winads.eraofecom.org Open in urlscan Pro
2606:4700:3037::ac43:bfbf  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response winads.eraofecom.org/	9 KB 3 KB	1164ms 1094ms	Document text/html	2606:4700:3037::ac43:bfbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:bfbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 127eb5f291a96aee47b004fb644164ee9290eb5b2b5cedb02ac261ab9fb536e2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, must-revalidate cf-cache-status DYNAMIC cf-ray 8380d8c7fca491d7-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 19 Dec 2023 15:58:25 GMT expires -1 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2B1s%2Fu03%2FyBLGf6rXhDaAj%2BxK1ygKT9tn1hZtzl79MCSv8WVBf69PP5ARz%2BVayKXhKMk8drBuSVVSGxONcx4%2FCk98ITBZPEo1TQxkGuP99rS6yNWx27FMhLsgJoZOJSbF5lzhEmxoNUfXYSvl%2FGp0hVN%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	2 KB 906 B	93ms 24ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Quicksand:500,700&display=swap Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 39638b5dff12d65e9a86d4988f503c682c9025f6306523cd2222ca120b1d801e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Dec 2023 15:58:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Dec 2023 15:58:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Dec 2023 15:58:25 GMT
GET H2	200	slim.css winads.eraofecom.org/css/	7 KB 2 KB	227ms 225ms	Stylesheet text/css	2606:4700:3037::ac43:bfbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/css/slim.css Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:bfbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad6a73a3f0fe90a7490cf059ca49d0600e4db67d3124cc24d30f8cc4d51716c6 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 15:58:25 GMT content-encoding br cf-cache-status MISS last-modified Fri, 05 Nov 2021 06:16:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1c0f-5d00496873586-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISBnsaezjgYDcKtTaOfnzJRSmlsITmo2W9kkmXcAZvOfkO4CR99Up2hydkBU7ENG6imIJlAlblauK86DtwVPkw1Gr3k%2B0nYqPqPclEbcLjJ0pVnyt8X8MJTAFwtfLMfMOvY%2BIE1dzrH%2FrD621UfVXSdfxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8380d8cecc2491d7-FRA alt-svc h3=":443"; ma=86400
GET H2	200	includes.js Show response winads.eraofecom.org/js/	4 KB 2 KB	227ms 225ms	Script application/javascript	2606:4700:3037::ac43:bfbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/js/includes.js Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:bfbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ebe0a2693e7fa369a7c3533505cc9f6941ed56739d4f0945c8f3c38ee2cf9df Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 15:58:25 GMT content-encoding br cf-cache-status MISS last-modified Sat, 31 Dec 2022 07:26:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1070-5f11aa1b9dc8b-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3ioIYAOd1Z%2BtO9Y07YmENup3lyTF88JFA3HrRfdPIsirIir23gRZ9CPJGRFo2mVG2TWdCbbDlMriB2NYAj4JF0DU4nVFwu7mpKlKklPnfJPdGBLJZuGBcB8OQH4H6MqgtkcTF1P%2FaN%2BOHnzRfs1YRDjMw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8380d8cecc2c91d7-FRA alt-svc h3=":443"; ma=86400
GET H2	200	Tracker.js Show response winads.eraofecom.org/js/	5 KB 2 KB	227ms 226ms	Script application/javascript	2606:4700:3037::ac43:bfbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/js/Tracker.js Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:bfbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01aa9690b4812e3948f0378c8f6085d2102c8cf5d1aba7ce8939fbed16e0e034 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 15:58:25 GMT content-encoding br cf-cache-status MISS last-modified Sun, 19 Jul 2020 16:19:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"133c-5aacdc06cc8b7-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5HBX%2FGRoxTUZhGIXxiqeRi%2BVmfJXU1wk1b4T0Q6mRnhKUE44ttqn7RAyDh1NzixMNyTNueoaQ%2BUEM6mpsG1HoCdJDAYeDT5G2DOCNQge2CRBO6IqZx17EG%2FWiPBFCqcV6dKyRO0ipkQh6XOVCsr0KKGmw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8380d8cecc2e91d7-FRA alt-svc h3=":443"; ma=86400
GET H2	200	imports.css winads.eraofecom.org/css/	560 KB 63 KB	438ms 437ms	Stylesheet text/css	2606:4700:3037::ac43:bfbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/css/imports.css Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:bfbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06ce24ee44c2013804799b6d895751b845bd969ddd53f5b3384c59741567ae84 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 15:58:25 GMT content-encoding br cf-cache-status MISS last-modified Wed, 06 Sep 2023 11:54:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"8c049-604af66cd30c1-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voYLsJsk4jdZxxVvqlOBZSzaMyCZAC6IBvT8%2BCMWCWRK4o8kI%2BLlV1cDzGjDriYciRum0fOzcKhdTepR3BBa7FdvA7VAmm0v0uRlGJnw9U7o5Qn0hf%2FrX2h52ZBLm%2B%2B6gbqGEsldRw3wXLZm9UasovyKbg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8380d8cecc2891d7-FRA alt-svc h3=":443"; ma=86400
GET H2	200	plans.css winads.eraofecom.org/css/	32 KB 7 KB	225ms 224ms	Stylesheet text/css	2606:4700:3037::ac43:bfbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://winads.eraofecom.org/css/plans.css Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:bfbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23f59a1062708b80e63dfc8d8ac52fa5987eacd312f61ffe02d279699a5bc879 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 15:58:25 GMT content-encoding br cf-cache-status MISS last-modified Mon, 04 Jul 2022 08:28:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"8145-5e2f6843b12c5-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPgrdCz1fJUfwWtZYaRapvXmqlk27eWcA4qlQu6ODnuDtKav1KWR1heDFZTJT%2B5%2FBKW%2BHrx%2BOwu92GSgQU6mcsX3C%2BHLfvnVZCgbSayRBiSBUt52Fdo17Zx4PMw%2F%2FNbB1N%2BFPmKRurhFZYMTxUz9rGvAjw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8380d8cecc2a91d7-FRA alt-svc h3=":443"; ma=86400
GET H2	200	winAds-landscape-lg-b.png winads.eraofecom.org/images/	21 KB 22 KB	325ms 324ms	Image image/png	2606:4700:3037::ac43:bfbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winads.eraofecom.org/images/winAds-landscape-lg-b.png Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:bfbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8838619a3e9a8a87b8636f8d91ddb682fafb12ca5aa630804ae83f9f7451e773 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 15:58:25 GMT cf-cache-status MISS last-modified Tue, 09 Feb 2021 10:26:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5517-5bae4b9fcefb5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEM6IJrC%2FTJGtJXrXuK9rxIxJbLpS5RxlGpm0ofcQdX2B9ct2fMfYl2hpAEgGWXe%2B5Rrj%2B7hMiJ5qY4Hyk0C9c04AA%2FaPzsJ9%2BrlVZs9FM9jqpy6JvMw5x9kGM9tYM3pQqS5mYgdL87nH3Ae0SjFgE7DpQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8380d8cecc3091d7-FRA alt-svc h3=":443"; ma=86400 content-length 21783
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	114ms 46ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/js/includes.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 19 Dec 2023 15:48:14 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 611 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 19 Dec 2023 17:48:14 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	43ms 9ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/js/includes.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 19 Dec 2023 15:58:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug HnIIbNjbJ/nJ9yU3/qwNadsZl6f7HX19Rahq841wCPevW5vKjbiFUcs7KBQ2/A/p5zVNUv7S56auDR7zB0Gc/w== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	hotjar-1647270.js Show response static.hotjar.com/c/	9 KB 4 KB	127ms 58ms	Script application/javascript	18.66.97.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1647270.js?sv=6 Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/js/includes.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-49.fra56.r.cloudfront.net Software / Resource Hash f6072f08d043088cf548ac6907457ef83bd11732c3a32b80d5ab6c2737cd528b Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 15:58:25 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/9ba2447364599824adea45a58ec7f34f vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id 5YVhk1IG_le7H0JytMBCWS5_AfD9Y-KYhEUNEyqzSymC-uC3xrfQ2Q==
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 224 B	22ms 22ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=118888339&t=pageview&_s=1&dl=https%3A%2F%2Fwinads.eraofecom.org%2F&ul=en-us&de=UTF-8&dt=Win%20Ads&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1515315273&gjid=1518345487&cid=1037446617.1703001506&tid=UA-126210467-2&_gid=1934500636.1703001506&_r=1&_slc=1&z=6940062 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e311b9b7cc4b8ce6e1f3a2a76f847e5d565571ef492516306c59fdb0592ae141 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://winads.eraofecom.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 19 Dec 2023 15:58:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://winads.eraofecom.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	hexa2.jpg winads.eraofecom.org/images/	45 KB 45 KB	481ms 481ms	Image image/jpeg	2606:4700:3037::ac43:bfbf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://winads.eraofecom.org/images/hexa2.jpg Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/css/slim.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:bfbf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6338966d4d001672199b791b3255ae315202bcd91e1f97112e38ffa61f36e099 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/css/slim.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 15:58:25 GMT cf-cache-status MISS last-modified Fri, 24 Jul 2020 15:18:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "b26d-5ab317b38d830" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5VqEKMo9H6jyIs%2FoqvdyvobKjU5Paa1A8AJ4Ls%2FTMV8JqJa2Yrq07DxzLVPU63DdYxXXfFUHuD9Lo3WBgKFMJDUYPA9gTjepRevAfICzJUcF5mBqPpPj7JgPzgxes1Z3h%2BGu1f01yfdLDzVdz6EQKEagA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8380d8d1dc456928-FRA alt-svc h3=":443"; ma=86400 content-length 45677
GET H2	200	6xKtdSZaM9iE8KbpRA_hK1QN.woff2 fonts.gstatic.com/s/quicksand/v31/	27 KB 28 KB	68ms 15ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Quicksand:500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://winads.eraofecom.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 02:37:42 GMT x-content-type-options nosniff age 48043 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28064 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:22:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 02:37:42 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	222 KB 80 KB	141ms 51ms	Script application/javascript	2a00:1450:4001:802::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0NHNLB4Z56&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 14593dd0dd97e67dddd4ba3d5b72b300a8d68ff4e37f0365c22a6874ae983a07 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 15:58:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81265 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 19 Dec 2023 15:58:25 GMT
GET H2	200	1476784645704645 Show response connect.facebook.net/signals/config/	135 KB 35 KB	395ms 395ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1476784645704645?v=2.9.138&r=stable&domain=winads.eraofecom.org Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9178b98836dfb930da85458a2be170df7c6a8223607ec2d8485fba30f1b6c183 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 19 Dec 2023 15:58:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug qVz/A2TOnw6H8KE0pVbWyduX8pFq7juhrYPGGTE2+EZQT03wktH/g11nyV/pnHtiSPGmifCbnvkKALHLA0OUFg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	modules.f8398e1fcf749800c3fc.js Show response script.hotjar.com/	220 KB 55 KB	119ms 52ms	Script application/javascript	13.32.27.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1647270.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-21.fra56.r.cloudfront.net Software / Resource Hash fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 12:03:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 446119 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55732 last-modified Thu, 14 Dec 2023 12:02:27 GMT etag "ce5f5f2327c7562166cfcaad455b7a17" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id hNo51rEvOiWSh60nc4gS-h5AXvrMa1rG9E8N7jj6KxEZpEIvRjWmhA==
POST H2	204	collect region1.google-analytics.com/g/	0 257 B	248ms 130ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-0NHNLB4Z56&gtm=45je3bt0v9110714798&_p=1703001505596&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1037446617.1703001506&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwinads.eraofecom.org%2F&dt=Win%20Ads&sid=1703001505&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1933 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0NHNLB4Z56&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Tue, 19 Dec 2023 15:58:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://winads.eraofecom.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	browser-perf.28a8c6b22b3c0474c577.js Show response script.hotjar.com/	4 KB 2 KB	142ms 142ms	Script application/javascript	13.32.27.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-21.fra56.r.cloudfront.net Software / Resource Hash f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 26 Nov 2023 13:54:19 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 1994646 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 1589 last-modified Thu, 23 Nov 2023 14:00:23 GMT etag "d065ec1659ab8dbb93042fdf9a225634" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id hdmohDKt8XYJa5GkmHI2Qx0kUYxkrdyQzbuopaHWe_-nCIBx82MRjg==
POST H2	200	/ Show response content.hotjar.io/	56 B 161 B	384ms 74ms	XHR application/json	52.215.228.249 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?gzip=1 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.215.228.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-228-249.eu-west-1.compute.amazonaws.com Software / Resource Hash d649a836937f58e30217fe7befa12ed74b395daadf8f7a78edc71384acea624b Request headers Referer https://winads.eraofecom.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Tue, 19 Dec 2023 15:58:26 GMT content-length 56 vary Origin content-type application/json
GET H2	200	/ www.facebook.com/tr/	0 185 B	250ms 21ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1476784645704645&ev=PageView&dl=https%3A%2F%2Fwinads.eraofecom.org%2F&rl=&if=false&ts=1703001506051&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703001506050.1095424946&ler=empty&it=1703001505612&coo=false&rqm=GET Requested by Host: winads.eraofecom.org URL: https://winads.eraofecom.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://winads.eraofecom.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 19 Dec 2023 15:58:26 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	204	/ metrics.hotjar.io/	0 70 B	348ms 89ms	Ping text/plain	52.50.33.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://metrics.hotjar.io/?v=6 Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1647270.js?sv=6 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.50.33.57 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-33-57.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://winads.eraofecom.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 19 Dec 2023 15:58:29 GMT vary Origin

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| tracking undefined| Tawk_API undefined| Tawk_LoadStart string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| hj object| _hjSettings function| Tracker object| urlParams object| shopName function| yooo object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.eraofecom.org/	1970-01-21 02:39:21	Name: _ga Value: GA1.2.1037446617.1703001506
			.eraofecom.org/	1970-01-20 17:04:47	Name: _gid Value: GA1.2.1934500636.1703001506
			.eraofecom.org/	1970-01-20 17:03:21	Name: _gat Value: 1
			.eraofecom.org/	1970-01-21 02:39:21	Name: _ga_0NHNLB4Z56 Value: GS1.2.1703001505.1.0.1703001505.0.0.0
			.eraofecom.org/	1970-01-20 17:03:23	Name: _hjFirstSeen Value: 1
			.eraofecom.org/	1970-01-20 17:03:23	Name: _hjIncludedInSessionSample_1647270 Value: 1
			.eraofecom.org/	1970-01-21 01:48:57	Name: _hjSessionUser_1647270 Value: eyJpZCI6Ijg0ZWYzMzk4LWJkODctNTE5ZS05Njc1LWFiM2E2ZmY2OWI1ZSIsImNyZWF0ZWQiOjE3MDMwMDE1MDU4ODcsImV4aXN0aW5nIjp0cnVlfQ==
			.eraofecom.org/	1970-01-20 17:03:23	Name: _hjAbsoluteSessionInProgress Value: 0
			.eraofecom.org/	1970-01-20 17:03:23	Name: _hjSession_1647270 Value: eyJpZCI6IjI2NDg0NmI0LTc5MjUtNDYxYy1iMzYyLWY5OTRiZTFmYzZmOSIsImMiOjE3MDMwMDE1MDU4ODgsInMiOjEsInIiOjEsInNiIjoxfQ==
			.eraofecom.org/	1970-01-20 19:12:57	Name: _fbp Value: fb.1.1703001506050.1095424946

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1476784645704645?v=2.9.138&r=stable&domain=winads.eraofecom.org(Line 132) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
metrics.hotjar.io
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
winads.eraofecom.org
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.32.27.21
18.66.97.49
2001:4860:4802:34::36
2606:4700:3037::ac43:bfbf
2a00:1450:4001:802::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:813::200a
2a00:1450:4001:82b::200e
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.215.228.249
52.50.33.57
01aa9690b4812e3948f0378c8f6085d2102c8cf5d1aba7ce8939fbed16e0e034
06ce24ee44c2013804799b6d895751b845bd969ddd53f5b3384c59741567ae84
127eb5f291a96aee47b004fb644164ee9290eb5b2b5cedb02ac261ab9fb536e2
14593dd0dd97e67dddd4ba3d5b72b300a8d68ff4e37f0365c22a6874ae983a07
23f59a1062708b80e63dfc8d8ac52fa5987eacd312f61ffe02d279699a5bc879
39638b5dff12d65e9a86d4988f503c682c9025f6306523cd2222ca120b1d801e
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ebe0a2693e7fa369a7c3533505cc9f6941ed56739d4f0945c8f3c38ee2cf9df
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
6338966d4d001672199b791b3255ae315202bcd91e1f97112e38ffa61f36e099
8838619a3e9a8a87b8636f8d91ddb682fafb12ca5aa630804ae83f9f7451e773
9178b98836dfb930da85458a2be170df7c6a8223607ec2d8485fba30f1b6c183
ad6a73a3f0fe90a7490cf059ca49d0600e4db67d3124cc24d30f8cc4d51716c6
d649a836937f58e30217fe7befa12ed74b395daadf8f7a78edc71384acea624b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e311b9b7cc4b8ce6e1f3a2a76f847e5d565571ef492516306c59fdb0592ae141
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
f6072f08d043088cf548ac6907457ef83bd11732c3a32b80d5ab6c2737cd528b
fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361