preciouspayload.com Open in urlscan Pro
18.64.79.110 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Submission: On March 07 via api (March 7th 2022, 6:14:01 pm UTC) from DE — Scanned from DE

Summary HTTP 70 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 23 domains to perform 70 HTTP transactions. The main IP is 18.64.79.110, located in United States and belongs to AMAZON-02, US. The main domain is preciouspayload.com.
TLS certificate: Issued by Amazon on November 30th 2021. Valid for: a year.

This is the only time preciouspayload.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.64.79.110 18.64.79.110	16509 (AMAZON-02) (AMAZON-02)
18	2600:9000:223... 2600:9000:223f:e800:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
7	104.111.214.240 104.111.214.240	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.222.232.99 52.222.232.99	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	52.222.236.24 52.222.236.24	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	35.186.241.51 35.186.241.51	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	46.101.132.18 46.101.132.18	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	18.64.103.71 18.64.103.71	16509 (AMAZON-02) (AMAZON-02)
3	18.66.139.109 18.66.139.109	16509 (AMAZON-02) (AMAZON-02)
1	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
70	26

1 18.64.79.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-110.txl50.r.cloudfront.net

preciouspayload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:223f:e800:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.214.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-240.deploy.static.akamaitechnologies.com

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-99.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.236.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-24.fra56.r.cloudfront.net

launch-calc-widget.preciouspayload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.101.132.18 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

hits-i.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.103.71 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-71.txl50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.139.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-109.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	website-files.com assets.website-files.com — Cisco Umbrella Rank: 11859	461 KB
9	iubenda.com cdn.iubenda.com — Cisco Umbrella Rank: 10141 www.iubenda.com — Cisco Umbrella Rank: 11987 hits-i.iubenda.com — Cisco Umbrella Rank: 11059	63 KB
7	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 28691	2 KB
5	preciouspayload.com preciouspayload.com launch-calc-widget.preciouspayload.com api.preciouspayload.com Failed	264 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 434 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com — Cisco Umbrella Rank: 5153	4 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2009	125 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	gstatic.com fonts.gstatic.com	128 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 fonts.googleapis.com — Cisco Umbrella Rank: 35	8 KB
2	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 1998 api-iam.intercom.io — Cisco Umbrella Rank: 2534	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	499 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	114 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2926	69 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 799	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	120 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6433	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 68	444 B
1	t.co t.co — Cisco Umbrella Rank: 448	338 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 464
1	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 1849	343 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 531	6 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
70	23

	Domain	Requested by
18	assets.website-files.com	preciouspayload.com assets.website-files.com
7	mc.yandex.com	2 redirects preciouspayload.com mc.yandex.ru
6	cdn.iubenda.com	preciouspayload.com cdn.iubenda.com
4	launch-calc-widget.preciouspayload.com	preciouspayload.com launch-calc-widget.preciouspayload.com
3	js.intercomcdn.com	widget.intercom.io
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	preciouspayload.com
2	hits-i.iubenda.com	cdn.iubenda.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	preciouspayload.com connect.facebook.net
2	mc.yandex.ru	1 redirects preciouspayload.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.googletagmanager.com	preciouspayload.com www.googletagmanager.com
2	fonts.googleapis.com	ajax.googleapis.com launch-calc-widget.preciouspayload.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	1 redirects
1	www.google.de	preciouspayload.com
1	www.google.com	preciouspayload.com
1	px4.ads.linkedin.com	preciouspayload.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.co	preciouspayload.com
1	analytics.twitter.com	static.ads-twitter.com
1	api-js.mixpanel.com	launch-calc-widget.preciouspayload.com
1	www.iubenda.com	cdn.iubenda.com
1	static.ads-twitter.com	preciouspayload.com
1	d3e54v103j8qbb.cloudfront.net	preciouspayload.com
1	ajax.googleapis.com	preciouspayload.com
1	preciouspayload.com
0	api.preciouspayload.com Failed	launch-calc-widget.preciouspayload.com
70	31

This site contains links to these domains. Also see Links.

Domain
ctrl.preciouspayload.com
www.iubenda.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
preciouspayload.com Amazon	`2021-11-30` - `2022-12-29`	a year	crt.sh
*.website-files.com Amazon	`2021-11-12` - `2022-12-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.iubenda.com DigiCert SHA2 Secure Server CA	`2022-01-31` - `2023-01-31`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
launch-calc-widget.preciouspayload.com Amazon	`2021-09-29` - `2022-10-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-15` - `2022-03-15`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-14`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.intercom.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Frame ID: 98300716462DE0DF3FBCBE7D8D8C46FA
Requests: 55 HTTP requests in this frame

Frame: https://launch-calc-widget.preciouspayload.com/
Frame ID: 38E1AD54852DD37799D3A21358F3A66F
Requests: 8 HTTP requests in this frame

Frame: https://cdn.iubenda.com/cs/bridge/iframe_bridge-1.4.0.html?origin=https%3A%2F%2Fpreciouspayload.com%2F&meth=%22get%22&c_name=%22_iub_cs-44828816%22
Frame ID: B1AF46495CF356CBDDF95C33527F68F3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.iubenda.com/cs/bridge/iframe_bridge-1.4.0.html?origin=https%3A%2F%2Fpreciouspayload.com%2F&meth=%22compact%22
Frame ID: BEDA565AB9AD3A34841B11CE2D20CCF3
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.c81a70e2.js
Frame ID: 00707005290F9A233D66ED52619C008A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Precious Payload – Do rocket science. We'll do the rest.

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Iubenda (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

iubenda\.com/cookie-solution/confs/js/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

91 %
HTTPS

52 %
IPv6

23
Domains

31
Subdomains

26
IPs

4
Countries

1416 kB
Transfer

2820 kB
Size

30
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://ctrl.preciouspayload.com/
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/44828816
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://twitter.com/preciouspayload
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCztg6mWuGX-Bk5k12uT_3Aw
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/preciouspayload/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/preciouspayload/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/preciouspayload/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/terms-and-conditions/44828816
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/44828816/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/44828816/cookie-policy?an=no&s_ck=false&newmarkup=yes
Title: cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9570.iGK-4iW0xrmfzH_SNonQWESxI9LLlBBuyeuDYQ-aJvW4QwGcWupAWONvODLZAyVz.U_R5knqvXIv3KQcJWJmzU4fq9Ws%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9570.Bv7SWhojOkcSwSj6ytgfzJw_PfW_zo2P3dRVTsulLkaZV1gTDypoHJa6iyjO1PPPXF_rKnAdEVUJfBhjz6rKYA%2C%2C.1bYU5sJ6jhDVuKT85VzmThhc_yI%2C

Request Chain 54

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2178466&time=1646676837630&url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2178466%26time%3D1646676837630%26url%3Dhttps%253A%252F%252Fpreciouspayload.com%252F%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253Dmu_feb28_22%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2178466&time=1646676837630&url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2178466&time=1646676837630&url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&liSync=true&e_ipv6=AQIgBVMSWJfdGgAAAX9llocI5uP8Qm9PpIyu3I76sC3c9vsuDe24OrruxYJY_-Ee7nwfB_5MUm0PT8EbiRGBpnMZaI0Fmw

Request Chain 60

https://mc.yandex.com/watch/55219690?wmode=7&page-url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A546403545383%3Ahid%3A118925439%3Az%3A0%3Ai%3A20220307181357%3Aet%3A1646676838%3Ac%3A1%3Arn%3A985382481%3Arqn%3A1%3Au%3A1646676838108289784%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646676836887%3Ads%3A32%2C41%2C75%2C1%2C0%2C0%2C%2C248%2C0%2C%2C%2C%2C398%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646676838%3At%3APrecious%20Payload%20%E2%80%93%20Do%20rocket%20science.%20We%27ll%20do%20the%20rest.&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/55219690/1?wmode=7&page-url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A546403545383%3Ahid%3A118925439%3Az%3A0%3Ai%3A20220307181357%3Aet%3A1646676838%3Ac%3A1%3Arn%3A985382481%3Arqn%3A1%3Au%3A1646676838108289784%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646676836887%3Ads%3A32%2C41%2C75%2C1%2C0%2C0%2C%2C248%2C0%2C%2C%2C%2C398%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646676838%3At%3APrecious%20Payload%20%E2%80%93%20Do%20rocket%20science.%20We%27ll%20do%20the%20rest.&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 62

https://widget.intercom.io/widget/qfyrpkrx HTTP 302
https://js.intercomcdn.com/shim.latest.js

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
preciouspayload.com/ 32 KB
9 KB 148ms
75ms Document
text/html 18.64.79.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-110.txl50.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: b4e19b461d55f20b51376d61d5e86478fbd4b0c183d33fe0341382d3dded796f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
content-length: 9141
date: Mon, 07 Mar 2022 10:43:10 GMT
server: nginx/1.14.2
content-encoding: gzip
accept-ranges: bytes
via: 1.1 varnish, 1.1 7da1d60a481ae3940f6605e4b4cab476.cloudfront.net (CloudFront)
x-served-by: cache-iad-kjyo7100148-IAD
x-cache-hits: 1
x-timer: S1646649791.831327,VS0,VE1
x-cluster-name: us-east-1-prod-edge-eks-15
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: xD_qy-xHshtHt4qWpyMmyRnUjERh3n9oupmyJp95y20V0h3CyFgrOQ==
age: 27707

GET
H2 200 precious-payload-web-5e23-7cfd82d86806c.0634fb57a.css
assets.website-files.com/61362202d92a34a536fcf315/css/ 77 KB
14 KB 76ms
9ms Stylesheet
text/css 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/css/precious-payload-web-5e23-7cfd82d86806c.0634fb57a.css
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 976ec08bd46dd3ec687e418db509dd971944ff91ef6f22157e042f5af185a0b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: oSzSjUVJu0xuD6X_kyDvbEmlPXvfl4P3
content-encoding: gzip
etag: "b8979ce80a3d346fe6eeaec52f2753e4"
age: 8247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13767
last-modified: Fri, 04 Mar 2022 07:27:14 GMT
server: AmazonS3
date: Mon, 07 Mar 2022 18:11:33 GMT
content-type: text/css
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: QBAh0SENgPjM4r3v0hpG9YqebRe0i42vpsJym99fyZ32mOVm7fnxnQ==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 07:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 07:38:11 GMT

GET
H2 200 stub-v2.js Show response
cdn.iubenda.com/cs/tcf/ 2 KB
1 KB 64ms
18ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/tcf/stub-v2.js
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ab0bd19ed5ad90fb72819af221441e8a88091304b4d41b247b0dced128798935

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
content-encoding: br
last-modified: Mon, 07 Mar 2022 12:02:29 GMT
etag: "6225f455-3b1"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
content-type: application/javascript
content-length: 945
expires: Mon, 07 Mar 2022 21:13:57 GMT

GET
H2 200 stub.js Show response
cdn.iubenda.com/cs/ccpa/ 4 KB
2 KB 66ms
20ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/ccpa/stub.js
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bd14ceebd0845b680acf4be88fcca7dcac9b09ef366c8828ed7fb65073ebc385

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
content-encoding: br
last-modified: Mon, 07 Mar 2022 12:02:29 GMT
etag: "6225f455-5f7"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=86400
content-type: application/javascript
content-length: 1527
expires: Tue, 08 Mar 2022 18:13:57 GMT

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 591 B
563 B 19ms
18ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fffef28b2df4d716df7d3e06682055d5fdc82f4fa10d025d215cf3cbb0b10761

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
content-encoding: br
last-modified: Mon, 07 Mar 2022 12:02:29 GMT
etag: "6225f455-133"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
content-type: application/javascript
content-length: 307
expires: Mon, 07 Mar 2022 21:13:57 GMT

GET
H2 200 61362202d92a3451aefcf339_logo_black.svg
assets.website-files.com/61362202d92a34a536fcf315/ 10 KB
4 KB 8ms
6ms Image
image/svg+xml 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61362202d92a3451aefcf339_logo_black.svg
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 491eeb3a1b85e571edd69deec70897616d22c6a6b854631c620ddaff3dd9429d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 16 Sep 2021 09:20:03 GMT
content-encoding: gzip
last-modified: Mon, 06 Sep 2021 14:13:23 GMT
server: AmazonS3
age: 14892835
etag: W/"091289d2862d5c93acf897a186acf801"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: pdTuF61jUuH7It10LIgbEM11mIKRfGnI
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
content-type: image/svg+xml
x-amz-cf-id: dgydE__2Mi14RrFRHSfU8Wbm55cm_9kxxuUd0BWgFU7euAc5PgdPAg==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 33ms
8ms Script
application/javascript 52.222.232.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61362202d92a34a536fcf315
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-99.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://preciouspayload.com/
Origin: https://preciouspayload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 10:19:53 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 28445
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: E2vfnyuf8xEDwzab5JgptxhWU1XzggXkMwC46_fBdKWrYPNbC9X5Gg==

GET
H2 200 precious-payload-web-5e23-7cfd82d86806c.540847fd9.js Show response
assets.website-files.com/61362202d92a34a536fcf315/js/ 54 KB
19 KB 9ms
9ms Script
text/javascript 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/js/precious-payload-web-5e23-7cfd82d86806c.540847fd9.js
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1d18b9fbe73600e3927a5cc968407ca1ac89167d264eeee787815f9a0ac828d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 1Kw4QFaOW5tkLFIX63TER07pGyYu_Qsf
content-encoding: gzip
etag: "c9b04a80c0ccc997dc7b356f7f3ed1c2"
age: 31332
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18499
last-modified: Fri, 04 Mar 2022 07:27:14 GMT
server: AmazonS3
date: Mon, 07 Mar 2022 09:31:46 GMT
content-type: text/javascript
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: _tcUiq62TCsjiJzDX9MggsMb0UudXr7FgYYZWOYxDaZXy-zqWOtiNQ==

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 43ms
21ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:regular,500,600%7CEpilogue:regular,500,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6edbe8bc4433169e0982dab2c02c677b8c27c76d4ff908869bd68b4a313e46e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 18:13:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Mar 2022 18:13:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 18:13:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
56 KB 60ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PJZ5BRG

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f90088f08fb9b2a36c2df6e026851090f41fd2bf5d7ea4108cfb2c32e5100f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57241
x-xss-protection: 0
expires: Mon, 07 Mar 2022 18:13:57 GMT

GET
H2 200 / Show response
launch-calc-widget.preciouspayload.com/ Frame 38E1 2 KB
3 KB 76ms
10ms Document
text/html 52.222.236.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launch-calc-widget.preciouspayload.com/
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 946507a821877537b610573c75918a3d09fd2616442f4b48b36cb839b3cd9859

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/

Response headers

content-type: text/html
content-length: 2336
date: Mon, 07 Mar 2022 06:34:22 GMT
last-modified: Wed, 06 Oct 2021 10:24:12 GMT
etag: "b76d9d6112716123c5d959eafcbfa490"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: G5YalhQ56_HBfEGMY_vAuR8rS9QCfNbNWwhULKkwaQkprEEaFK4MRg==
age: 41976

GET
H2 200 61362202d92a344898fcf33b_IconCheckBlack.svg
assets.website-files.com/61362202d92a34a536fcf315/ 150 B
587 B 7ms
7ms Image
image/svg+xml 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61362202d92a344898fcf33b_IconCheckBlack.svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/61362202d92a34a536fcf315/css/precious-payload-web-5e23-7cfd82d86806c.0634fb57a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24353974b6d117446ff6f6583b4b95eba6ca75092989b34531540539fb85079b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/61362202d92a34a536fcf315/css/precious-payload-web-5e23-7cfd82d86806c.0634fb57a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 02 Jan 2022 15:04:44 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Mon, 06 Sep 2021 14:13:23 GMT
server: AmazonS3
age: 5540954
etag: "adb97897bc1339677f098fdd4f8483e6"
x-cache: Hit from cloudfront
x-amz-version-id: Q_MbhjwqPVCgg7HuEMggNmJbquHIStda
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/svg+xml
content-length: 150
x-amz-cf-id: 2HB5TAD7TTXbJc1-Quloa9A78518qk8MNDQNatm-raQ4FJjP7X3Cuw==

GET
H2 200 61362202d92a346c7ffcf33a_IconCheckWhite.svg
assets.website-files.com/61362202d92a34a536fcf315/ 150 B
585 B 7ms
6ms Image
image/svg+xml 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61362202d92a346c7ffcf33a_IconCheckWhite.svg
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/61362202d92a34a536fcf315/css/precious-payload-web-5e23-7cfd82d86806c.0634fb57a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5482c6c1e5d8471004681460dbf87457d84695de8226ba0ba9f2e3c0b12a2fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.website-files.com/61362202d92a34a536fcf315/css/precious-payload-web-5e23-7cfd82d86806c.0634fb57a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 02 Jan 2022 15:04:45 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Mon, 06 Sep 2021 14:13:23 GMT
server: AmazonS3
age: 5540953
etag: "7d7a35fe09f7b0971646e6090c7aafe5"
x-cache: Hit from cloudfront
x-amz-version-id: U0_jv3hUOleDfNL3T3Lf3GloKD8yDedS
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/svg+xml
content-length: 150
x-amz-cf-id: kAG2_eU8F612GnO6V_k42HA4DcM8If9KmaWjqO1Oa8vVaT4CRjK67w==

GET
H2 200 61362202d92a34100dfcf32b_gk_launch.svg
assets.website-files.com/61362202d92a34a536fcf315/ 5 KB
2 KB 7ms
6ms Image
image/svg+xml 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61362202d92a34100dfcf32b_gk_launch.svg
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f88c2e138a8fbd46be6cad8140db5906b06799e2aab8dae0547e1c69ecd91851

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 16 Sep 2021 09:20:03 GMT
content-encoding: gzip
last-modified: Mon, 06 Sep 2021 14:13:23 GMT
server: AmazonS3
age: 14892835
etag: W/"593f49ed2b4494b1c25b647cd4fc01a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: hDJBX.rVdLHvosz9LZD9TMbSEe1ghDi5
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
content-type: image/svg+xml
x-amz-cf-id: N8Etj_ylscMqaPrjdVaWKalyShXoBFh9TX7xt0LD2MkxM75UEN1gHg==

GET
H2 200 61362202d92a3466bcfcf329_momentus-logo-stacked-color.png
assets.website-files.com/61362202d92a34a536fcf315/ 53 KB
54 KB 9ms
8ms Image
image/png 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61362202d92a3466bcfcf329_momentus-logo-stacked-color.png
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bff3a1ba2ac72e61fa83964115d77826a0fb5c744c5fa2cb6cda54087bdfd911

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 16 Sep 2021 09:20:03 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Mon, 06 Sep 2021 14:13:23 GMT
server: AmazonS3
age: 14892835
etag: "451b8e0f1da956d9fa06cc08950b4225"
x-cache: Hit from cloudfront
x-amz-version-id: AF__zq6DnlRg5DSI.krwRtG1WS1tZMLr
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 54321
x-amz-cf-id: kCMegGEZnNO3YOL6O9MVBsQ8BEQJwEiG2ADByMOot1VfXMXsnS4vgQ==

GET
H2 200 61406ef4090e749ce8528f06_zenno_logo.png
assets.website-files.com/61362202d92a34a536fcf315/ 15 KB
16 KB 15ms
13ms Image
image/png 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61406ef4090e749ce8528f06_zenno_logo.png
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 007d9b0a71ccfa301a1dd92e323e9d0250adeddc54fa3fa72f4cfcbe1d03ee22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 16 Sep 2021 09:20:03 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 09:44:22 GMT
server: AmazonS3
age: 14892835
etag: "1416a43053fe1acc1838cb8e87cdf261"
x-cache: Hit from cloudfront
x-amz-version-id: vU47.EzKL8CCHQDJdmoZLLUtdBX7NJwD
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 15435
x-amz-cf-id: iM7pb3KISxJnALXvn5M8dkCknEUFJW2ZX45a5RAh9hhAfgg_7IuXmw==

GET
H2 200 61407be53e7e1083932cd374_image%2048.png
assets.website-files.com/61362202d92a34a536fcf315/ 7 KB
8 KB 15ms
14ms Image
image/png 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61407be53e7e1083932cd374_image%2048.png
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67bc504bc328f92c384ac6c5a0c008e83678123d5c8e2b6721f157ef60cabea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 06 Feb 2022 07:42:31 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 10:39:36 GMT
server: AmazonS3
age: 2543487
etag: "6438f09ccdce4016984d52ad353d85f5"
x-cache: Hit from cloudfront
x-amz-version-id: ciRI_TjlfT3Rz9lcdtxRB_sbZ02lykk2
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 7400
x-amz-cf-id: Ca7DunHcX4Pq3LoHfkiDlno7slGWucQJygXcXlEvL3pzmLf6caaLOQ==

GET
H2 200 61406df96f552ded812e297b_steamjet-small-logo_orange_HR-p-1600.png
assets.website-files.com/61362202d92a34a536fcf315/ 17 KB
18 KB 17ms
16ms Image
image/png 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61406df96f552ded812e297b_steamjet-small-logo_orange_HR-p-1600.png
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8fd5c4cd1073463bfb9287ab3f0c31c935796db5caec9751082b0f048029003

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 05 Feb 2022 14:01:57 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 09:40:20 GMT
server: AmazonS3
age: 2607121
etag: "ef25d87f0bc9b09f58434c72326a0db4"
x-cache: Hit from cloudfront
x-amz-version-id: _zrilbP97lDto_kSS64w3zjj2BNtgTT8
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 17898
x-amz-cf-id: ZT54LuDnGWjMkevTMcgI-1o-oxSX43Uu3fVguUuLPUjN4Pu0el6IIg==

GET
H2 200 61362202d92a345f97fcf32e_ArtBudget-p-500.png
assets.website-files.com/61362202d92a34a536fcf315/ 27 KB
28 KB 18ms
17ms Image
image/png 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61362202d92a345f97fcf32e_ArtBudget-p-500.png
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ae2448dff1827b12ce4837f39cf84b1f5196cfdb5c13ebee7cdb179a2ac558e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 01 Jan 2022 11:14:38 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Mon, 06 Sep 2021 14:13:23 GMT
server: AmazonS3
age: 5641160
etag: "5ab9e200171cdcc2783c407d742e4788"
x-cache: Hit from cloudfront
x-amz-version-id: AxrxORW00.I8nxmg5fsWfdcxENNBQebf
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 28153
x-amz-cf-id: YAi1yrPi1IwewwUAnfPvTquRuu1dvxe-l9hxsaD08rKiiMoFMLEkpQ==

GET
H2 200 61362202d92a34a061fcf32a_ArtFitcheck-p-500.png
assets.website-files.com/61362202d92a34a536fcf315/ 15 KB
16 KB 21ms
20ms Image
image/png 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61362202d92a34a061fcf32a_ArtFitcheck-p-500.png
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e93fc4255eee582c39738ac8f4ea1ede530dd15eee5c1a850097fe8f65b18fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 03 Jan 2022 12:25:06 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Mon, 06 Sep 2021 14:13:23 GMT
server: AmazonS3
age: 5464132
etag: "4cd76a161c9ac28008a19774044b8800"
x-cache: Hit from cloudfront
x-amz-version-id: o3X98gWS8ifXTApO6_GXG9at7V3MAmTL
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 15676
x-amz-cf-id: R_Olnp8w9sv0q75U6cYDFGIRrPGJmCepm26DXl3hWdYRpxQZ3kb6xg==

GET
H2 200 61362202d92a3403b2fcf32f_ArtZeroHustlePaperwork-p-500.png
assets.website-files.com/61362202d92a34a536fcf315/ 39 KB
40 KB 22ms
22ms Image
image/png 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/61362202d92a3403b2fcf32f_ArtZeroHustlePaperwork-p-500.png
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ac9e1b3eb53e36a365bf9a607a8538e4dcb3714aa1ea1df80a1a1fde87155f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 09 Jan 2022 18:19:04 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Mon, 06 Sep 2021 14:13:23 GMT
server: AmazonS3
age: 4924494
etag: "5440f2836774e2060b80cf0047a60618"
x-cache: Hit from cloudfront
x-amz-version-id: GaxKWBoIAwCoobJkPjMaDoK8EdT5nf3t
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 40420
x-amz-cf-id: cPWQKDcqLE6ob8UJxopHDY3ICPyWYHp4DW3YDzFMkcWfFJzRIr2suw==

GET
H2 200 613b7485b071b900f2810aeb_Faster.gif
assets.website-files.com/61362202d92a34a536fcf315/ 38 KB
39 KB 32ms
32ms Image
image/gif 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/613b7485b071b900f2810aeb_Faster.gif
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 244c79256d283fdea4db319f534d82b4c9bec706917ca8070d71b867dc6d3110

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 09 Jan 2022 18:19:04 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 15:06:47 GMT
server: AmazonS3
age: 4924494
etag: "c62270175cf07b9b6d30d1a91db0d2e3"
x-cache: Hit from cloudfront
x-amz-version-id: ot0KegPmXlmdkmJ7N4bDwIAuWHM8MFfu
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
content-length: 39217
x-amz-cf-id: CggO5_Bvp4WtTg6vAG4C-lYbGCrC4MiF_vluRxGHitfjRKTNzLYovQ==

GET
H2 200 6140838eebd115613c3505d1_1621186992478%20(1).jpeg
assets.website-files.com/61362202d92a34a536fcf315/ 49 KB
50 KB 12ms
8ms Image
image/jpeg 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/6140838eebd115613c3505d1_1621186992478%20(1).jpeg
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e32019ac606d29331fc3506622fac498c35d4398fe9469a728d2a8d0c6cd356b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 04 Oct 2021 05:20:38 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Tue, 14 Sep 2021 11:12:16 GMT
server: AmazonS3
age: 13352000
etag: "4708491a799a3e3d3664c3f674d90dee"
x-cache: Hit from cloudfront
x-amz-version-id: 1vqLQ5cB5c.CAhRvIHItY2S0lUBCNRev
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
content-length: 50506
x-amz-cf-id: -eASFbFFR46FU03eS8IxPgECByi3pBt4Uw3l2ePa88aaTgjb5AKTVA==

GET
H2 200 614c70cfe654ecf8bc9e9d5f_image%2021.png
assets.website-files.com/61362202d92a34a536fcf315/ 97 KB
98 KB 16ms
13ms Image
image/png 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/614c70cfe654ecf8bc9e9d5f_image%2021.png
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfa180199e89f5eb045cb666cc1df401c5ce32b2c61c0ce71b0fcfe508355abe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 23 Sep 2021 12:20:07 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 12:19:29 GMT
server: AmazonS3
age: 14277231
etag: "438e37b60b05cf8409a646bdba086490"
x-cache: Hit from cloudfront
x-amz-version-id: vd.gvfXq93wiuT.Vi80MabcxxXXiC.Vv
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 99587
x-amz-cf-id: iM1BQzQjkH77k_FNMgWgRup8UxYqJMMeTn0wO3NHVRIzk5F0QYVjnA==

GET
H2 200 614204d01bcdd8f13b933b0e_unnamed%20(2).jpeg
assets.website-files.com/61362202d92a34a536fcf315/ 11 KB
11 KB 26ms
22ms Image
image/jpeg 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/614204d01bcdd8f13b933b0e_unnamed%20(2).jpeg
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4391e2ce1e76f83d8655083ff52a9448c6780d35ee90f5bbaaaa96f30759ab3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 09 Jan 2022 18:19:05 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Wed, 15 Sep 2021 14:36:02 GMT
server: AmazonS3
age: 4924493
etag: "fa65b9d05b9b28bea5fab508cd426623"
x-cache: Hit from cloudfront
x-amz-version-id: ca8oRttSE5q_pqN89sm1FfNRelW8hcas
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
content-length: 10934
x-amz-cf-id: eG79oR2udGAvF0zMn6qOOdSM3oUC1EAb7YuOLTjrX9iWNnw46BKyWQ==

GET
H2 200 615ca9c7fc489ee6a1248d58_image%202.png
assets.website-files.com/61362202d92a34a536fcf315/ 44 KB
45 KB 28ms
24ms Image
image/png 2600:9000:223f:e800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/61362202d92a34a536fcf315/615ca9c7fc489ee6a1248d58_image%202.png
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65ea65b577480821d25d219bc954cdf98a1d597c94bab440d9a9229418dc8086

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 06 Oct 2021 04:12:56 GMT
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 19:38:49 GMT
server: AmazonS3
age: 13183262
etag: "93e80825d6ac83165cefa6228ba74b74"
x-cache: Hit from cloudfront
x-amz-version-id: aqWDR8VUjZQBzOAUeucw1RXJ4Ht9gXDR
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/png
content-length: 45491
x-amz-cf-id: e1pYFriosacWuqDlHqqd7RHIii0EY9goIW9O5TYz9pDvWDOhl0PYIw==

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v16/ 47 KB
48 KB 39ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v16/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:regular,500,600%7CEpilogue:regular,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://preciouspayload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 13:16:20 GMT
x-content-type-options: nosniff
age: 190657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:24:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 05 Mar 2023 13:16:20 GMT

GET
H2 200 O4ZRFGj5hxF0EhjimlIksgg.woff2
fonts.gstatic.com/s/epilogue/v11/ 32 KB
33 KB 51ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/epilogue/v11/O4ZRFGj5hxF0EhjimlIksgg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:regular,500,600%7CEpilogue:regular,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa126a7bfc3a4686e050e09ba9f1e48e2696939d5fce7ac9d1e427ec9171fa80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://preciouspayload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 21:02:48 GMT
x-content-type-options: nosniff
age: 508269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33196
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:14:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 21:02:48 GMT

GET
H2 200 core-en.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.2/ 271 KB
56 KB 20ms
19ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.2/core-en.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f694ce570f9785dd10d595f5c5f75821386fcac08c115eac501fc465f7135af4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
content-encoding: br
last-modified: Mon, 07 Mar 2022 12:02:29 GMT
etag: "6225f455-df69"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
content-type: application/javascript
content-length: 57193
expires: Tue, 07 Mar 2023 18:13:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 38E1 2 KB
515 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500&display=swap

Requested by

Host: launch-calc-widget.preciouspayload.com
URL: https://launch-calc-widget.preciouspayload.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1e36f2db884703dbf59d92d080fe56610e168dbcf997cc9823b97a01bad9325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://launch-calc-widget.preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 18:13:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Mar 2022 18:13:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 18:13:57 GMT

GET
H2 200 main.d77dc40a.chunk.css
launch-calc-widget.preciouspayload.com/static/css/ Frame 38E1 4 KB
4 KB 7ms
7ms Stylesheet
text/css 52.222.236.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launch-calc-widget.preciouspayload.com/static/css/main.d77dc40a.chunk.css
Requested by: Host: launch-calc-widget.preciouspayload.com
URL: https://launch-calc-widget.preciouspayload.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04a59eaff111f2a408222c7471721b0d7f4e6e608d0cd62ac1f3377303e424bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://launch-calc-widget.preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 18:22:34 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 10:24:17 GMT
server: AmazonS3
age: 85883
etag: "684069c2c8a6f664563ad14e756bc113"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA56-P4
content-length: 3654
x-amz-cf-id: mCsrl0AgGpaVDT2P7JMCVmr-_IwE3qI3MvdnhMKxIbw_Vw13QKP6jA==

GET
H2 200 2.cc719b58.chunk.js Show response
launch-calc-widget.preciouspayload.com/static/js/ Frame 38E1 240 KB
241 KB 11ms
10ms Script
application/javascript 52.222.236.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launch-calc-widget.preciouspayload.com/static/js/2.cc719b58.chunk.js
Requested by: Host: launch-calc-widget.preciouspayload.com
URL: https://launch-calc-widget.preciouspayload.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 614cebde07aeb6d18aa8608084a77f50402ffd5056687dd845ffad5031c16356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://launch-calc-widget.preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 06:34:22 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 10:24:25 GMT
server: AmazonS3
age: 41976
etag: "6ede74951546455894fb48a1646ac3ab"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P4
content-length: 245744
x-amz-cf-id: hwvkXGpiVKsS3aGzlbvoXARmgzPJkuL4DJQu4Cny1zcUCZpArqG67A==

GET
H2 200 main.dcb1a39a.chunk.js Show response
launch-calc-widget.preciouspayload.com/static/js/ Frame 38E1 7 KB
8 KB 9ms
9ms Script
application/javascript 52.222.236.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launch-calc-widget.preciouspayload.com/static/js/main.dcb1a39a.chunk.js
Requested by: Host: launch-calc-widget.preciouspayload.com
URL: https://launch-calc-widget.preciouspayload.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f389e5aacbeadd516f2dcbb5bdc3a8b141f983c99cb9c0fd081b82bdb53bdbc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://launch-calc-widget.preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 06:34:23 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 10:24:22 GMT
server: AmazonS3
age: 41975
etag: "cd2b4096dfbbdbe0f4409003376a2927"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P4
content-length: 7539
x-amz-cf-id: 4OpdzR1_9nnaqEIxvsHvN1SilR4vCgZPiAFDR7_hOYcbCr7El01pEA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 56ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FKN8B51E3Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJZ5BRG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ad1511dafca6ed31779420217182ab8aa3d0f23891b7f1986b8ad8eedc3cfbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64768
x-xss-protection: 0
expires: Mon, 07 Mar 2022 18:13:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 57ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJZ5BRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 545
date: Mon, 07 Mar 2022 18:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 07 Mar 2022 20:04:52 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1006 B
792 B 89ms
20ms Script
application/x-javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJZ5BRG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 18:13:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Feb 2022 18:48:07 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=14244
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
68 KB 147ms
69ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-10fdc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69596
expires: Mon, 07 Mar 2022 19:13:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 55ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: PfHBi0ev/pqP/sOoldgapP9oHtW0Gvq5IrjUrtEnWgVxXetyC2ojS522tUShtExH8zlpcl89Tl/uBf3zcdEW+Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 07 Mar 2022 18:13:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 64ms
17ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200093-IAD, cache-hhn11557-HHN

GET
H2 200 44828816.js Show response
www.iubenda.com/cookie-solution/confs/js/ 101 B
480 B 28ms
26ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iubenda.com/cookie-solution/confs/js/44828816.js

Requested by

Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.2/core-en.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-214-240.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

82932a6a203623f3f67f67cdec8a714db64c2a9fe42082febe3f23bfef3ff88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
access-control-request-method: *
etag: "6205127e-65"
content-encoding: gzip
content-length: 99
last-modified: Thu, 10 Feb 2022 13:26:22 GMT
server: nginx
date: Mon, 07 Mar 2022 18:13:57 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Tue, 08 Mar 2022 18:13:57 GMT

GET
H2 200 / Show response
api-js.mixpanel.com/decide/ Frame 38E1 65 B
343 B 64ms
17ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=749588b547cd28d7571d0259d4e48c52&ip=1&_=1646676837421
Requested by: Host: launch-calc-widget.preciouspayload.com
URL: https://launch-calc-widget.preciouspayload.com/static/js/2.cc719b58.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.241.186.35.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://launch-calc-widget.preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://launch-calc-widget.preciouspayload.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v16/ Frame 38E1 47 KB
47 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v16/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://launch-calc-widget.preciouspayload.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 13:16:20 GMT
x-content-type-options: nosniff
age: 190657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:24:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 05 Mar 2023 13:16:20 GMT

POST options
api.preciouspayload.com/landing/launch/budget/ Frame 38E1 0
0

OPTIONS options
api.preciouspayload.com/landing/launch/budget/ Frame 0
0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 36ms
19ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FKN8B51E3Q&gtm=2oe320&_p=387259128&_z=ccd.B&cid=1041617414.1646676838&ul=en-us&sr=1600x1200&_s=1&sid=1646676837&sct=1&seg=0&dl=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&dt=Precious%20Payload%20%E2%80%93%20Do%20rocket%20science.%20We%27ll%20do%20the%20rest.&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FKN8B51E3Q&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:13:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://preciouspayload.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=387259128&t=pageview&_s=1&dl=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&ul=en-us&de=UTF-8&dt=Precious%20Payload%20%E2%80%93%20Do%20rocket%20science.%20We%27ll%20do%20the%20rest.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=2046139754&gjid=1705900943&cid=1041617414.1646676838&tid=UA-91176547-1&_gid=1438647259.1646676838&_r=1&gtm=2wg320PJZ5BRG&z=861855093

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://preciouspayload.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:13:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://preciouspayload.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 297855440837574 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 195ms
185ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/297855440837574?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a53b4626ffffa07a224fb710f78d7badbb2a7cfe0e8f3b33c7ce30e9327a0ef8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 2bdwpG+EX5nNBkI7Mh7c2/Lzil/4x6Tc4k0EoUb603CqAI9n/qRtAR0XkqurxUC7rRfCp9JRCtLniSihptYo4Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 07 Mar 2022 18:13:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_bridge-1.4.0.html Show response
cdn.iubenda.com/cs/bridge/ Frame B1AF 3 KB
1 KB 21ms
19ms Document
text/html 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/bridge/iframe_bridge-1.4.0.html?origin=https%3A%2F%2Fpreciouspayload.com%2F&meth=%22get%22&c_name=%22_iub_cs-44828816%22
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.2/core-en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c57bdf5dffa60db6d0caae840bcc76277f71653f45aa293a30d4f15aff9ed0ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html
etag: "6225f455-49b"
last-modified: Mon, 07 Mar 2022 12:02:29 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
content-length: 1179
cache-control: public, must-revalidate, proxy-revalidate, max-age=86400
expires: Tue, 08 Mar 2022 18:13:57 GMT
date: Mon, 07 Mar 2022 18:13:57 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 24ms
22ms Script
application/x-javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 18:13:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 23:50:54 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=27213
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 403 adsct
analytics.twitter.com/i/ 0
0 132ms
115ms Script
text/plain 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o43u3&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=683206d3-2592-4386-aa11-1a881d0a96ae&tw_document_href=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 108
date: Mon, 07 Mar 2022 18:13:57 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: a4715a07b096aa9317b44eaf9ccfd561792b8c424c77a0f4b97325ec6633a305
content-length: 0
strict-transport-security: max-age=631138519

GET
H2 200 adsct
t.co/i/ 43 B
338 B 132ms
115ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o43u3&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=683206d3-2592-4386-aa11-1a881d0a96ae&tw_document_href=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 07 Mar 2022 18:13:56 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: d6a34450326920023909af3695f62e0096e95164b45c86417c74587050bfea75
content-length: 43

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 75ms
20ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-91176547-1&cid=1041617414.1646676838&jid=2046139754&gjid=1705900943&_gid=1438647259.1646676838&_u=YADAAEAAAAAAAC~&z=1320310181

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://preciouspayload.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Mar 2022 18:13:57 GMT
content-type: text/plain
access-control-allow-origin: https://preciouspayload.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9570.iGK-4iW0xrmfzH_SNonQWESxI9LLlBBuyeuDYQ-aJvW4QwGcWupAWONvODLZAyVz.U_R5knqvXIv3KQcJWJmzU4fq9Ws%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9570.Bv7SWhojOkcSwSj6ytgfzJw_PfW_zo2P3dRVTsulLkaZV1gTDypoHJa6iyjO1PPPXF_rKnAdEVUJfBhjz6rKYA%2C%2C.1bYU5sJ6jhDVuKT85VzmThhc_yI%2C

75 B
75 B

35ms
34ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9570.Bv7SWhojOkcSwSj6ytgfzJw_PfW_zo2P3dRVTsulLkaZV1gTDypoHJa6iyjO1PPPXF_rKnAdEVUJfBhjz6rKYA%2C%2C.1bYU5sJ6jhDVuKT85VzmThhc_yI%2C

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9570.Bv7SWhojOkcSwSj6ytgfzJw_PfW_zo2P3dRVTsulLkaZV1gTDypoHJa6iyjO1PPPXF_rKnAdEVUJfBhjz6rKYA%2C%2C.1bYU5sJ6jhDVuKT85VzmThhc_yI%2C
date: Mon, 07 Mar 2022 18:13:57 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 39ms
39ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Mar 2022 19:13:57 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2178466&time=1646676837630&url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2178466%26time%3D1646676837630%26url%3Dhttps%253A%252F%252Fpreciouspayload.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2178466&time=1646676837630&url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&li...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2178466&time=1646676837630&url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&l...

0
480 B

289ms
193ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2178466&time=1646676837630&url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&liSync=true&e_ipv6=AQIgBVMSWJfdGgAAAX9llocI5uP8Qm9PpIyu3I76sC3c9vsuDe24OrruxYJY_-Ee7nwfB_5MUm0PT8EbiRGBpnMZaI0Fmw
Requested by: Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 09D29F6F6FA9438A87ABE551A97798D4 Ref B: FRAEDGE1214 Ref C: 2022-03-07T18:13:58Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXZpNQENQ70BNzBocLr9g==
x-li-fabric: prod-lor1

Redirect headers

date: Mon, 07 Mar 2022 18:13:58 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2EE9EBA41F5F45BB90858B91512C43E8 Ref B: FRAEDGE1419 Ref C: 2022-03-07T18:13:58Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2178466&time=1646676837630&url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&liSync=true&e_ipv6=AQIgBVMSWJfdGgAAAX9llocI5uP8Qm9PpIyu3I76sC3c9vsuDe24OrruxYJY_-Ee7nwfB_5MUm0PT8EbiRGBpnMZaI0Fmw
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXZpNP/TPkBz2One0Jj+Q==

GET
H2 200 iframe_bridge-1.4.0.html Show response
cdn.iubenda.com/cs/bridge/ Frame BEDA 3 KB
1 KB 22ms
19ms Document
text/html 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/bridge/iframe_bridge-1.4.0.html?origin=https%3A%2F%2Fpreciouspayload.com%2F&meth=%22compact%22
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.2/core-en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c57bdf5dffa60db6d0caae840bcc76277f71653f45aa293a30d4f15aff9ed0ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html
etag: "6225f455-49b"
last-modified: Mon, 07 Mar 2022 12:02:29 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
content-length: 1179
cache-control: public, must-revalidate, proxy-revalidate, max-age=86400
expires: Tue, 08 Mar 2022 18:13:57 GMT
date: Mon, 07 Mar 2022 18:13:57 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 74ms
31ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91176547-1&cid=1041617414.1646676838&jid=2046139754&_u=YADAAEAAAAAAAC~&z=1080797142

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:13:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 74ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91176547-1&cid=1041617414.1646676838&jid=2046139754&_u=YADAAEAAAAAAAC~&z=1080797142

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:13:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 write Show response
hits-i.iubenda.com/ 0
402 B 15ms
14ms XHR
text/plain 46.101.132.18
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.2/core-en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.132.18 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://preciouspayload.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Basic aGl0czFfdTpoaXRzMV91cHdk
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
server: nginx
x-influxdb-build: OSS
access-control-allow-methods: DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin: https://preciouspayload.com
access-control-expose-headers: Date, X-InfluxDB-Version, X-InfluxDB-Build
request-id: 5b4472ec-9e42-11ec-bf39-0242ac110003
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
x-influxdb-version: 1.8.2
x-request-id: 5b4472ec-9e42-11ec-bf39-0242ac110003

OPTIONS
H2 204 write
hits-i.iubenda.com/ Frame 0
0 39ms
15ms Preflight
text/plain 46.101.132.18
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.132.18 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://preciouspayload.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 07 Mar 2022 18:13:57 GMT
access-control-allow-origin: https://preciouspayload.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *, authorization
access-control-max-age: 1728000
access-control-allow-credentials: true
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2

200

1 Show response
mc.yandex.com/watch/55219690/
Redirect Chain

https://mc.yandex.com/watch/55219690?wmode=7&page-url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&charset=utf-8&browser-info=pv%...
https://mc.yandex.com/watch/55219690/1?wmode=7&page-url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&charset=utf-8&browser-info=p...

357 B
439 B

36ms
36ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/55219690/1?wmode=7&page-url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A546403545383%3Ahid%3A118925439%3Az%3A0%3Ai%3A20220307181357%3Aet%3A1646676838%3Ac%3A1%3Arn%3A985382481%3Arqn%3A1%3Au%3A1646676838108289784%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646676836887%3Ads%3A32%2C41%2C75%2C1%2C0%2C0%2C%2C248%2C0%2C%2C%2C%2C398%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646676838%3At%3APrecious%20Payload%20%E2%80%93%20Do%20rocket%20science.%20We%27ll%20do%20the%20rest.&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ad7de59bfbd4f9b6b62bda5d7b778099a62543d1bc4999e440d06d83daf3dbd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:13:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 07-Mar-2022 18:13:57 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://preciouspayload.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Mon, 07-Mar-2022 18:13:57 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:13:57 GMT
last-modified: Mon, 07-Mar-2022 18:13:57 GMT
location: /watch/55219690/1?wmode=7&page-url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A546403545383%3Ahid%3A118925439%3Az%3A0%3Ai%3A20220307181357%3Aet%3A1646676838%3Ac%3A1%3Arn%3A985382481%3Arqn%3A1%3Au%3A1646676838108289784%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646676836887%3Ads%3A32%2C41%2C75%2C1%2C0%2C0%2C%2C248%2C0%2C%2C%2C%2C398%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646676838%3At%3APrecious%20Payload%20%E2%80%93%20Do%20rocket%20science.%20We%27ll%20do%20the%20rest.&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://preciouspayload.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 07-Mar-2022 18:13:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 27ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=297855440837574&ev=PageView&dl=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&rl=&if=false&ts=1646676837816&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646676837814.1658907454&it=1646676837567&coo=false&rqm=GET

Requested by

Host: preciouspayload.com
URL: https://preciouspayload.com/?utm_source=newsletter&utm_medium=email&utm_campaign=mu_feb28_22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 07 Mar 2022 18:13:57 GMT

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/qfyrpkrx
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

40ms
7ms

Script
application/javascript

18.66.139.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Server: 18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93017ad948c70b6f6857f46631e4154757030f4e4adc67a5f7978b8ffa8c2ad4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 07 Mar 2022 18:10:59 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 14:15:55 GMT
server: AmazonS3
age: 179
etag: "9935c2d8fc388d34f0763b807cb79834"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 6085
x-amz-cf-id: TFGE-QkBObVbxCQEr9o7J4uqO1yU8W3o-ZaMjOJVQvhB2TJt_u9n8g==

Redirect headers

date: Mon, 28 Feb 2022 09:34:11 GMT
via: 1.1 d0eca2095801c087da79efef3ee8a5a8.cloudfront.net (CloudFront)
server: AmazonS3
age: 635988
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: TXL50-P3
content-length: 0
x-amz-cf-id: 4p0tuo3g7R3mNUleyvnt3r0pgGUZFei2qUu1xxYG3-N2shVsyApzxA==

GET
H2 200 frame-modern.c81a70e2.js Show response
js.intercomcdn.com/ Frame 0070 298 KB
80 KB 8ms
8ms Script
application/javascript 18.66.139.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.c81a70e2.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/qfyrpkrx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51f4e046451fb0f91e103603166c0daeb954d62b04a6eec1f2b7d8aeff5590b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 07 Mar 2022 16:15:56 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 14:14:46 GMT
server: AmazonS3
age: 7083
etag: "035637ad0f33aa8e94791d87d44fc8da"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 81458
x-amz-cf-id: orRZ3Z8dys8OvGpRZnQtO7xS6OHcBSZZ48_-tE_okgQDevvV69ReOg==

GET
H2 200 vendor-modern.45b68407.js Show response
js.intercomcdn.com/ Frame 0070 127 KB
39 KB 18ms
18ms Script
application/javascript 18.66.139.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.45b68407.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/qfyrpkrx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a7110337a5dfa1d73bec1caab0531b52ca29b79a32b128c4f62954a1725adf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 07 Mar 2022 16:20:52 GMT
content-encoding: gzip
last-modified: Fri, 04 Mar 2022 16:57:27 GMT
server: AmazonS3
age: 6787
etag: "9eff99c053907fddcd637acecf42738c"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 39552
x-amz-cf-id: oewa79LXK7aJuMwbHobTqo43OH3X6TBGPbbVRMfImHBJDMSRgb3dkw==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 0070 4 KB
2 KB 710ms
510ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c81a70e2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

52325f7a9704e18bff1fa4750629dc486b3f0cc823682556c2cae6b8fef927a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Mar 2022 18:13:59 GMT
content-encoding: gzip
x-ami-version: ami-0f35f6992487260ba
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept,Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 00050tg205hcdjbotk2g
x-runtime: 0.401978
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"52325f7a9704e18bff1fa4750629dc48"
x-ratelimit-remaining: 13332
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://preciouspayload.com
x-intercom-version: c5f481f68225b5bdc8121d31d1048bcbaf61b87c
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1646676840
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=297855440837574&ev=Microdata&dl=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&rl=&if=false&ts=1646676839319&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Precious%20Payload%20%E2%80%93%20Do%20rocket%20science.%20We%27ll%20do%20the%20rest.%22%2C%22meta%3Adescription%22%3A%22Digital%20service%20for%20engineering%20teams%20planning%20to%20launch%20their%20satellite.%20Focus%20on%20mission%20goal%20instead%20of%20wasting%20yourself%20on%20routine%20paperwork.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1646676837814.1658907454&it=1646676837567&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://preciouspayload.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 18:13:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 07 Mar 2022 18:13:59 GMT

POST
H2 200 55219690 Show response
mc.yandex.com/webvisor/ 43 B
145 B 147ms
41ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/55219690?wmode=0&wv-part=1&wv-hit=118925439&page-url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&rn=894766575&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1646676840%3Aw%3A1600x1200%3Av%3A760%3Az%3A0%3Ai%3A20220307181400%3Au%3A1646676838108289784%3Avf%3A7oivoclvhnsftt6hmgv%3Awe%3A1%3Ast%3A1646676840&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://preciouspayload.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:14:00 GMT
last-modified: Mon, 07-Mar-2022 18:14:00 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://preciouspayload.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 07-Mar-2022 18:14:00 GMT

POST
H2 200 55219690 Show response
mc.yandex.com/webvisor/ 43 B
73 B 35ms
35ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/55219690?wmode=0&wv-part=1&wv-hit=118925439&page-url=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&rn=86940854&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1646676841%3Aw%3A1600x1200%3Av%3A760%3Az%3A0%3Ai%3A20220307181400%3Au%3A1646676838108289784%3Avf%3A7oivoclvhnsftt6hmgv%3Awe%3A1%3Ast%3A1646676841&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://preciouspayload.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 18:14:00 GMT
last-modified: Mon, 07-Mar-2022 18:14:00 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://preciouspayload.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 07-Mar-2022 18:14:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.preciouspayload.com
URL: https://api.preciouspayload.com/landing/launch/budget/options

Domain: api.preciouspayload.com
URL: https://api.preciouspayload.com/landing/launch/budget/options

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.preciouspayload.com/	1970-01-20 03:34:12	Name: _gcl_au Value: 1.1.442152604.1646676837
.preciouspayload.com/	1970-01-20 10:10:12	Name: mp_749588b547cd28d7571d0259d4e48c52_mixpanel Value: %7B%22distinct_id%22%3A%20%2217f6596842aa51-030e013ae1b3f1-977173c-1d4c00-17f6596842bb0a%22%2C%22%24device_id%22%3A%20%2217f6596842aa51-030e013ae1b3f1-977173c-1d4c00-17f6596842bb0a%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fpreciouspayload.com%2F%22%2C%22%24initial_referring_domain%22%3A%20%22preciouspayload.com%22%7D
.preciouspayload.com/	1970-01-20 18:55:48	Name: _ga_FKN8B51E3Q Value: GS1.1.1646676837.1.0.1646676837.0
.preciouspayload.com/	1970-01-20 18:55:48	Name: _ga Value: GA1.2.1041617414.1646676838
.preciouspayload.com/	1970-01-20 01:26:03	Name: _gid Value: GA1.2.1438647259.1646676838
.preciouspayload.com/	1970-01-20 01:24:36	Name: _gat_UA-91176547-1 Value: 1
.preciouspayload.com/	1970-01-20 10:10:12	Name: _ym_uid Value: 1646676838108289784
.preciouspayload.com/	1970-01-20 10:10:12	Name: _ym_d Value: 1646676838
.mc.yandex.com/	1970-01-20 01:24:37	Name: sync_cookie_csrf Value: 2922072164fake
.preciouspayload.com/	1970-01-20 01:25:48	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 01:24:37	Name: sync_cookie_csrf Value: 3148537833fake
.t.co/	1970-01-20 18:55:48	Name: muc_ads Value: 9b817ce4-40d2-4f97-b901-9ff5fd048d42
.yandex.com/	1970-01-20 10:10:12	Name: yandexuid Value: 3144668051646676837
.yandex.com/	1970-01-20 10:10:12	Name: yuidss Value: 3144668051646676837
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1743728511646676837
.yandex.com/	1970-01-23 17:00:36	Name: i Value: vw0H737Oljv+h7VXC/m2slw+PG3dNmzNKB2JQ/FAqIFgvM8rDTNdGtU7dyvAcaVsEpYv0z+xKYN1cQ8RWwBBp5H+pI8=
.yandex.com/	1970-01-20 10:10:12	Name: ymex Value: 1678212837.yrts.1646676837#1678212837.yrtsi.1646676837
.preciouspayload.com/	1970-01-20 03:34:12	Name: _fbp Value: fb.1.1646676837814.1658907454
.preciouspayload.com/	1970-01-20 01:24:38	Name: _ym_visorc Value: w
.facebook.com/	1970-01-20 03:34:12	Name: fr Value: 06tMN0imfOAkxBpIH..BiJktl...1.0.BiJktl.
.linkedin.com/	1970-01-20 02:07:48	Name: UserMatchHistory Value: AQLlgEre6YV_bAAAAX9lloV_A2Y9NqN5N63fGMQvpF3ObDeUKJ3e7kd5mqfEAqnbHN1rbT5BHZu21A
.linkedin.com/	1970-01-20 02:07:48	Name: AnalyticsSyncHistory Value: AQKkvH_YJnW1cwAAAX9lloV_JA8Is0perNBraQH65SYh08YVvjb5iJuVDq0iwsQUxyCWatHlKQZYmGKGmPPuPw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:56:30	Name: bcookie Value: "v=2&ee73d8bf-8bcb-4a90-8c3d-77988f1bbeda"
.linkedin.com/	1970-01-20 01:26:03	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2643:u=1:x=1:i=1646676837:t=1646763237:v=2:sig=AQFzCol7qk_xwp1ZX1uAF7J2-X_pHSwu"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:56:30	Name: bscookie Value: "v=1&202203071813573a7d55c9-b628-427e-873a-1be49435e3cfAQEejBujxYXOuvGYsRlYVRMSlidBowtf"
.linkedin.com/	1970-01-20 18:50:25	Name: li_gc Value: MTswOzE2NDY2NzY4Mzc7MjswMjFt+vKCKCvCjy6tdobWd7ke0pt002dXSuTAvG2SeaAEEg==
.preciouspayload.com/	1970-01-20 07:53:26	Name: intercom-id-qfyrpkrx Value: da7a988a-c015-46d5-8bc6-76bc455a01e2
.preciouspayload.com/	1970-01-20 01:34:41	Name: intercom-session-qfyrpkrx Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.preciouspayload.com/landing/launch/budget/options Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o43u3&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=683206d3-2592-4386-aa11-1a881d0a96ae&tw_document_href=https%3A%2F%2Fpreciouspayload.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dmu_feb28_22&tpx_cb=twttr.conversion.loadPixels Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9570.Bv7SWhojOkcSwSj6ytgfzJw_PfW_zo2P3dRVTsulLkaZV1gTDypoHJa6iyjO1PPPXF_rKnAdEVUJfBhjz6rKYA%2C%2C.1bYU5sJ6jhDVuKT85VzmThhc_yI%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
api-iam.intercom.io
api-js.mixpanel.com
api.preciouspayload.com
assets.website-files.com
cdn.iubenda.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hits-i.iubenda.com
js.intercomcdn.com
launch-calc-widget.preciouspayload.com
mc.yandex.com
mc.yandex.ru
preciouspayload.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.iubenda.com
www.linkedin.com
api.preciouspayload.com
104.111.214.240
104.244.42.67
104.244.42.69
13.107.42.14
18.64.103.71
18.64.79.110
18.66.139.109
199.232.136.157
2600:9000:223f:e800:11:3b84:d200:93a1
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c07::9d
2a02:26f0:6c00::210:ba11
2a02:6b8::1:119
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.186.241.51
46.101.132.18
52.222.232.99
52.222.236.24
99.83.219.81
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
007d9b0a71ccfa301a1dd92e323e9d0250adeddc54fa3fa72f4cfcbe1d03ee22
04a59eaff111f2a408222c7471721b0d7f4e6e608d0cd62ac1f3377303e424bd
0ac9e1b3eb53e36a365bf9a607a8538e4dcb3714aa1ea1df80a1a1fde87155f6
0e93fc4255eee582c39738ac8f4ea1ede530dd15eee5c1a850097fe8f65b18fe
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a7110337a5dfa1d73bec1caab0531b52ca29b79a32b128c4f62954a1725adf1
24353974b6d117446ff6f6583b4b95eba6ca75092989b34531540539fb85079b
244c79256d283fdea4db319f534d82b4c9bec706917ca8070d71b867dc6d3110
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
4391e2ce1e76f83d8655083ff52a9448c6780d35ee90f5bbaaaa96f30759ab3e
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
491eeb3a1b85e571edd69deec70897616d22c6a6b854631c620ddaff3dd9429d
4ae2448dff1827b12ce4837f39cf84b1f5196cfdb5c13ebee7cdb179a2ac558e
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
51f4e046451fb0f91e103603166c0daeb954d62b04a6eec1f2b7d8aeff5590b3
52325f7a9704e18bff1fa4750629dc486b3f0cc823682556c2cae6b8fef927a4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
614cebde07aeb6d18aa8608084a77f50402ffd5056687dd845ffad5031c16356
65ea65b577480821d25d219bc954cdf98a1d597c94bab440d9a9229418dc8086
67bc504bc328f92c384ac6c5a0c008e83678123d5c8e2b6721f157ef60cabea5
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82932a6a203623f3f67f67cdec8a714db64c2a9fe42082febe3f23bfef3ff88d
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
93017ad948c70b6f6857f46631e4154757030f4e4adc67a5f7978b8ffa8c2ad4
946507a821877537b610573c75918a3d09fd2616442f4b48b36cb839b3cd9859
976ec08bd46dd3ec687e418db509dd971944ff91ef6f22157e042f5af185a0b8
9ad1511dafca6ed31779420217182ab8aa3d0f23891b7f1986b8ad8eedc3cfbb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e36f2db884703dbf59d92d080fe56610e168dbcf997cc9823b97a01bad9325
a53b4626ffffa07a224fb710f78d7badbb2a7cfe0e8f3b33c7ce30e9327a0ef8
aa126a7bfc3a4686e050e09ba9f1e48e2696939d5fce7ac9d1e427ec9171fa80
ab0bd19ed5ad90fb72819af221441e8a88091304b4d41b247b0dced128798935
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad7de59bfbd4f9b6b62bda5d7b778099a62543d1bc4999e440d06d83daf3dbd2
b4e19b461d55f20b51376d61d5e86478fbd4b0c183d33fe0341382d3dded796f
b6edbe8bc4433169e0982dab2c02c677b8c27c76d4ff908869bd68b4a313e46e
bd14ceebd0845b680acf4be88fcca7dcac9b09ef366c8828ed7fb65073ebc385
bff3a1ba2ac72e61fa83964115d77826a0fb5c744c5fa2cb6cda54087bdfd911
c1d18b9fbe73600e3927a5cc968407ca1ac89167d264eeee787815f9a0ac828d
c57bdf5dffa60db6d0caae840bcc76277f71653f45aa293a30d4f15aff9ed0ba
c8fd5c4cd1073463bfb9287ab3f0c31c935796db5caec9751082b0f048029003
cfa180199e89f5eb045cb666cc1df401c5ce32b2c61c0ce71b0fcfe508355abe
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e32019ac606d29331fc3506622fac498c35d4398fe9469a728d2a8d0c6cd356b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5482c6c1e5d8471004681460dbf87457d84695de8226ba0ba9f2e3c0b12a2fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f389e5aacbeadd516f2dcbb5bdc3a8b141f983c99cb9c0fd081b82bdb53bdbc2
f694ce570f9785dd10d595f5c5f75821386fcac08c115eac501fc465f7135af4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f88c2e138a8fbd46be6cad8140db5906b06799e2aab8dae0547e1c69ecd91851
f90088f08fb9b2a36c2df6e026851090f41fd2bf5d7ea4108cfb2c32e5100f3e
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
fffef28b2df4d716df7d3e06682055d5fdc82f4fa10d025d215cf3cbb0b10761

preciouspayload.com Open in urlscan Pro 18.64.79.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

91 %HTTPS

52 %IPv6

23 Domains

31 Subdomains

26 IPs

4 Countries

1416 kBTransfer

2820 kBSize

30 Cookies

10 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

preciouspayload.com Open in urlscan Pro
18.64.79.110 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

91 %
HTTPS

52 %
IPv6

23
Domains

31
Subdomains

26
IPs

4
Countries

1416 kB
Transfer

2820 kB
Size

30
Cookies

70 HTTP transactions
0 data transactions