haisanecunoastem.com Open in urlscan Pro
34.111.46.207 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://maimontopoftheworld.com/?a=14503&c=102874&s2=w3r38pmo6s563987jveu2b28&s3=08660-XV&s1=08660-XV&s4=VLS-w3r38pmo6s563987jve...
Effective URL:
https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Submission: On January 25 via api (January 25th 2025, 5:57:55 am UTC) from US — Scanned from CH

Summary HTTP 75 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 20 domains to perform 75 HTTP transactions. The main IP is 34.111.46.207, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is haisanecunoastem.com.
TLS certificate: Issued by WR3 on January 13th 2025. Valid for: 3 months.

This is the only time haisanecunoastem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	13.248.185.123 13.248.185.123	16509 (AMAZON-02) (AMAZON-02)
39	34.111.46.207 34.111.46.207	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:6ea0:c70... 2a02:6ea0:c700::112	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
3	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
1	151.101.195.52 151.101.195.52	54113 (FASTLY) (FASTLY)
1	34.111.67.216 34.111.67.216	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	136.243.81.150 136.243.81.150	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	34.107.218.251 34.107.218.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
2	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
1	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
12	35.195.163.35 35.195.163.35	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	66.254.114.220 66.254.114.220	29789 (REFLECTED) (REFLECTED)
75	16

2 13.248.185.123 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: abd4c2dbbb655cfeb.awsglobalaccelerator.com

maimontopoftheworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 34.111.46.207 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 207.46.111.34.bc.googleusercontent.com

haisanecunoastem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.haisanecunoastem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.haisanecunoastem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::112 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

a.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.195.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

hw-cdn2.adtng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.67.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.67.111.34.bc.googleusercontent.com

ad.twinrdengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.81.150 (Cologne, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.150.81.243.136.clients.your-server.de

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.218.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.218.107.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

s.dsa9k5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.magsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.opoxv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.orbsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

s.pemsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.zlinkp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.195.163.35 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 35.163.195.35.bc.googleusercontent.com

eu.collectconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.eu.collectconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.254.114.220 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net

sync.atsptp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync_events.atsptp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	haisanecunoastem.com haisanecunoastem.com www.haisanecunoastem.com api.haisanecunoastem.com	1 MB
12	collectconsent.com eu.collectconsent.com api.eu.collectconsent.com	31 KB
4	atsptp.com sync.atsptp.com — Cisco Umbrella Rank: 133346 sync_events.atsptp.com	2 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	190 KB
2	maimontopoftheworld.com 2 redirects maimontopoftheworld.com	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2942
1	gstatic.com www.gstatic.com	218 KB
1	zlinkp.com s.zlinkp.com — Cisco Umbrella Rank: 94221	449 B
1	realsrv.com syndication.realsrv.com — Cisco Umbrella Rank: 39717	450 B
1	pemsrv.com s.pemsrv.com — Cisco Umbrella Rank: 26093	449 B
1	orbsrv.com s.orbsrv.com — Cisco Umbrella Rank: 12446	449 B
1	opoxv.com s.opoxv.com — Cisco Umbrella Rank: 52259	448 B
1	magsrv.com s.magsrv.com — Cisco Umbrella Rank: 12111	449 B
1	dsa9k5.com s.dsa9k5.com	449 B
1	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2388	1 KB
1	tsyndicate.com tsyndicate.com — Cisco Umbrella Rank: 8454	437 B
1	twinrdengine.com ad.twinrdengine.com — Cisco Umbrella Rank: 70449	94 B
1	adtng.com hw-cdn2.adtng.com — Cisco Umbrella Rank: 29743	53 KB
1	exoclick.com a.exoclick.com — Cisco Umbrella Rank: 85245	907 B
75	20

	Domain	Requested by
20	www.haisanecunoastem.com	haisanecunoastem.com
18	haisanecunoastem.com	haisanecunoastem.com
10	api.eu.collectconsent.com	eu.collectconsent.com
3	sync.atsptp.com	hw-cdn2.adtng.com
3	www.google.com	haisanecunoastem.com www.gstatic.com
2	www.googletagmanager.com	haisanecunoastem.com www.googletagmanager.com
2	eu.collectconsent.com	haisanecunoastem.com eu.collectconsent.com
2	maimontopoftheworld.com	2 redirects
1	sync_events.atsptp.com	hw-cdn2.adtng.com
1	region1.google-analytics.com	www.googletagmanager.com
1	api.haisanecunoastem.com	haisanecunoastem.com
1	www.gstatic.com	www.google.com
1	s.zlinkp.com	haisanecunoastem.com
1	syndication.realsrv.com	haisanecunoastem.com
1	s.pemsrv.com	haisanecunoastem.com
1	s.orbsrv.com	haisanecunoastem.com
1	s.opoxv.com	haisanecunoastem.com
1	s.magsrv.com	haisanecunoastem.com
1	s.dsa9k5.com	haisanecunoastem.com
1	dev.visualwebsiteoptimizer.com	haisanecunoastem.com
1	tsyndicate.com	haisanecunoastem.com
1	ad.twinrdengine.com	haisanecunoastem.com
1	hw-cdn2.adtng.com	haisanecunoastem.com
1	a.exoclick.com	haisanecunoastem.com
75	24

This site contains links to these domains. Also see Links.

Domain
api.axtoninternationalsignon.com

Subject Issuer	Validity	Valid
haisanecunoastem.com WR3	`2025-01-13` - `2025-04-13`	3 months	crt.sh
exoclick.com E6	`2024-12-21` - `2025-03-21`	3 months	crt.sh
*.google.com WR2	`2025-01-06` - `2025-03-31`	3 months	crt.sh
*.adtng.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-07-26`	a year	crt.sh
ad.twinrdengine.com WR3	`2025-01-06` - `2025-04-06`	3 months	crt.sh
tsyndicate.com E6	`2025-01-25` - `2025-04-25`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2024-06-29` - `2025-07-31`	a year	crt.sh
dsa9k5.com E6	`2025-01-21` - `2025-04-21`	3 months	crt.sh
magsrv.com E6	`2024-11-13` - `2025-02-11`	3 months	crt.sh
opoxv.com E5	`2024-11-13` - `2025-02-11`	3 months	crt.sh
orbsrv.com E6	`2024-11-13` - `2025-02-11`	3 months	crt.sh
pemsrv.com E6	`2024-11-13` - `2025-02-11`	3 months	crt.sh
realsrv.com E5	`2024-11-13` - `2025-02-11`	3 months	crt.sh
zlinkp.com E6	`2024-12-21` - `2025-03-21`	3 months	crt.sh
*.gstatic.com WR2	`2025-01-06` - `2025-03-31`	3 months	crt.sh
eu.collectconsent.com R11	`2024-12-23` - `2025-03-23`	3 months	crt.sh
*.google-analytics.com WR2	`2025-01-06` - `2025-03-31`	3 months	crt.sh
atsptp.com E5	`2024-12-09` - `2025-03-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Frame ID: 457D9065D9FE8A352A414025F432979C
Requests: 70 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9oYWlzYW5lY3Vub2FzdGVtLmNvbTo0NDM.&hl=de-CH&v=p09oe8YIFfKgcnqQ9m9k4aiB&size=invisible&cb=rpay0pe37pqy
Frame ID: 2B5D197C64DEFDBECA483E38A8A180E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Haisanecunoastem.com

Page URL History Show full URLs

https://maimontopoftheworld.com/?a=14503&c=102874&s2=w3r38pmo6s563987jveu2b28&s3=08660-XV&s1=08660-XV&s4=VLS... HTTP 302
https://maimontopoftheworld.com/?s4=VLS-w3r38pmo6s563987jveu2b28&s1=08660-XV&s3=08660-XV&s2=w3r38pmo6s563987... HTTP 302
https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

75
Requests

99 %
HTTPS

25 %
IPv6

20
Domains

24
Subdomains

16
IPs

4
Countries

1611 kB
Transfer

2976 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://api.axtoninternationalsignon.com/login/google?o=2&p=aGFpc2FuZWN1bm9hc3RlbS5jb20=&r=aHR0cHM6Ly9oYWlzYW5lY3Vub2FzdGVtLmNvbS9sYW5kaW5nMz9jYXQ9bWF0dXJlJnBpPTE0NTAzJnB0MT1wdGRjNDRlY2NkN2VhZjRhZTY5MzMwMGU3MGUyMTVjNDNlJnBlPTA4NjYwLVhW&m=register
Title: Înregistrează-te cu Google

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://maimontopoftheworld.com/?a=14503&c=102874&s2=w3r38pmo6s563987jveu2b28&s3=08660-XV&s1=08660-XV&s4=VLS-w3r38pmo6s563987jveu2b28 HTTP 302
https://maimontopoftheworld.com/?s4=VLS-w3r38pmo6s563987jveu2b28&s1=08660-XV&s3=08660-XV&s2=w3r38pmo6s563987jveu2b28&c=102874&a=14503&ch-redir=1 HTTP 302
https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request landing3 Show response
haisanecunoastem.com/
Redirect Chain

https://maimontopoftheworld.com/?a=14503&c=102874&s2=w3r38pmo6s563987jveu2b28&s3=08660-XV&s1=08660-XV&s4=VLS-w3r38pmo6s563987jveu2b28
https://maimontopoftheworld.com/?s4=VLS-w3r38pmo6s563987jveu2b28&s1=08660-XV&s3=08660-XV&s2=w3r38pmo6s563987jveu2b28&c=102874&a=14503&ch-redir=1
https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

30 KB
8 KB

173ms
109ms

Document
text/html

34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 / PHP/7.2.34
Resource Hash: ae77bf8e29f566b7d77c913523fcbc8227c9574fc6ed6a7afecdae9765e5ad39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=300
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 25 Jan 2025 05:57:50 GMT
server: nginx/1.14.2
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cache: MISS
x-cacheable: YES
x-host: haisanecunoastem.com
x-powered-by: PHP/7.2.34
x-varnish: 1520474
xkey: lander

Redirect headers

content-length: 0
date: Sat, 25 Jan 2025 05:57:50 GMT
location: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
server: nginx

GET
H2 200 landing003.css
haisanecunoastem.com/landers/css/ 29 KB
5 KB 281ms
279ms Stylesheet
text/css 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landers/css/landing003.css
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 / PHP/7.2.34
Resource Hash: 02373859414af61a5afb9a2459e09eb5451450b6f54229c7fdc338e2a8b91df7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

x-host: haisanecunoastem.com
content-encoding: gzip
age: 0
x-cacheable: YES
x-varnish: 1999665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache: MISS
date: Sat, 25 Jan 2025 05:57:50 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=300
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
accept-ranges: bytes
x-powered-by: PHP/7.2.34
server: nginx/1.14.2

GET
H2 200 pornhub.css
haisanecunoastem.com/landers/css/theme/ 16 KB
3 KB 66ms
64ms Stylesheet
text/css 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landers/css/theme/pornhub.css
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 / PHP/7.2.34
Resource Hash: 6632aad14fbd13334f45620ebfd0782aafaf6c2ca9b801a9a344090a2d85123b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

x-host: haisanecunoastem.com
content-encoding: gzip
age: 0
x-cacheable: YES
x-varnish: 1649690 1483011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache: HIT
date: Sat, 25 Jan 2025 02:33:51 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=300
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
accept-ranges: bytes
x-powered-by: PHP/7.2.34
server: nginx/1.14.2

GET
H2 200 fontawesome-all.min.css
haisanecunoastem.com/landers/css/ 50 KB
11 KB 60ms
58ms Stylesheet
text/css 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landers/css/fontawesome-all.min.css
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: 5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

content-encoding: gzip
etag: W/"6790df69-c970"
age: 0
x-cacheable: YES
x-varnish: 1971021 1483128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache: HIT
date: Sat, 25 Jan 2025 02:15:35 GMT
content-type: text/css
last-modified: Wed, 22 Jan 2025 12:07:05 GMT
vary: Accept-Encoding
cache-control: max-age=300
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
accept-ranges: bytes
server: nginx/1.14.2

GET
H2 200 ad-provider.js Show response
haisanecunoastem.com/landers/js/ 1019 B
645 B 64ms
62ms Script
application/javascript 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landers/js/ad-provider.js
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: cf6c3bdd5ee26507213cf852235e76fa49165ec83db9660c28222f5955b3f5d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

content-encoding: gzip
etag: "6790df75-3fb-gzip"
age: 0
x-cacheable: YES
x-varnish: 1221110 1114613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache: HIT
date: Sat, 25 Jan 2025 00:12:03 GMT
content-type: application/javascript
last-modified: Wed, 22 Jan 2025 12:07:17 GMT
vary: Accept-Encoding
cache-control: max-age=300
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
accept-ranges: bytes
content-length: 512
server: nginx/1.14.2

GET
H2 200 tag_gen.js Show response
a.exoclick.com/ 948 B
907 B 89ms
20ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 Datacamp Li...

General

Check archive.org

Download Go to

Full URL: https://a.exoclick.com/tag_gen.js
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 26f3fa2f7482071b941f6e0fd9acded1f2ed53f5af9a334f302834f76b90855d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

x-robots-tag: noindex, follow
x-77-nzt: EgwBqZb/tgH3cykAAAwB1GY4EQG3AAAAAA
cache-control: max-age=10800
content-encoding: gzip
etag: W/"a4687158c585d4cf28557e913b6"
x-77-cache: HIT
expires: Fri, 24 Jan 2025 15:00:48 GMT
access-control-allow-origin: *
x-77-pop: frankfurtDE
date: Sat, 25 Jan 2025 05:57:50 GMT
x-77-age: 10611
content-type: application/javascript
x-77-nzt-ray: 15b3c7116d9b29195e7d9467ecd73431
vary: Accept-Encoding
server: CDN77-Turbo

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 76ms
31ms Script
text/javascript 142.250.185.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s

Requested by

Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

ESF /

Resource Hash

a70219a9ef67f2c018bef70fcc78d2fecd790cd2519bf29e3022a19e3af35c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 25 Jan 2025 05:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 25 Jan 2025 05:57:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1003 B 33ms
32ms Script
text/javascript 142.250.185.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js

Requested by

Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

ESF /

Resource Hash

182ce6bda7831e2a6292463dfe6caad8c07d2947f3f4aafea8c4d016b55945d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 25 Jan 2025 05:57:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 25 Jan 2025 05:57:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 logo.png
www.haisanecunoastem.com/img/ 18 KB
18 KB 109ms
40ms Image
image/png 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/img/logo.png
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 46632f94bc95fc19e1101589f346e9cfebdb1e1b011dbd8bdcea946190b484ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "4702-62c70cfffd6ae"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18178
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:50 GMT
last-modified: Fri, 24 Jan 2025 10:01:37 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/png

GET
H2 200 loading.gif
haisanecunoastem.com/landers/images/loader/ 3 KB
3 KB 67ms
66ms Image
image/gif 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://haisanecunoastem.com/landers/images/loader/loading.gif
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: 06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

cache-control: max-age=300
etag: "6790df6a-b4c"
age: 0
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
x-cacheable: YES
x-varnish: 1771033 1192223
accept-ranges: bytes
x-cache: HIT
content-length: 2892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 02:26:56 GMT
content-type: image/gif
last-modified: Wed, 22 Jan 2025 12:07:06 GMT
server: nginx/1.14.2

GET
H2 200 idsync.min.js Show response
hw-cdn2.adtng.com/delivery/idsync/ 53 KB
53 KB 62ms
16ms Script
application/javascript 151.101.195.52
FASTLY

General

Check archive.org

Download Go to

Full URL: https://hw-cdn2.adtng.com/delivery/idsync/idsync.min.js
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.52 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty/1.19.9.1 /
Resource Hash: 8ff33c835b2be228b9292f1280f3bfa336a376cbf2903bf80b8f3142e56c44ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "d3d5-621ecbe747e31"
age: 2816438
expires: Fri, 25 Apr 2025 15:29:59 GMT
x-cache: HIT, HIT
date: Sat, 25 Jan 2025 05:57:50 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2024 14:15:51 GMT
x-cache-hits: 27, 31773
x-served-by: cache-ams2100142-AMS, cache-lin1730067-LIN
cache-control: max-age=10626767, stale-while-revalidate=86400, stale-if-error=86400
x-timer: S1737784671.955851,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54229
server: openresty/1.19.9.1

GET
H2 200 beh.engine
ad.twinrdengine.com/ 0
94 B 109ms
42ms Image
text/plain 34.111.67.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://ad.twinrdengine.com/beh.engine?b=551&o=1&x=&s=
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.67.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.67.111.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 25 Jan 2025 05:57:50 GMT

GET
H2 200 bff23756-21d2-46e2-8261-55d262650959
tsyndicate.com/api/v2/retargeting/set/ 43 B
437 B 82ms
24ms Image
image/gif 136.243.81.150
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://tsyndicate.com/api/v2/retargeting/set/bff23756-21d2-46e2-8261-55d262650959
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.81.150 Cologne, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.150.81.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

x-robots-tag: none, noindex, nofollow
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
pragma: no-cache
x-api-version: 2
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
expires: 0
content-length: 43
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: image/gif
vary: *
server: nginx

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 70ms
32ms XHR
application/javascript 34.107.218.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/j.php?a=795793&u=https%3A%2F%2Fhaisanecunoastem.com%2Flanding3%3Fcat%3Dmature%26pi%3D14503%26pt1%3Dptdc44eccd7eaf4ae693300e70e215c43e%26pe%3D08660-XV&vn=2.1&x=true

Requested by

Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.218.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.218.107.34.bc.googleusercontent.com

Software

gfra1 /

Resource Hash

9a2115b2b7e17a0fe699d0e37c90d34345be5ae43e413e1db7255b8b34fd9b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://haisanecunoastem.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:57:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: gfra1

GET
H3 200 vendor.js Show response
haisanecunoastem.com/landers/js/ 121 KB
43 KB 70ms
69ms Script
application/javascript 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landers/js/vendor.js
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: 8bd72f2616e5bb14a0ee43212a6f977359880ae425ea86bc31dc0c4f06c6afb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

content-encoding: gzip
etag: W/"6790df75-1e2ae"
age: 0
x-cacheable: YES
x-varnish: 1439873 807119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache: HIT
date: Sat, 25 Jan 2025 00:22:55 GMT
content-type: application/javascript
last-modified: Wed, 22 Jan 2025 12:07:17 GMT
vary: Accept-Encoding
cache-control: max-age=300
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
accept-ranges: bytes
server: nginx/1.14.2

GET
H/1.1 200
OK tag.php
s.dsa9k5.com/ 0
449 B 93ms
25ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Download Go to Show image

Full URL: https://s.dsa9k5.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0&stackUid=20250125055751032106
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
Date: Sat, 25 Jan 2025 05:57:51 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK tag.php
s.magsrv.com/ 0
449 B 91ms
28ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Download Go to Show image

Full URL: https://s.magsrv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0&stackUid=20250125055751032106
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
Date: Sat, 25 Jan 2025 05:57:51 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK tag.php
s.opoxv.com/ 0
448 B 95ms
27ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Download Go to Show image

Full URL: https://s.opoxv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0&stackUid=20250125055751032106
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
Date: Sat, 25 Jan 2025 05:57:51 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK tag.php
s.orbsrv.com/ 0
449 B 86ms
26ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Download Go to Show image

Full URL: https://s.orbsrv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0&stackUid=20250125055751032106
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
Date: Sat, 25 Jan 2025 05:57:51 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK tag.php
s.pemsrv.com/ 0
449 B 141ms
26ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Download Go to Show image

Full URL: https://s.pemsrv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0&stackUid=20250125055751032106
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
Date: Sat, 25 Jan 2025 05:57:51 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK tag.php
syndication.realsrv.com/ 0
450 B 92ms
27ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Download Go to Show image

Full URL: https://syndication.realsrv.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0&stackUid=20250125055751032106
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
Date: Sat, 25 Jan 2025 05:57:51 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK tag.php
s.zlinkp.com/ 0
449 B 94ms
27ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Download Go to Show image

Full URL: https://s.zlinkp.com/tag.php?goal=d8cdfe8a962b6255a777da4356d197f0&stackUid=20250125055751032106
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
Date: Sat, 25 Jan 2025 05:57:51 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
Connection: keep-alive

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/p09oe8YIFfKgcnqQ9m9k4aiB/ 548 KB
218 KB 173ms
23ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/p09oe8YIFfKgcnqQ9m9k4aiB/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a653b9ef9843ff3c1dba2f8eaad6e1e9ec8fa54d95e022d818974d0ed315be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://haisanecunoastem.com
Referer: https://haisanecunoastem.com/

Response headers

content-encoding: gzip
age: 281326
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 21 Jan 2026 23:49:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 21 Jan 2025 23:49:05 GMT
last-modified: Tue, 21 Jan 2025 05:01:07 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222539
x-xss-protection: 0
server: sffe

GET
H3 200 fa-solid-900.woff2
haisanecunoastem.com/landers/webfonts/ 90 KB
90 KB 66ms
65ms Font
application/octet-stream 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landers/webfonts/fa-solid-900.woff2
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landers/css/fontawesome-all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://haisanecunoastem.com
Referer: https://haisanecunoastem.com/landers/css/fontawesome-all.min.css

Response headers

cache-control: max-age=300
etag: "6790df6b-16690"
age: 0
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
x-cacheable: YES
x-varnish: 12288798 11718110
accept-ranges: bytes
x-cache: HIT
content-length: 91792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:53:08 GMT
content-type: application/octet-stream
last-modified: Wed, 22 Jan 2025 12:07:07 GMT
server: nginx/1.14.2

GET
H3 200 landing003.js Show response
haisanecunoastem.com/landers/js/ 73 KB
20 KB 64ms
64ms Script
application/javascript 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landers/js/landing003.js
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: 62ff3bf67eba8fb618544132532dc9c075a3750e02011ffe6daf17a71b511686

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

content-encoding: gzip
etag: W/"6790df75-12332"
age: 0
x-cacheable: YES
x-varnish: 11883406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache: MISS
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/javascript
last-modified: Wed, 22 Jan 2025 12:07:17 GMT
vary: Accept-Encoding
cache-control: max-age=300
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
accept-ranges: bytes
server: nginx/1.14.2

GET
H2 200 cc.js Show response
eu.collectconsent.com/ 118 KB
14 KB 135ms
60ms Script
application/javascript 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://eu.collectconsent.com/cc.js?wId=2NiH3gAIWnoEnvklMOIeHI&domain=haisanecunoastem.com&languageCode=ro&languageTerritory=RO&sessionId=b8f90329c3d54fabb067a73b14a799a7

Requested by

Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7d2231e8a19692f730e6bd28076f5b59b5710bfaa247aaa30d68135b29d13be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

strict-transport-security: max-age=63072000;
content-encoding: gzip
x-content-type-options: nosniff
content-length: 14214
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx/1.10.3 (Ubuntu)

GET
H3 200 media-registry.js Show response
haisanecunoastem.com/landers/ 139 KB
9 KB 52ms
52ms Script
application/javascript 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landers/media-registry.js
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: 084c7d1bd304dd8a6511c5a0109fd00c304fd8ec8bd794561cb99e6b66c81e7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=kYeBpg==, md5=8PWz2DarxwWcHNl0DyTsEw==
content-encoding: gzip
etag: "f0f5b3d836abc7059c1cd9740f24ec13-gzip"
age: 308
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 142729
date: Sat, 25 Jan 2025 05:52:43 GMT
last-modified: Wed, 22 Jan 2025 12:29:09 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFIdbgQ08cMH4gs0xJQpWebe5bZBgMOa5GYfffDIKAuNhpIlAJCjKU59vmLB-miKgimnJ4S2
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google, 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1737548949008451
server: nginx/1.14.2

GET
H3 200 ro-ro2.json Show response
haisanecunoastem.com/landers/translations/ 191 KB
191 KB 64ms
63ms XHR
application/json 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landers/translations/ro-ro2.json
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landers/js/vendor.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: 62eb184a9dfb40a9304e89ebe315abcc31bdbf3286cdf610efd377b67db11c03

Request headers

Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=sgbzmA==, md5=3hitijjkRDWLlg25XvTCdw==
etag: "de18ad8a38e444358b960db95ef4c277"
age: 2759
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 195833
date: Sat, 25 Jan 2025 05:11:52 GMT
last-modified: Fri, 10 Jan 2025 06:47:24 GMT
content-type: application/json
x-guploader-uploadid: AFIdbgTo9SRrUBC0BalDujITeWWUQH7ljZlibWb3RWDs6R2w5-uQNYWrAuftkT2qhfZLAobi
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google, 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736491644452553
content-length: 195833
server: nginx/1.14.2

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 2B5D 0
0 86ms
44ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly9oYWlzYW5lY3Vub2FzdGVtLmNvbTo0NDM.&hl=de-CH&v=p09oe8YIFfKgcnqQ9m9k4aiB&size=invisible&cb=rpay0pe37pqy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/p09oe8YIFfKgcnqQ9m9k4aiB/recaptcha__de_ch.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zw6QoKLLRpRriaMJzTBPvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://haisanecunoastem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zw6QoKLLRpRriaMJzTBPvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jan 2025 05:57:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 collector
api.eu.collectconsent.com/consent/ Frame 0
0 128ms
39ms Preflight
application/vnd.api+json 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://api.eu.collectconsent.com/consent/collector

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://haisanecunoastem.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://haisanecunoastem.com
content-length: 0
content-type: application/vnd.api+json
date: Sat, 25 Jan 2025 05:57:51 GMT
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 250 KB
85 KB 86ms
34ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB

Requested by

Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landers/js/landing003.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e5856325eba66e53b7e7031bb5abdb3d904778130d4fca85181be80cff3a586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 25 Jan 2025 05:57:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 25 Jan 2025 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86365
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 search Show response
www.haisanecunoastem.com/json/profile/ 99 KB
99 KB 222ms
219ms XHR
application/json 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://www.haisanecunoastem.com/json/profile/search
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landers/js/vendor.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 0009f0836050121d616fadce336057904f6cc0a6d406af6da2e29736b7a32cbb

Request headers

Referer: https://haisanecunoastem.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin: https://haisanecunoastem.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/json
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)

GET
H3 200 ro-ro2.json Show response
haisanecunoastem.com/landers/translations/ 191 KB
0 0ms
0ms XHR
application/json 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://haisanecunoastem.com/landers/translations/ro-ro2.json
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landers/js/vendor.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: 62eb184a9dfb40a9304e89ebe315abcc31bdbf3286cdf610efd377b67db11c03

Request headers

Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=sgbzmA==, md5=3hitijjkRDWLlg25XvTCdw==
etag: "de18ad8a38e444358b960db95ef4c277"
age: 2759
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 195833
date: Sat, 25 Jan 2025 05:11:52 GMT
last-modified: Fri, 10 Jan 2025 06:47:24 GMT
content-type: application/json
x-guploader-uploadid: AFIdbgTo9SRrUBC0BalDujITeWWUQH7ljZlibWb3RWDs6R2w5-uQNYWrAuftkT2qhfZLAobi
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google, 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1736491644452553
content-length: 195833
server: nginx/1.14.2

POST
H2 200 collector Show response
api.eu.collectconsent.com/consent/ 5 KB
5 KB 59ms
58ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://api.eu.collectconsent.com/consent/collector

Requested by

Host: eu.collectconsent.com
URL: https://eu.collectconsent.com/cc.js?wId=2NiH3gAIWnoEnvklMOIeHI&domain=haisanecunoastem.com&languageCode=ro&languageTerritory=RO&sessionId=b8f90329c3d54fabb067a73b14a799a7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

62eedc0bdd686f820156fc713c482d817f99ad7e1b788d47317be95c676b3ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://haisanecunoastem.com/

Response headers

strict-transport-security: max-age=63072000;
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://haisanecunoastem.com
content-length: 4915
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/vnd.api+json
server: nginx/1.10.3 (Ubuntu)

GET
H3 200 01.webp
haisanecunoastem.com/landers/images/landing003/mature/default/ 416 B
440 B 78ms
77ms Image
image/webp 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://haisanecunoastem.com/landers/images/landing003/mature/default/01.webp?geo=ro
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: f3a6845e495acf6f1c3131e3a736953317fd212ac2145512191041b2ff9e05a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

cache-control: max-age=300
etag: "6790df69-1a0"
age: 0
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
x-cacheable: YES
x-varnish: 1649692
accept-ranges: bytes
x-cache: MISS
content-length: 416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: image/webp
last-modified: Wed, 22 Jan 2025 12:07:05 GMT
server: nginx/1.14.2

GET
H3 200 02.webp
haisanecunoastem.com/landers/images/landing003/mature/default/ 17 KB
17 KB 65ms
64ms Image
image/webp 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://haisanecunoastem.com/landers/images/landing003/mature/default/02.webp?geo=ro
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: 6c16335ae3c796a6e06b64ef50f7ebe061661495ef696f369fe04a4ed3cfaa36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

cache-control: max-age=300
etag: "6790df69-4264"
age: 0
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
x-cacheable: YES
x-varnish: 11638745 11718116
accept-ranges: bytes
x-cache: HIT
content-length: 16996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:53:09 GMT
content-type: image/webp
last-modified: Wed, 22 Jan 2025 12:07:05 GMT
server: nginx/1.14.2

GET
H3 200 03.webp
haisanecunoastem.com/landers/images/landing003/mature/default/ 542 B
567 B 79ms
78ms Image
image/webp 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://haisanecunoastem.com/landers/images/landing003/mature/default/03.webp?geo=ro
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: f0220a6c212d8e776af0cd1550e9f0b102262a131608a4ae923424cdb70626eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

cache-control: max-age=300
etag: "6790df69-21e"
age: 0
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
x-cacheable: YES
x-varnish: 1520478 1649341
accept-ranges: bytes
x-cache: HIT
content-length: 542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:53:09 GMT
content-type: image/webp
last-modified: Wed, 22 Jan 2025 12:07:05 GMT
server: nginx/1.14.2

GET
H3 200 04.webp
haisanecunoastem.com/landers/images/landing003/mature/default/ 12 KB
12 KB 68ms
67ms Image
image/webp 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://haisanecunoastem.com/landers/images/landing003/mature/default/04.webp?geo=ro
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: 5d15f6d41271ace6c41b7a46cd39d1b7d4b6d815e03ae9f72d7c1a1b870c8a61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

cache-control: max-age=300
etag: "6790df69-31cc"
age: 0
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
x-cacheable: YES
x-varnish: 1439877
accept-ranges: bytes
x-cache: MISS
content-length: 12748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: image/webp
last-modified: Wed, 22 Jan 2025 12:07:05 GMT
server: nginx/1.14.2

GET
H3 200 05.webp
haisanecunoastem.com/landers/images/landing003/mature/default/ 510 B
534 B 73ms
72ms Image
image/webp 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://haisanecunoastem.com/landers/images/landing003/mature/default/05.webp?geo=ro
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: a05b56e698c903dc098ce46dea62c53719002c3be1397510f77c723b3d2dca4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

cache-control: max-age=300
etag: "6790df69-1fe"
age: 0
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
x-cacheable: YES
x-varnish: 11975389 11943817
accept-ranges: bytes
x-cache: HIT
content-length: 510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:53:09 GMT
content-type: image/webp
last-modified: Wed, 22 Jan 2025 12:07:05 GMT
server: nginx/1.14.2

GET
H3 200 06.webp
haisanecunoastem.com/landers/images/landing003/mature/default/ 35 KB
35 KB 76ms
75ms Image
image/webp 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://haisanecunoastem.com/landers/images/landing003/mature/default/06.webp?geo=ro
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: nginx/1.14.2 /
Resource Hash: e7f2603e269e411075c92d38dad461ef1e46bfa62075770b3fdeda2fa517d0c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV

Response headers

cache-control: max-age=300
etag: "6790df69-8a70"
age: 0
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
xkey: lander
x-cacheable: YES
x-varnish: 1572309
accept-ranges: bytes
x-cache: MISS
content-length: 35440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: image/webp
last-modified: Wed, 22 Jan 2025 12:07:05 GMT
server: nginx/1.14.2

GET
H2 200 options Show response
api.haisanecunoastem.com/geoapi/places/ 6 KB
7 KB 124ms
54ms XHR
application/vnd.api+json 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.haisanecunoastem.com/geoapi/places/options?strategy=RomanianRegions&language=&level=1
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landers/js/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: f22b833b553755ead65160896f4eb379ed64e4ad0e5e9b8d528ae143ddc99bc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://haisanecunoastem.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin: https://haisanecunoastem.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-ua-compatible: IE=edge,chrome=1
content-length: 6606
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/vnd.api+json
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
105 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c&gtm=45He51n0v9103010110za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50aea5360284342a0fe4ef1b73783502e7683ab3fdfb4aa9ba650d64437de4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 25 Jan 2025 05:57:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106777
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 97ms
35ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QXFHHE16V3&gtm=45je51n0v9106874940z89103010110za200zb9103010110&_p=1737784671348&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102067555~102067808~102081485~102123608&cid=137916817.1737784672&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1737784671&sct=1&seg=0&dl=https%3A%2F%2Fhaisanecunoastem.com%2Flanding3%3Fcat%3Dmature%26pi%3D14503%26pt1%3Dptdc44eccd7eaf4ae693300e70e215c43e%26pe%3D08660-XV&dt=Haisanecunoastem.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1195
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c&gtm=45He51n0v9103010110za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://haisanecunoastem.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 627877.jpg
www.haisanecunoastem.com/content/1/1966553/fotos/ 30 KB
30 KB 43ms
42ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966553/fotos/627877.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 74c4bf125b1b00c8fbf7d9f1913949f046fcbbbe66c6f225161101b9a570cfcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "78e8-62c7a11640859"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30952
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 21:04:09 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627863.jpg
www.haisanecunoastem.com/content/1/1966545/fotos/ 23 KB
24 KB 46ms
43ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966545/fotos/627863.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 6e6405e88541397b5ddff25076f44ac82d1757fd5ef04b74ca704ef0d254d6c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "5dee-62c79ff5cf2e1"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24046
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 20:59:07 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627855.jpg
www.haisanecunoastem.com/content/1/1966543/fotos/ 27 KB
27 KB 66ms
64ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966543/fotos/627855.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: f01a4c594c5bc9fee09892c79a7f1b16823376d91b13e2d02ac5b33985a190fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "6dcf-62c79ff3bae67"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28111
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 20:59:05 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627845.jpg
www.haisanecunoastem.com/content/1/1966541/fotos/ 19 KB
19 KB 53ms
51ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966541/fotos/627845.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 1190d155b365512f5b1d24bcaf5737fff7baa0a752f761a89bde98ce300f6ba5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "4d86-62c79ed7be4c1"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19846
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 20:54:07 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627815.jpg
www.haisanecunoastem.com/content/1/1966531/fotos/ 48 KB
48 KB 47ms
45ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966531/fotos/627815.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 9c2e2b37a756069b65f8eedd4d69f36aceb211c6bf101d7b39aa5546c2e4c9ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "bf07-62c79db8fca3a"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48903
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 20:49:06 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627785.jpg
www.haisanecunoastem.com/content/1/1966519/fotos/ 30 KB
30 KB 57ms
54ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966519/fotos/627785.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 5a1bf071ab8ad001536f03204901b31b06f448cf636f112f261c1df5b940ee49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "792f-62c79b7f55b40"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31023
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 20:39:09 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627733.jpg
www.haisanecunoastem.com/content/1/1966497/fotos/ 26 KB
26 KB 59ms
56ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966497/fotos/627733.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 6f0ea2b69cc52f38e8ae04e17ec6b779396056ed8c8daf35eabcee6662059a23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "6754-62c7982505c13"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26452
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 20:24:09 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627709.jpg
www.haisanecunoastem.com/content/1/1966485/fotos/ 22 KB
22 KB 50ms
48ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966485/fotos/627709.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 6375c35dad4c94ab541a9515663c9daba599d1d4e6e767248f67fa375ce5b485

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "5965-62c79705b5811"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22885
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 20:19:07 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627681.jpg
www.haisanecunoastem.com/content/1/1966475/fotos/ 26 KB
26 KB 78ms
76ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966475/fotos/627681.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: faa20496fde44316674e6fd0288776785e8e11777164bd88fe1ac63d741fa9c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "69b6-62c794c7a9748"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27062
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 20:09:06 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627671.jpg
www.haisanecunoastem.com/content/1/1966469/fotos/ 37 KB
37 KB 55ms
53ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966469/fotos/627671.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: d9d8934374aa17db0d086ddfee5f4edd6dbc88be24905530749ed4a345369467

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "94b3-62c793b4a20ca"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38067
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 20:04:17 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627659.jpg
www.haisanecunoastem.com/content/1/1966463/fotos/ 25 KB
25 KB 75ms
73ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966463/fotos/627659.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: f2bb358a1abb9d665edf2945217fd348db1720d6fde7ea32b12ca45007b4778d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "6417-62c7928ab8a34"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25623
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 19:59:05 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627617.jpg
www.haisanecunoastem.com/content/1/1966441/fotos/ 31 KB
31 KB 82ms
80ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966441/fotos/627617.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: e1b61ff8eaa3ab5b97cf4d21085b658b4fd00502347d2d8bf58722d3ddd951d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "7ad0-62c78f3401ae1"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31440
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 19:44:09 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627591.jpg
www.haisanecunoastem.com/content/1/1966433/fotos/ 24 KB
24 KB 79ms
78ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966433/fotos/627591.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 07dd91d14376eba2352d2d3d4236dcba7578a68e327f2c21d51c960b592f8508

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "61ae-62c78e13b8619"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25006
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 19:39:06 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627577.jpg
www.haisanecunoastem.com/content/1/1966425/fotos/ 42 KB
42 KB 71ms
69ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966425/fotos/627577.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: be3473d8612cf9a59041641a3f513d7483e4c25069c07b5b8b622c27ceb0ac4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "a702-62c78cf59faf6"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42754
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 19:34:06 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627571.jpg
www.haisanecunoastem.com/content/1/1966423/fotos/ 29 KB
29 KB 84ms
82ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966423/fotos/627571.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 2b49fd87a89e43890a6deff02288a4137016a1001aa1a6c1555e33ad77cd0cc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "7489-62c78cf3ea243"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29833
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 19:34:04 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627557.jpg
www.haisanecunoastem.com/content/1/1966415/fotos/ 35 KB
35 KB 72ms
71ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966415/fotos/627557.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: be9f3565587f61004ae7e8e66a2cdafca97d806fb0a96e07668dfcd0044e27ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "8b7b-62c78bde891cf"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35707
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 19:29:14 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627547.jpg
www.haisanecunoastem.com/content/1/1966405/fotos/ 34 KB
34 KB 68ms
66ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966405/fotos/627547.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: 659a536827c62ea1c47c10f8fee5329a2adb1948d41ecb5aae6934bda89a7865

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "878d-62c78abb450af"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34701
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 19:24:08 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H3 200 627441.jpg
www.haisanecunoastem.com/content/1/1966191/fotos/ 28 KB
28 KB 82ms
81ms Image
image/jpeg 34.111.46.207
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://www.haisanecunoastem.com/content/1/1966191/fotos/627441.jpg
Requested by: Host: haisanecunoastem.com
URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.46.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 207.46.111.34.bc.googleusercontent.com
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: a760c754233d7fd5d2f9745854f1dab209147bb9d368331c5d7190b6a655c94c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

etag: "7140-62c74c24074df"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28992
x-ua-compatible: IE=edge,chrome=1
date: Sat, 25 Jan 2025 05:57:51 GMT
last-modified: Fri, 24 Jan 2025 14:44:07 GMT
vary: X-Forwarded-Proto
server: Apache/2.4.58 (Ubuntu)
content-type: image/jpeg

GET
H2 200 cc.css
eu.collectconsent.com/ 24 KB
4 KB 32ms
31ms Stylesheet
text/css 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://eu.collectconsent.com/cc.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

strict-transport-security: max-age=63072000;
content-encoding: gzip
etag: "6073-5b1b123761e40-gzip"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 3892
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: text/css
last-modified: Thu, 15 Oct 2020 08:07:25 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding

POST
H2 200 collector Show response
api.eu.collectconsent.com/consent/ 5 KB
5 KB 60ms
59ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://api.eu.collectconsent.com/consent/collector

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

62eedc0bdd686f820156fc713c482d817f99ad7e1b788d47317be95c676b3ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://haisanecunoastem.com/

Response headers

strict-transport-security: max-age=63072000;
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://haisanecunoastem.com
content-length: 4915
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/vnd.api+json
server: nginx/1.10.3 (Ubuntu)

GET favicon.ico
www.haisanecunoastem.com/favicon/ 0
0

OPTIONS
H2 200 loadSegment
api.eu.collectconsent.com/consent/ Frame 0
0 33ms
33ms Preflight
application/vnd.api+json 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://haisanecunoastem.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://haisanecunoastem.com
content-length: 0
content-type: application/vnd.api+json
date: Sat, 25 Jan 2025 05:57:51 GMT
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

POST
H2 200 loadSegment Show response
api.eu.collectconsent.com/consent/ 454 B
668 B 41ms
40ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

587d0e1478be81e6d68d1f3c6269c6f3e999f533af368b4e0797d225a10fe872

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://haisanecunoastem.com/

Response headers

strict-transport-security: max-age=63072000;
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://haisanecunoastem.com
content-length: 454
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/vnd.api+json
server: nginx/1.10.3 (Ubuntu)

GET
H2 200 a9f1061b781cbe16f53cb7abe9c0b3b0 Show response
sync.atsptp.com/d/jsfp/ 36 B
561 B 187ms
147ms XHR
text/plain 66.254.114.220
REFLECTED

General

Check archive.org

Download Go to

Full URL: https://sync.atsptp.com/d/jsfp/a9f1061b781cbe16f53cb7abe9c0b3b0
Requested by: Host: hw-cdn2.adtng.com
URL: https://hw-cdn2.adtng.com/delivery/idsync/idsync.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.254.114.220 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: /
Resource Hash: 21d9ee2e2c637974ead958a60d747c665169a788ef65796ab98d5b99cafaf0b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

x-trace: 2B285C5B1D11844AD1F52DC57276073745AC395F96000000000000000000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://haisanecunoastem.com
content-length: 36
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: text/plain
vary: Origin

GET
H2 200 a9f1061b781cbe16f53cb7abe9c0b3b0 Show response
sync.atsptp.com/d/jsfp/ 36 B
560 B 292ms
149ms XHR
text/plain 66.254.114.220
REFLECTED

General

Check archive.org

Download Go to

Full URL: https://sync.atsptp.com/d/jsfp/a9f1061b781cbe16f53cb7abe9c0b3b0
Requested by: Host: hw-cdn2.adtng.com
URL: https://hw-cdn2.adtng.com/delivery/idsync/idsync.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.254.114.220 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: /
Resource Hash: 21d9ee2e2c637974ead958a60d747c665169a788ef65796ab98d5b99cafaf0b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://haisanecunoastem.com/

Response headers

x-trace: 2BB0CD8DDF5CD7588B0606792A648A9E4FE2B8B0E1000000000000000000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://haisanecunoastem.com
content-length: 36
date: Sat, 25 Jan 2025 05:57:52 GMT
content-type: text/plain
vary: Origin

POST
H2 200 loadSegment Show response
api.eu.collectconsent.com/consent/ 407 B
621 B 43ms
42ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://api.eu.collectconsent.com/consent/loadSegment

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9a484ffb96cee784ffcec89f40a8f2a1efc403810da2cbe534390ba5aa4318ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://haisanecunoastem.com/

Response headers

strict-transport-security: max-age=63072000;
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://haisanecunoastem.com
content-length: 407
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/vnd.api+json
server: nginx/1.10.3 (Ubuntu)

OPTIONS
H2 200 confirmExplicit
api.eu.collectconsent.com/consent/ Frame 0
0 35ms
35ms Preflight
application/vnd.api+json 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://api.eu.collectconsent.com/consent/confirmExplicit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://haisanecunoastem.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://haisanecunoastem.com
content-length: 0
content-type: application/vnd.api+json
date: Sat, 25 Jan 2025 05:57:51 GMT
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

OPTIONS
H2 200 load
api.eu.collectconsent.com/consent/ Frame 0
0 36ms
36ms Preflight
application/vnd.api+json 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://api.eu.collectconsent.com/consent/load

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://haisanecunoastem.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://haisanecunoastem.com
content-length: 0
content-type: application/vnd.api+json
date: Sat, 25 Jan 2025 05:57:51 GMT
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff

POST
H2 200 confirmExplicit Show response
api.eu.collectconsent.com/consent/ 0
212 B 51ms
51ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://api.eu.collectconsent.com/consent/confirmExplicit

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://haisanecunoastem.com/

Response headers

strict-transport-security: max-age=63072000;
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://haisanecunoastem.com
content-length: 0
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/vnd.api+json
server: nginx/1.10.3 (Ubuntu)

POST
H2 200 load Show response
api.eu.collectconsent.com/consent/ 810 B
1 KB 46ms
44ms XHR
application/vnd.api+json 35.195.163.35
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://api.eu.collectconsent.com/consent/load

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

35.163.195.35.bc.googleusercontent.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

9229536ebb654a2961a633d75d92844c5ffa43f034660c445388920152f2f852

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://haisanecunoastem.com/

Response headers

strict-transport-security: max-age=63072000;
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://haisanecunoastem.com
content-length: 810
date: Sat, 25 Jan 2025 05:57:51 GMT
content-type: application/vnd.api+json
server: nginx/1.10.3 (Ubuntu)

POST
H2 200 e Show response
sync_events.atsptp.com/p/ 8 B
611 B 152ms
143ms XHR
application/json 66.254.114.220
REFLECTED

General

Check archive.org

Download Go to

Full URL: https://sync_events.atsptp.com/p/e
Requested by: Host: hw-cdn2.adtng.com
URL: https://hw-cdn2.adtng.com/delivery/idsync/idsync.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.254.114.220 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: /
Resource Hash: 318c5ad51e9b36ff5924ae323dd59031245413a3e0f2aa3e03cc42902e9e7acc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://haisanecunoastem.com/

Response headers

x-trace: 2B97801604E76CA9A94F055E94EA5B0426965E86BD000000000000000000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 google
access-control-allow-origin: https://haisanecunoastem.com
content-length: 8
date: Sat, 25 Jan 2025 05:57:52 GMT
content-type: application/json
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 d6634729-4fe3-a0a3-0ac2-b125c5cffa03 Show response
sync.atsptp.com/link/d6634729-4fe3-a0a3-0ac2-b125c5cffa03/origin/a/oldd/ 36 B
560 B 141ms
140ms XHR
text/plain 66.254.114.220
REFLECTED

General

Check archive.org

Download Go to

Full URL: https://sync.atsptp.com/link/d6634729-4fe3-a0a3-0ac2-b125c5cffa03/origin/a/oldd/d6634729-4fe3-a0a3-0ac2-b125c5cffa03
Requested by: Host: hw-cdn2.adtng.com
URL: https://hw-cdn2.adtng.com/delivery/idsync/idsync.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.254.114.220 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: /
Resource Hash: 21d9ee2e2c637974ead958a60d747c665169a788ef65796ab98d5b99cafaf0b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://haisanecunoastem.com/

Response headers

x-trace: 2B1EBAEABD3F544D3D0E962C8668C48E2615862DB9000000000000000000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://haisanecunoastem.com
content-length: 36
date: Sat, 25 Jan 2025 05:57:52 GMT
content-type: text/plain
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.haisanecunoastem.com
URL: https://www.haisanecunoastem.com/favicon/favicon.ico

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.maimontopoftheworld.com/	1970-01-21 03:26:16	Name: pt30 Value: fd54421c83064a36afb9953851c4b787
.maimontopoftheworld.com/	1970-01-21 12:19:04	Name: ptc Value: fd54421c83064a36afb9953851c4b787
.maimontopoftheworld.com/	1969-12-31 23:59:59	Name: ptbs Value: fd54421c83064a36afb9953851c4b787
.maimontopoftheworld.com/	1970-01-21 12:19:04	Name: ptr Value: ptdc44eccd7eaf4ae693300e70e215c43e
tsyndicate.com/	1970-01-21 11:28:40	Name: ts_rt_bff23756-21d2-46e2-8261-55d262650959 Value: AAMC
.orbsrv.com/	1970-01-21 11:28:40	Name: goals Value: a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-25%22%3B%7D%7D
.magsrv.com/	1970-01-21 11:28:40	Name: goals Value: a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-25%22%3B%7D%7D
.dsa9k5.com/	1970-01-21 11:28:40	Name: goals Value: a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-25%22%3B%7D%7D
.realsrv.com/	1970-01-21 11:28:40	Name: goals Value: a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-25%22%3B%7D%7D
.zlinkp.com/	1970-01-21 11:28:40	Name: goals Value: a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-25%22%3B%7D%7D
.opoxv.com/	1970-01-21 11:28:40	Name: goals Value: a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-25%22%3B%7D%7D
.pemsrv.com/	1970-01-21 11:28:40	Name: goals Value: a%3A1%3A%7Bi%3A124980%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222025-01-25%22%3B%7D%7D
.haisanecunoastem.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: it718v8ornhua9aq25v0vr24a0
.haisanecunoastem.com/	1969-12-31 23:59:59	Name: system Value: sessionId%3D6vnpODAoOWoMlvpOB67idm%26p%3D1033752%26pi%3Dtypein
.haisanecunoastem.com/	1970-01-21 12:19:04	Name: _ga_QXFHHE16V3 Value: GS1.1.1737784671.1.0.1737784671.0.0.0
.haisanecunoastem.com/	1970-01-21 12:19:04	Name: _ga Value: GA1.1.137916817.1737784672
.haisanecunoastem.com/	1969-12-31 23:59:59	Name: d_fs Value: 1
.haisanecunoastem.com/	1970-01-21 03:26:16	Name: d_uid Value: d6634729-4fe3-a0a3-0ac2-b125c5cffa03
.haisanecunoastem.com/	1970-01-21 03:26:16	Name: d_uidb Value: d6634729-4fe3-a0a3-0ac2-b125c5cffa03

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
rendering	warning	URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D00EC320000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://haisanecunoastem.com/landing3?cat=mature&pi=14503&pt1=ptdc44eccd7eaf4ae693300e70e215c43e&pe=08660-XV Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B00806EC320000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exoclick.com
ad.twinrdengine.com
api.eu.collectconsent.com
api.haisanecunoastem.com
dev.visualwebsiteoptimizer.com
eu.collectconsent.com
haisanecunoastem.com
hw-cdn2.adtng.com
maimontopoftheworld.com
region1.google-analytics.com
s.dsa9k5.com
s.magsrv.com
s.opoxv.com
s.orbsrv.com
s.pemsrv.com
s.zlinkp.com
sync.atsptp.com
sync_events.atsptp.com
syndication.realsrv.com
tsyndicate.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.haisanecunoastem.com
www.haisanecunoastem.com
13.248.185.123
136.243.81.150
142.250.185.132
151.101.195.52
2001:4860:4802:32::36
2a00:1450:4001:806::2008
2a00:1450:4001:81d::2003
2a02:6ea0:c700::112
34.107.218.251
34.111.46.207
34.111.67.216
35.195.163.35
66.254.114.220
95.211.229.245
95.211.229.246
95.211.229.247
0009f0836050121d616fadce336057904f6cc0a6d406af6da2e29736b7a32cbb
02373859414af61a5afb9a2459e09eb5451450b6f54229c7fdc338e2a8b91df7
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
07dd91d14376eba2352d2d3d4236dcba7578a68e327f2c21d51c960b592f8508
084c7d1bd304dd8a6511c5a0109fd00c304fd8ec8bd794561cb99e6b66c81e7a
1190d155b365512f5b1d24bcaf5737fff7baa0a752f761a89bde98ce300f6ba5
182ce6bda7831e2a6292463dfe6caad8c07d2947f3f4aafea8c4d016b55945d0
1e5856325eba66e53b7e7031bb5abdb3d904778130d4fca85181be80cff3a586
21d9ee2e2c637974ead958a60d747c665169a788ef65796ab98d5b99cafaf0b2
26f3fa2f7482071b941f6e0fd9acded1f2ed53f5af9a334f302834f76b90855d
2b49fd87a89e43890a6deff02288a4137016a1001aa1a6c1555e33ad77cd0cc7
318c5ad51e9b36ff5924ae323dd59031245413a3e0f2aa3e03cc42902e9e7acc
41a653b9ef9843ff3c1dba2f8eaad6e1e9ec8fa54d95e022d818974d0ed315be
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
46632f94bc95fc19e1101589f346e9cfebdb1e1b011dbd8bdcea946190b484ad
50aea5360284342a0fe4ef1b73783502e7683ab3fdfb4aa9ba650d64437de4ac
587d0e1478be81e6d68d1f3c6269c6f3e999f533af368b4e0797d225a10fe872
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
5a1bf071ab8ad001536f03204901b31b06f448cf636f112f261c1df5b940ee49
5d15f6d41271ace6c41b7a46cd39d1b7d4b6d815e03ae9f72d7c1a1b870c8a61
62eb184a9dfb40a9304e89ebe315abcc31bdbf3286cdf610efd377b67db11c03
62eedc0bdd686f820156fc713c482d817f99ad7e1b788d47317be95c676b3ed0
62ff3bf67eba8fb618544132532dc9c075a3750e02011ffe6daf17a71b511686
6375c35dad4c94ab541a9515663c9daba599d1d4e6e767248f67fa375ce5b485
659a536827c62ea1c47c10f8fee5329a2adb1948d41ecb5aae6934bda89a7865
6632aad14fbd13334f45620ebfd0782aafaf6c2ca9b801a9a344090a2d85123b
6c16335ae3c796a6e06b64ef50f7ebe061661495ef696f369fe04a4ed3cfaa36
6e6405e88541397b5ddff25076f44ac82d1757fd5ef04b74ca704ef0d254d6c9
6f0ea2b69cc52f38e8ae04e17ec6b779396056ed8c8daf35eabcee6662059a23
74c4bf125b1b00c8fbf7d9f1913949f046fcbbbe66c6f225161101b9a570cfcc
7d2231e8a19692f730e6bd28076f5b59b5710bfaa247aaa30d68135b29d13be9
8bd72f2616e5bb14a0ee43212a6f977359880ae425ea86bc31dc0c4f06c6afb5
8ff33c835b2be228b9292f1280f3bfa336a376cbf2903bf80b8f3142e56c44ae
9229536ebb654a2961a633d75d92844c5ffa43f034660c445388920152f2f852
9a2115b2b7e17a0fe699d0e37c90d34345be5ae43e413e1db7255b8b34fd9b2e
9a484ffb96cee784ffcec89f40a8f2a1efc403810da2cbe534390ba5aa4318ef
9c2e2b37a756069b65f8eedd4d69f36aceb211c6bf101d7b39aa5546c2e4c9ef
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
a05b56e698c903dc098ce46dea62c53719002c3be1397510f77c723b3d2dca4c
a238cffffbfea4c2868fca1b142a3a9690574537a38c857dbe309ec27b033eb3
a70219a9ef67f2c018bef70fcc78d2fecd790cd2519bf29e3022a19e3af35c28
a760c754233d7fd5d2f9745854f1dab209147bb9d368331c5d7190b6a655c94c
ae77bf8e29f566b7d77c913523fcbc8227c9574fc6ed6a7afecdae9765e5ad39
be3473d8612cf9a59041641a3f513d7483e4c25069c07b5b8b622c27ceb0ac4f
be9f3565587f61004ae7e8e66a2cdafca97d806fb0a96e07668dfcd0044e27ff
cf6c3bdd5ee26507213cf852235e76fa49165ec83db9660c28222f5955b3f5d7
d9d8934374aa17db0d086ddfee5f4edd6dbc88be24905530749ed4a345369467
e1b61ff8eaa3ab5b97cf4d21085b658b4fd00502347d2d8bf58722d3ddd951d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f2603e269e411075c92d38dad461ef1e46bfa62075770b3fdeda2fa517d0c2
f01a4c594c5bc9fee09892c79a7f1b16823376d91b13e2d02ac5b33985a190fe
f0220a6c212d8e776af0cd1550e9f0b102262a131608a4ae923424cdb70626eb
f22b833b553755ead65160896f4eb379ed64e4ad0e5e9b8d528ae143ddc99bc4
f2bb358a1abb9d665edf2945217fd348db1720d6fde7ea32b12ca45007b4778d
f3a6845e495acf6f1c3131e3a736953317fd212ac2145512191041b2ff9e05a8
faa20496fde44316674e6fd0288776785e8e11777164bd88fe1ac63d741fa9c1

haisanecunoastem.com Open in urlscan Pro 34.111.46.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

25 %IPv6

20 Domains

24 Subdomains

16 IPs

4 Countries

1611 kBTransfer

2976 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

haisanecunoastem.com Open in urlscan Pro
34.111.46.207 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

25 %
IPv6

20
Domains

24
Subdomains

16
IPs

4
Countries

1611 kB
Transfer

2976 kB
Size

19
Cookies

75 HTTP transactions
0 data transactions