nosotroda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:8209 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:4392 (United States)

ASN13335 (CLOUDFLARENET, US)

virtualpushplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.nosotroda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pushvisit.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.210.169.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-169-31.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2015:5200:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:27b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.211.188.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-188-32.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.227.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-227-55.iad79.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.10.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-10-209.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	nosotroda.com 2 redirects nosotroda.com beacon.nosotroda.com	2 MB
7	leadid.com create.leadid.com — Cisco Umbrella Rank: 16979	4 KB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 27104 cdn.trustedform.com — Cisco Umbrella Rank: 31790	42 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1848 ka-f.fontawesome.com — Cisco Umbrella Rank: 3656	24 KB
3	virtualpushplatform.com virtualpushplatform.com — Cisco Umbrella Rank: 293769	5 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
2	pushvisit.xyz pushvisit.xyz — Cisco Umbrella Rank: 285410	2 KB
2	gstatic.com fonts.gstatic.com	45 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 19117	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 30078	39 KB
1	gibbonsne.com 1 redirects gibbonsne.com	568 B
1	jetprezzy.com 1 redirects jetprezzy.com	433 B
1	lottaremu.com lottaremu.com	459 B
1	dynamicsgreat.com 1 redirects dynamicsgreat.com	378 B
44	15

	Domain	Requested by
11	nosotroda.com	2 redirects lottaremu.com nosotroda.com
7	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
4	beacon.nosotroda.com	nosotroda.com
3	virtualpushplatform.com	nosotroda.com virtualpushplatform.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	fonts.googleapis.com	nosotroda.com
2	cdn.trustedform.com	api.trustedform.com
2	pushvisit.xyz	virtualpushplatform.com
2	fonts.gstatic.com	fonts.googleapis.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	nosotroda.com
1	kit.fontawesome.com	nosotroda.com
1	gibbonsne.com	1 redirects
1	jetprezzy.com	1 redirects
1	lottaremu.com
1	dynamicsgreat.com	1 redirects
44	18

This site contains no links.

Subject Issuer	Validity	Valid
lottaremu.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-19` - `2024-07-18`	a year	crt.sh
nosotroda.com GTS CA 1P5	`2023-09-08` - `2023-12-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-09-10` - `2023-12-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-14` - `2024-02-13`	a year	crt.sh
beacon.nosotroda.com R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
pushvisit.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-08-02`	a year	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.trustedform.com Amazon RSA 2048 M03	`2023-08-11` - `2024-09-07`	a year	crt.sh
deviceid.trueleadid.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-06`	10 months	crt.sh
cdn.trustedform.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
Frame ID: CD66035BD523FE06DCF42C91BB042D70
Requests: 39 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=7DDFDDEA-887D-0AAD-A287-D1F0FA6BCFBD&lac=3395B01B-B79A-D8CF-A348-705B3C75A01D
Frame ID: FA8B6CF6CEFB76678E333341C2938B30
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=7DDFDDEA-887D-0AAD-A287-D1F0FA6BCFBD&lac=3395B01B-B79A-D8CF-A348-705B3C75A01D
Frame ID: D1790F470CCFF551E9F7658609F092A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gift Card

Page URL History Show full URLs

http://dynamicsgreat.com/1mvkq/LG-xaQY5doN-oRsaasRwshNlRhxThaNl668hNR12xJvIAJbmz37NC16xK1O9TuOrK8eEKD... HTTP 302
https://lottaremu.com/100fa70afd3a16c9800/4ny31377o_dmxva4jscc17q/pix0001%7C18o99h%7C3c94d97%7Cdmx... Page URL
https://jetprezzy.com/r/f215ef2e-f9fd-45ab-b202-b2364e33dcd7/474041/1411409728/4ny31377o_dmxva4jsc... HTTP 302
https://gibbonsne.com/r/7dc46d7d-54ff-43a6-8ed9-0b77ff36de4a/474041/1411409728/4ny31377o_dmxva4jsc... HTTP 302
https://nosotroda.com/e/tpl43?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf HTTP 301
http://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf HTTP 301
https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

44
Requests

98 %
HTTPS

47 %
IPv6

15
Domains

18
Subdomains

16
IPs

4
Countries

2113 kB
Transfer

3364 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dynamicsgreat.com/1mvkq/LG-xaQY5doN-oRsaasRwshNlRhxThaNl668hNR12xJvIAJbmz37NC16xK1O9TuOrK8eEKDXN_hOKOadaNJvIAyfIxNllhxa HTTP 302
https://lottaremu.com/100fa70afd3a16c9800/4ny31377o_dmxva4jscc17q/pix0001%7C18o99h%7C3c94d97%7Cdmxhkhukjkhkjh%7C1e7fhg9%7C000608 Page URL
https://jetprezzy.com/r/f215ef2e-f9fd-45ab-b202-b2364e33dcd7/474041/1411409728/4ny31377o_dmxva4jscc17q HTTP 302
https://gibbonsne.com/r/7dc46d7d-54ff-43a6-8ed9-0b77ff36de4a/474041/1411409728/4ny31377o_dmxva4jscc17q//?fctr=1 HTTP 302
https://nosotroda.com/e/tpl43?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf HTTP 301
http://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf HTTP 301
https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://dynamicsgreat.com/1mvkq/LG-xaQY5doN-oRsaasRwshNlRhxThaNl668hNR12xJvIAJbmz37NC16xK1O9TuOrK8eEKDXN_hOKOadaNJvIAyfIxNllhxa HTTP 302
https://lottaremu.com/100fa70afd3a16c9800/4ny31377o_dmxva4jscc17q/pix0001%7C18o99h%7C3c94d97%7Cdmxhkhukjkhkjh%7C1e7fhg9%7C000608

Request Chain 23

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16968593160290.2020303598013713 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16968593160290.2020303598013713

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

pix0001%7C18o99h%7C3c94d97%7Cdmxhkhukjkhkjh%7C1e7fhg9%7C000608
lottaremu.com/100fa70afd3a16c9800/4ny31377o_dmxva4jscc17q/
Redirect Chain

http://dynamicsgreat.com/1mvkq/LG-xaQY5doN-oRsaasRwshNlRhxThaNl668hNR12xJvIAJbmz37NC16xK1O9TuOrK8eEKDXN_hOKOadaNJvIAyfIxNllhxa
https://lottaremu.com/100fa70afd3a16c9800/4ny31377o_dmxva4jscc17q/pix0001%7C18o99h%7C3c94d97%7Cdmxhkhukjkhkjh%7C1e7fhg9%7C000608

165 B
459 B

1292ms
563ms

Document
text/html

77.81.121.128
KNOWNSRV

General

Check archive.org

Show headers Download Go to

Full URL: https://lottaremu.com/100fa70afd3a16c9800/4ny31377o_dmxva4jscc17q/pix0001%7C18o99h%7C3c94d97%7Cdmxhkhukjkhkjh%7C1e7fhg9%7C000608
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.81.121.128 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, GB),
Reverse DNS: benchmark.benchmark-finance.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Length: 165
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 Oct 2023 13:48:32 GMT
Server: Apache

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 09 Oct 2023 13:48:30 GMT
Location: https://lottaremu.com/100fa70afd3a16c9800/4ny31377o_dmxva4jscc17q/pix0001|18o99h|3c94d97|dmxhkhukjkhkjh|1e7fhg9|000608
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2

200

Primary Request / Show response
nosotroda.com/e/tpl43/
Redirect Chain

https://jetprezzy.com/r/f215ef2e-f9fd-45ab-b202-b2364e33dcd7/474041/1411409728/4ny31377o_dmxva4jscc17q
https://gibbonsne.com/r/7dc46d7d-54ff-43a6-8ed9-0b77ff36de4a/474041/1411409728/4ny31377o_dmxva4jscc17q//?fctr=1
https://nosotroda.com/e/tpl43?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
http://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf

3 KB
2 KB

165ms
165ms

Document
text/html

2606:4700:3037::6815:5774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
Requested by: Host: lottaremu.com
URL: https://lottaremu.com/100fa70afd3a16c9800/4ny31377o_dmxva4jscc17q/pix0001%7C18o99h%7C3c94d97%7Cdmxhkhukjkhkjh%7C1e7fhg9%7C000608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64f3d32a36835850b95d902c8c1227a4f198e3c5c09a52daece0e1542fecc7b

Request headers

Referer: https://lottaremu.com/100fa70afd3a16c9800/4ny31377o_dmxva4jscc17q/pix0001%7C18o99h%7C3c94d97%7Cdmxhkhukjkhkjh%7C1e7fhg9%7C000608
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 813714ff68794c01-MIA
content-encoding: br
content-type: text/html
date: Mon, 09 Oct 2023 13:48:35 GMT
last-modified: Fri, 29 Sep 2023 05:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjV0DVWb7cLNxShY43BESuUtvBXbPOSixrq3nmDVIVW%2BG5mi9BywjnJHuzpZOcytAo4oifEpZ1qDPOR6R2XMpxZdnV%2Bv5XY4BUd5kUbl0Jzd8SEOWRt%2BT7VpIUvjNJ9FTu4QKJMcDh919BYm"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 813714ff2cd431d1-MIA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 09 Oct 2023 13:48:35 GMT
Expires: Mon, 09 Oct 2023 14:48:35 GMT
Location: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFhNNXKYrJU4en9MtIdk5SXlFjBat%2F%2BGUiwoGPMX6YUA94KIPclUyidVSqlSXtcvns6xxdOOMuV%2BfQLXBNLRDqkemj%2Bz9Lm1EO90uJi%2BSINuOrtEcA51raALtd04Mu9zkSMP8uRGld2kaFp1"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 165ms
61ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Requested by

Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 13:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 11:55:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 13:48:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
558 B 165ms
62ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Requested by

Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a781901393bd19811bef7ec44fe3715212110370a565ce384ff8a902de5eaf3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 13:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 13:21:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 13:48:35 GMT

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 11 KB
5 KB 91ms
36ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/268a7048dd.js

Requested by

Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e749dcd41c25e4176a25cce76820a0287c7506c9e27467675ce07369c21c8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 23
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 81371501df1d8de2-MIA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F3a05W2cv_UfLTEABa0h

GET
H3 200 bundle.af848476066d42ee0954.css
nosotroda.com/e/tpl43/ 67 KB
14 KB 36ms
36ms Stylesheet
text/css 2606:4700:3037::6815:5774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nosotroda.com/e/tpl43/bundle.af848476066d42ee0954.css?t=1695829582537
Requested by: Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8340ba9d5a4ad1a68f4fb07c5058c63f0068f6f2ffc03408fe794f5da221f7cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Sep 2023 05:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 853073
etag: W/"65166165-10d23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lru7mHW%2FUihV7bmYpajuxb2NAuXV6J2UewWqAi6SVzrZ2X4SqD%2FncePLj1ehiUB6jjRTjV0oGMxl%2FwfuRYZKUMnGmPau92X1XMDW5n0kUB5dRZQhuReHWJ39CEU3pBITk98cTzdmxvPxPCSZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 813715007bc212a7-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Sep 2024 08:45:49 GMT

GET
H3 200 mobile_CashApp_3.png
nosotroda.com/e/tpl43/public/ 461 KB
462 KB 34ms
34ms Image
image/png 2606:4700:3037::6815:5774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nosotroda.com/e/tpl43/public/mobile_CashApp_3.png
Requested by: Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e6cc2a14a79ec633afa888fb6141ed665119eda949fa647d560f68541489b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 853072
alt-svc: h3=":443"; ma=86400
content-length: 472266
last-modified: Fri, 29 Sep 2023 05:36:18 GMT
server: cloudflare
etag: "65166252-734ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSaURntg7zqpF6%2F3TEXYBL11mLw3fB5PgvLLCqIHf%2BnX3fCIgMA2gLfTE11YR%2BNWz174H3gPiFKxPOJmzAgeI%2BoY2ggjdgc0Nm1%2FTVzbRlg0dvlAZjnR8QCvPNWd5jsmfgfNeQkcuudY%2Bk9h"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 813715018cf112a7-MIA
expires: Sat, 28 Sep 2024 08:45:49 GMT

GET
H3 200 mobile_CashApp.png
nosotroda.com/e/tpl43/public/ 339 KB
340 KB 193ms
192ms Image
image/png 2606:4700:3037::6815:5774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nosotroda.com/e/tpl43/public/mobile_CashApp.png
Requested by: Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9929c92c26c955a6f629a163bda941ad2036323c12d6b5466f03410cf150ffd9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 853072
alt-svc: h3=":443"; ma=86400
content-length: 347103
last-modified: Fri, 29 Sep 2023 05:36:18 GMT
server: cloudflare
etag: "65166252-54bdf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYjBTlkXGsiGVLNZC9ZMjN8yXAkJhwDZE%2BJSi1x%2FuwZQDpLRspcjC3JzH%2FL6FgicKDiSCZnEyOH2hpZ%2FtlNYP9Z4ZNz%2B9n0ojyRtqrQb94fF8x1pWwRT01JW7XUkRw8bJvr5Ro0MN%2Bevcl%2BF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 813715018cf312a7-MIA
expires: Sat, 28 Sep 2024 08:45:49 GMT

GET
H3 200 12.31d5cecb.chunk.js Show response
nosotroda.com/e/tpl43/js/ 390 KB
126 KB 62ms
62ms Script
application/javascript 2606:4700:3037::6815:5774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nosotroda.com/e/tpl43/js/12.31d5cecb.chunk.js
Requested by: Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89f7d2df1ff1d90a29eeb4d9a00c9bf0af669e7672026d9f60760cf04dd6227a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Sep 2023 05:34:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 853073
etag: W/"651661e3-616b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJ8PJrLdO1KTDGzgbqtv0P75daptHfDcNj9fGBn%2FihMp7ofGnVuGwzuuTZC1Hylz1CQnyrT7ACY8hO5r%2FuDuYDh%2F5t7yXNE1yYplyvg%2BKUf4emhbO2jOnZjoEsUxr176thvga8MjkU5SKvc5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 813715018ced12a7-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Sep 2024 08:45:49 GMT

GET
H3 200 app.ace70dba.js Show response
nosotroda.com/e/tpl43/js/ 817 KB
137 KB 119ms
118ms Script
application/javascript 2606:4700:3037::6815:5774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nosotroda.com/e/tpl43/js/app.ace70dba.js
Requested by: Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1174a498b511b66b2fe4de7a0875fb771a855a43ce7ca7ddb34b1ac8b98c691a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Sep 2023 05:34:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 853072
etag: W/"651661e5-cc4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RytNHXlOBeb8cupGBAi8UnUEgvB3EwqWPofHoU%2B7gjYqsCf1BIxz1nczQLWEySS7RvJ3WPe79SEiU7VSKN%2FXkrTMPpWv%2BcofsbmDAyhjm0kwtSPI9m54X5S4ytnA%2BXzPWzkiD2QBmYDFCSOb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 813715018cef12a7-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Sep 2024 08:45:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
513 B 62ms
61ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap

Requested by

Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/bundle.af848476066d42ee0954.css?t=1695829582537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Oct 2023 13:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 12:13:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Oct 2023 13:48:35 GMT

GET
H3 200 mid-footer-background.png
nosotroda.com/e/tpl43/public/ 50 KB
51 KB 151ms
150ms Image
image/png 2606:4700:3037::6815:5774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nosotroda.com/e/tpl43/public/mid-footer-background.png
Requested by: Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/bundle.af848476066d42ee0954.css?t=1695829582537
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e65202b461be994f73bf8efcf6a7e6de371507ceb0b11b7c3b6b21df41f2d2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/e/tpl43/bundle.af848476066d42ee0954.css?t=1695829582537
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 853072
alt-svc: h3=":443"; ma=86400
content-length: 51381
last-modified: Fri, 29 Sep 2023 05:36:17 GMT
server: cloudflare
etag: "65166251-c8b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cm9RQv1sPqs7V2PR3aDeKaXoqnwKxKg1m2W61RbvP0YBURLoL2vZQHgAmrqNk56NBjNIJLNqy022DCecHgOC%2FO4HUzIuExt3VnPeBf7m5CUE6LQSpyO%2FTNVS9v3KU49nkleDQaah3GkixSoT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81371501ed4b12a7-MIA
expires: Sat, 28 Sep 2024 08:45:50 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
23 KB 157ms
52ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nosotroda.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:07:51 GMT
x-content-type-options: nosniff
age: 384044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 03:07:51 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 207ms
102ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nosotroda.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 02:51:27 GMT
x-content-type-options: nosniff
age: 385028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 02:51:27 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 102ms
38ms Fetch
text/css 2606:4700:e2::ac40:8209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
via: 1.1 608f9d003f77a43bcd9df621763561a6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 853671
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9E%2F6Cid0JXcOjcXrNOaqq94utR3or%2Bp89pVZxrHtlCY918g0OnWTOPJ3Qqfg2Nxdxe17FMX0zdWU%2F2tt871n%2BxNvUhM7ztrxl5%2FuinypMZ8kJIXVdAOfiJg85MfqG6VnSUNTKBASaTbLtB86LXhhrQGYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 813715028b4cdaed-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: rkxm-uZ-KUcqVV3Fq20xkCFBvWTUV_Y0HzucaSQjFWwqMABnZfjTUQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 99ms
34ms Fetch
text/css 2606:4700:e2::ac40:8209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
via: 1.1 81148d596ccabdf71245563094108fbe.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 853671
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VK9Rjt3obiQ6hQQ457GfO1SxcWOXsiBnwDtyYAWVC1J2MCjlKvFzyO04VklLWPsRZOa0JyUffq0SLO1b3n1yll5fJgGuWIcU8NBVK3GJXFTiUryNUMGEDRApB0otJ%2FVUVX6TP3XOTw%2FXonDTNHw1fO%2B0Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 813715028b4ddaed-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: kY9PNSo1yh75wcmMumHpHkLwJPth_lGiOjVUk-GnPt4x9UqbCSJ58A==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 105ms
41ms Fetch
text/css 2606:4700:e2::ac40:8209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
via: 1.1 eb083428a00073810c04a8eb17b6bb24.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
age: 853671
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6GtsubufJqj5RvbarBk7cwMlvHzFVSDWjIegJlEqzbrBhppnHIHLB1mrW2eQPMLHZ7zuSUWo5c4n1FlHcKtrTxhKVE4CCGFH3RVBxQyYCX922dfk1E49jKbidulJ1DTJ3HuVqrl3ljZJreS7BI2U%2FrKkg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 813715028b50daed-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Lz8au6lMzQjg7eMZioT14K1BT37RA6av715UGUY0mmnyvCibMMVq7A==

GET
H2 200 ace-push.js Show response
virtualpushplatform.com/ 13 KB
5 KB 207ms
139ms Script
text/javascript 2606:4700:3037::6815:4392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/ace-push.js
Requested by: Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/js/app.ace70dba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fcf2738caabd720bf8a82398b163a2359584075604222905504ef65d4cfce96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 16 Aug 2023 15:12:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d9d0540989ef67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUjFhoJhaUbsvZHF1yTb3risma8FrIqymOWaL1deApOkbv50sb98PLThw6ZWxzUwCoe534wGU9qiJrgS6bM20zR2FfLvcBkd0L4tJU56xcMtrUrYa8CoubiinOcPTyDg0LcNmj%2FauCUeO35OBOJk%2BgS3dt5j1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 813715035d3b3367-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 summary Show response
beacon.nosotroda.com/geo/ 127 B
580 B 192ms
61ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.nosotroda.com/geo/summary

Requested by

Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/js/12.31d5cecb.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b8e8b49cff0b6341d717dd73f9995505cf6b0e4a7f365f8feae9c2b07991dddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:34 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H2 200 0e1dc196-5aa6-45bf-af51-e1ed42f37930 Show response
beacon.nosotroda.com/g/ 113 B
585 B 192ms
61ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.nosotroda.com/g/0e1dc196-5aa6-45bf-af51-e1ed42f37930?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf

Requested by

Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/js/12.31d5cecb.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

03789d8860d050f58f60f8f1f763882e42504c091bf1bcc317718849fae9b49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:34 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H2 200 fc04f767-71d2-4ab9-b60f-8683c2559cbb Show response
beacon.nosotroda.com/s/ 6 KB
2 KB 71ms
71ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.nosotroda.com/s/fc04f767-71d2-4ab9-b60f-8683c2559cbb?requestid=oIUuupBVSr&destinationid=2595812553&id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf

Requested by

Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/js/12.31d5cecb.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c833520af45ba249660fc754f303d6ef6d83360145d711f5acaec1f4d06c0082

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://nosotroda.com/
X-Requested-With: /e/tpl43/?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf&ld=1&session_id=0d7d71c5-41d1-47a7-bc9d-22f7cfac7429
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:35 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

OPTIONS
H2 200 fc04f767-71d2-4ab9-b60f-8683c2559cbb
beacon.nosotroda.com/s/ Frame 0
0 104ms
104ms Preflight 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.nosotroda.com/s/fc04f767-71d2-4ab9-b60f-8683c2559cbb?requestid=oIUuupBVSr&destinationid=2595812553&id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://nosotroda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
access-control-allow-origin: *
content-length: 0
date: Mon, 09 Oct 2023 13:48:34 GMT
server: Kestrel
strict-transport-security: max-age=2592000

POST
H2 200 visit Show response
pushvisit.xyz/api/v1/ 2 KB
2 KB 139ms
138ms Fetch
application/json 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvisit.xyz/api/v1/visit
Requested by: Host: virtualpushplatform.com
URL: https://virtualpushplatform.com/ace-push.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: cf17ff8ac70d9d5ab311b667baaa2f0d3a853bab7c1776bcdeffb9bc74416141

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 13:48:35 GMT
server: Kestrel
content-length: 1541
content-type: application/json; charset=utf-8

OPTIONS
H2 200 visit
pushvisit.xyz/api/v1/ Frame 0
0 391ms
119ms Preflight 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvisit.xyz/api/v1/visit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nosotroda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-length: 0
date: Mon, 09 Oct 2023 13:48:36 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16968593160290.2020303598013713
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16968593160290.2020303598013713

8 KB
4 KB

207ms
74ms

Script
application/javascript

2600:9000:2015:5200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16968593160290.2020303598013713
Protocol: H2
Server: 2600:9000:2015:5200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67f12cf93a1cc9362434e6e7c8e85c4bcd6e3a2581a72151db419fe5c80cc172

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:37 GMT
x-amz-version-id: VYbEY.MiInIC2XBLlwPznUQVcKJYQghU
content-encoding: gzip
last-modified: Fri, 25 Aug 2023 18:26:50 GMT
server: AmazonS3
via: 1.1 c1fa46ae758054d798ed83a4ec1cede4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C1
etag: W/"d94453f100706b5b82570d14e8faab14"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: _jJ7IzTlolPvcNImaPLaG3UL7Kap5cE9xi7Ngjwmya2V-jXG_nI4WA==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16968593160290.2020303598013713
date: Mon, 09 Oct 2023 13:48:36 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 7ddfddea-887d-0aad-a287-d1f0fa6bcfbd.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 169ms
44ms Script
text/javascript 2606:4700:10::6816:27b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/7ddfddea-887d-0aad-a287-d1f0fa6bcfbd.js?snippet_version=2
Requested by: Host: nosotroda.com
URL: https://nosotroda.com/e/tpl43/js/app.ace70dba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:27b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c442b22f469e14bcc15d0b6d7847757c9c681e1390e47cab24b5d714980392a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:36 GMT
x-amz-version-id: nzFKufJUb1s7Uqih32TFXD84UPWlGsy1
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 12 Nov 2021 00:55:27 GMT
server: cloudflare
x-amz-request-id: EJ5VX3BYXG6C1Z2D
age: 1685
etag: W/"842ec632f542c3df9a41d581a9f88c2e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
cf-ray: 813715061cbc3364-MIA
x-amz-id-2: TfU8AMCP9nPIY0lriDeNuv+NlI/QufOwRXkNbNsQhwXapbok5MHgBhOXw1Nkv+7q7PqX7UGMsAo=

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
661 B 194ms
89ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=1620f273-7933-46e5-b540-7eede4b8cd7a&_=167207376

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/7ddfddea-887d-0aad-a287-d1f0fa6bcfbd.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d1e574be9c1a13cf61a7c29279667e959cb3a8cad5c67b7e44d69154088a2969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Oct 2023 13:48:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame FA8B 3 KB
2 KB 152ms
46ms Document
text/html 99.86.227.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=7DDFDDEA-887D-0AAD-A287-D1F0FA6BCFBD&lac=3395B01B-B79A-D8CF-A348-705B3C75A01D

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/7ddfddea-887d-0aad-a287-d1f0fa6bcfbd.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.227.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-227-55.iad79.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nosotroda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Age: 5187
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 09 Oct 2023 12:22:09 GMT
ETag: W/"64d2bf08-dbb"
Last-Modified: Tue, 08 Aug 2023 22:17:44 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 b5a3a07d269412210ea111017ec1157e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 1526FBIkjsbUi_C-F8I_F_kpqjFLanQsyO16O8ORRG85O-_j18Z2Uw==
X-Amz-Cf-Pop: IAD79-C3
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
624 B 55ms
55ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=1620f273-7933-46e5-b540-7eede4b8cd7a&token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&_=167207377

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/7ddfddea-887d-0aad-a287-d1f0fa6bcfbd.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Oct 2023 13:48:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
624 B 54ms
54ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=1620f273-7933-46e5-b540-7eede4b8cd7a&token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&_=167207378

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/7ddfddea-887d-0aad-a287-d1f0fa6bcfbd.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Oct 2023 13:48:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 154ms
53ms XHR
application/json 44.210.169.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16968593160290.2020303598013713
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-31.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 52b9b9d907b492dcb3a75d34d5247fcadd219339424c8ab15502719a10105b41

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 09 Oct 2023 13:48:36 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame D179 4 KB
2 KB 161ms
52ms Document
text/html 44.197.10.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=7DDFDDEA-887D-0AAD-A287-D1F0FA6BCFBD&lac=3395B01B-B79A-D8CF-A348-705B3C75A01D
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=7DDFDDEA-887D-0AAD-A287-D1F0FA6BCFBD&lac=3395B01B-B79A-D8CF-A348-705B3C75A01D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.10.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-10-209.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Mon, 09 Oct 2023 13:48:36 GMT
etag: W/"651c88fc-1049"
expires: Tue, 10 Oct 2023 13:48:36 GMT
last-modified: Tue, 03 Oct 2023 21:34:52 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

POST
H3 200 log-client-error
virtualpushplatform.com/api/v1/visit/ 0
0 130ms
129ms Fetch 2606:4700:3037::6815:4392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/api/v1/visit/log-client-error
Requested by: Host: virtualpushplatform.com
URL: https://virtualpushplatform.com/ace-push.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: application/json

Response headers

date: Mon, 09 Oct 2023 13:48:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCfHn34b4XdUvS6mI%2BxyO6Y%2Fxxf3eE3ksP9WuGoQrBeena%2FQtJTHneHsAe25SPli4bmxjltCYyYQaLc2e3xrQLgwLQ7toGNfTwvUXY0ZDvhNyhnAR8te6%2BnbYQoInODz5QNV5vTmkp256L1PlXl4EgzRMBgRaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 81371509dc4331ea-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H3 200 log-client-error
virtualpushplatform.com/api/v1/visit/ Frame 0
0 158ms
127ms Preflight 2606:4700:3037::6815:4392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/api/v1/visit/log-client-error
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nosotroda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 813715090b1a31ea-MIA
content-length: 0
date: Mon, 09 Oct 2023 13:48:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvbwVBfNO9pEvrYAn8EW%2BH4YH%2F0qKpXecYsGY1VEl1FtRbDldBEXNlNbN5eLGcvMp2lCcCthFI87F6X%2B%2BML9N7sNObP7LKV9l6M8Wj2%2BZC%2B9WJpy9iuKfSCFaBwoA5Hx6FIgSpoRPw8YDvwd6BBrbFab6C%2F60A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 trustedform-1.9.2.js Show response
cdn.trustedform.com/ 103 KB
37 KB 62ms
61ms Script
application/javascript 2600:9000:2015:5200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.2.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16968593160290.2020303598013713
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2015:5200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2df2073609d94c3fd98160d8edf4521c4828bddf51d2e9c2be09b7281283ce49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: Xe3LfP89RQ8zinJZ1qzPO.UZf_GE7yty
content-encoding: gzip
via: 1.1 c1fa46ae758054d798ed83a4ec1cede4.cloudfront.net (CloudFront)
date: Mon, 09 Oct 2023 13:48:29 GMT
last-modified: Fri, 25 Aug 2023 18:26:50 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C1
age: 9
etag: W/"3b6ed1750cf7d966d1af906e1f07874e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Pla3WbBJXeSMjwM4YdVe53cfJ0v_NCEhnjAQaY2GWZMkFYaKXt4yTA==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/3686486140b0a79f98ec3bd874afa7bfe027cdc3/ 0
159 B 103ms
103ms XHR
text/plain 44.210.169.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/3686486140b0a79f98ec3bd874afa7bfe027cdc3/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-31.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 13:48:36 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/3686486140b0a79f98ec3bd874afa7bfe027cdc3/ 0
159 B 97ms
96ms XHR
text/plain 44.210.169.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/3686486140b0a79f98ec3bd874afa7bfe027cdc3/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-31.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 13:48:36 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

GET
H3 200 mobile_CashApp_3.png
nosotroda.com/e/tpl43/public/ 461 KB
462 KB 38ms
37ms Image
image/png 2606:4700:3037::6815:5774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nosotroda.com/e/tpl43/public/mobile_CashApp_3.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e6cc2a14a79ec633afa888fb6141ed665119eda949fa647d560f68541489b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/e/tpl43/0?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf&ld=1&session_id=0d7d71c5-41d1-47a7-bc9d-22f7cfac7429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 853073
alt-svc: h3=":443"; ma=86400
content-length: 472266
last-modified: Fri, 29 Sep 2023 05:36:18 GMT
server: cloudflare
etag: "65166252-734ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4doPVoajinoakiSjrQb7631HqmtdMWkuRPlRbQwcNH%2Fg0XwORPiVo2Shf216ic7R72IBmoxhrvKUqhrloSgaaIHfPr7xaXBvdfjjw5nHoTGfB2fBxN5pqJUfgB06qsXK250z4IgPX9Hpj2A"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81371509cc1e12a7-MIA
expires: Sat, 28 Sep 2024 08:45:49 GMT

GET
H3 200 mobile_CashApp.png
nosotroda.com/e/tpl43/public/ 339 KB
340 KB 32ms
32ms Image
image/png 2606:4700:3037::6815:5774
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nosotroda.com/e/tpl43/public/mobile_CashApp.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9929c92c26c955a6f629a163bda941ad2036323c12d6b5466f03410cf150ffd9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nosotroda.com/e/tpl43/0?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf&ld=1&session_id=0d7d71c5-41d1-47a7-bc9d-22f7cfac7429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 853073
alt-svc: h3=":443"; ma=86400
content-length: 347103
last-modified: Fri, 29 Sep 2023 05:36:18 GMT
server: cloudflare
etag: "65166252-54bdf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahmBVhjCTJpQ%2FxT86tnaoEQDXj24i1f%2FV%2FnGzcl1HR23xJmufWQuPyjNi6O3eIwul7BtGrLRgcbIg1W0SeM8Y9DLcndoOmj5ovLFiDhqDLoH9dW%2BA6YvYas9zWFhyeAY6a7VdMqGQTRYWPtE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81371509cc1f12a7-MIA
expires: Sat, 28 Sep 2024 08:45:49 GMT

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame D179 0
628 B 156ms
55ms Script
text/javascript 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=3395B01B-B79A-D8CF-A348-705B3C75A01D&lck=7DDFDDEA-887D-0AAD-A287-D1F0FA6BCFBD&methods=48&token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&uuid=9a3d46a0507f42048e313485ef40fd6e

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=7DDFDDEA-887D-0AAD-A287-D1F0FA6BCFBD&lac=3395B01B-B79A-D8CF-A348-705B3C75A01D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 13:48:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
625 B 204ms
154ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=1620f273-7933-46e5-b540-7eede4b8cd7a&token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&_=167207379

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/7ddfddea-887d-0aad-a287-d1f0fa6bcfbd.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Oct 2023 13:48:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
625 B 103ms
103ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=5&pid=1620f273-7933-46e5-b540-7eede4b8cd7a&token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&_=167207380

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/7ddfddea-887d-0aad-a287-d1f0fa6bcfbd.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Oct 2023 13:48:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
624 B 105ms
55ms XHR
text/plain 3.211.188.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=1620f273-7933-46e5-b540-7eede4b8cd7a&token=E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5&_=167207381

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/7ddfddea-887d-0aad-a287-d1f0fa6bcfbd.js?snippet_version=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.211.188.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 09 Oct 2023 13:48:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events Show response
api.trustedform.com/certs/3686486140b0a79f98ec3bd874afa7bfe027cdc3/ 0
159 B 52ms
52ms XHR
text/plain 44.210.169.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/3686486140b0a79f98ec3bd874afa7bfe027cdc3/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.210.169.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-169-31.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nosotroda.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 09 Oct 2023 13:48:37 GMT
access-control-expose-headers
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
server: Cowboy

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lottaremu.com/	1970-01-20 15:21:02	Name: uid26234 Value: 1411409728-20231009084832-8afa350a13f6422a7d8358ada7ede90b-
.virtualpushplatform.com/	1970-01-20 15:21:02	Name: TiPMix Value: 9.095620412956452
.virtualpushplatform.com/	1970-01-20 15:21:02	Name: x-ms-routing-name Value: self
nosotroda.com/	1970-01-20 15:21:00	Name: leadid_token-3395B01B-B79A-D8CF-A348-705B3C75A01D-7DDFDDEA-887D-0AAD-A287-D1F0FA6BCFBD Value: E33AFC1D-B5C8-C1BE-1933-6BEAA5C72CF5
.deviceid.trueleadid.com/	1970-01-21 00:56:59	Name: uuid Value: 9a3d46a0507f42048e313485ef40fd6e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://nosotroda.com/e/tpl43/0?id=60bb1079-2eac-4b95-b1a5-2a57b18c5aaf&ld=1&session_id=0d7d71c5-41d1-47a7-bc9d-22f7cfac7429 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
beacon.nosotroda.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
dynamicsgreat.com
fonts.googleapis.com
fonts.gstatic.com
gibbonsne.com
jetprezzy.com
ka-f.fontawesome.com
kit.fontawesome.com
lottaremu.com
nosotroda.com
pushvisit.xyz
virtualpushplatform.com
185.8.62.231
20.50.64.3
2600:9000:2015:5200:1c:7f1a:6680:93a1
2606:4700:10::6816:27b6
2606:4700:3034::ac43:8f07
2606:4700:3037::6815:4392
2606:4700:3037::6815:5774
2606:4700::6812:1734
2606:4700:e2::ac40:8209
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::5e
3.211.188.32
44.197.10.209
44.210.169.31
45.55.126.207
50.115.174.175
77.81.121.128
92.119.198.9
99.86.227.55
03789d8860d050f58f60f8f1f763882e42504c091bf1bcc317718849fae9b49c
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
1174a498b511b66b2fe4de7a0875fb771a855a43ce7ca7ddb34b1ac8b98c691a
19e6cc2a14a79ec633afa888fb6141ed665119eda949fa647d560f68541489b5
2df2073609d94c3fd98160d8edf4521c4828bddf51d2e9c2be09b7281283ce49
2fcf2738caabd720bf8a82398b163a2359584075604222905504ef65d4cfce96
4e65202b461be994f73bf8efcf6a7e6de371507ceb0b11b7c3b6b21df41f2d2f
52b9b9d907b492dcb3a75d34d5247fcadd219339424c8ab15502719a10105b41
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
67f12cf93a1cc9362434e6e7c8e85c4bcd6e3a2581a72151db419fe5c80cc172
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7e749dcd41c25e4176a25cce76820a0287c7506c9e27467675ce07369c21c8bb
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8340ba9d5a4ad1a68f4fb07c5058c63f0068f6f2ffc03408fe794f5da221f7cb
89f7d2df1ff1d90a29eeb4d9a00c9bf0af669e7672026d9f60760cf04dd6227a
9929c92c26c955a6f629a163bda941ad2036323c12d6b5466f03410cf150ffd9
a781901393bd19811bef7ec44fe3715212110370a565ce384ff8a902de5eaf3e
b64f3d32a36835850b95d902c8c1227a4f198e3c5c09a52daece0e1542fecc7b
b8e8b49cff0b6341d717dd73f9995505cf6b0e4a7f365f8feae9c2b07991dddb
b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac
c442b22f469e14bcc15d0b6d7847757c9c681e1390e47cab24b5d714980392a4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c833520af45ba249660fc754f303d6ef6d83360145d711f5acaec1f4d06c0082
cf17ff8ac70d9d5ab311b667baaa2f0d3a853bab7c1776bcdeffb9bc74416141
d1e574be9c1a13cf61a7c29279667e959cb3a8cad5c67b7e44d69154088a2969
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

nosotroda.com Open in urlscan Pro 2606:4700:3037::6815:5774 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

47 %IPv6

15 Domains

18 Subdomains

16 IPs

4 Countries

2113 kBTransfer

3364 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

nosotroda.com Open in urlscan Pro
2606:4700:3037::6815:5774 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

47 %
IPv6

15
Domains

18
Subdomains

16
IPs

4
Countries

2113 kB
Transfer

3364 kB
Size

5
Cookies

44 HTTP transactions
1 data transactions