Submitted URL: http://www.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru/
Effective URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Submission: On March 10 via api from US — Scanned from US

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 55 HTTP transactions. The main IP is 5.187.4.118, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is mob.howeatu.com.
TLS certificate: Issued by R3 on February 28th 2023. Valid for: 3 months.
This is the only time mob.howeatu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 94.103.183.63 212913 (TIMEHOST-AS)
1 1 5.187.0.70 44066 (DE-FIRSTC...)
41 5.187.4.118 44066 (DE-FIRSTC...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 2607:f8b0:400... 15169 (GOOGLE)
5 11 2a02:6b8::1:119 208722 (GLOBAL_DC)
55 7
Apex Domain
Subdomains
Transfer
41 howeatu.com
mob.howeatu.com
621 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9360
3 KB
4 gstatic.com
fonts.gstatic.com
82 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3749
73 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
75 KB
1 planpitaniya11.ru
planpitaniya11.ru
459 B
1 new-auto-portal.ru
www.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru
353 B
55 8
Domain Requested by
41 mob.howeatu.com mob.howeatu.com
8 mc.yandex.com 3 redirects mob.howeatu.com
4 fonts.gstatic.com fonts.googleapis.com
3 mc.yandex.ru 2 redirects mob.howeatu.com
2 fonts.googleapis.com mob.howeatu.com
1 code.jquery.com mob.howeatu.com
1 planpitaniya11.ru 1 redirects
1 www.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru
55 8

This site contains links to these domains. Also see Links.

Domain
client.howeatu.com
Subject Issuer Validity Valid
howeatu.com
R3
2023-02-28 -
2023-05-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-10-18 -
2023-03-30
5 months crt.sh

This page contains 1 frames:

Primary Page: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Frame ID: 8DF1D12C649E1895D37919B778136041
Requests: 62 HTTP requests in this frame

Screenshot

Page Title

How Eat Plan

Page URL History Show full URLs

  1. http://www.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru/ Page URL
  2. http://planpitaniya11.ru/DVga HTTP 302
    https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_25... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

93 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

854 kB
Transfer

1612 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru/ Page URL
  2. http://planpitaniya11.ru/DVga HTTP 302
    https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9938.Qp2NJxBc1BQFI_UGcGOwsoIQ2DeiKDlFm5FR4-Q_UJdhNEbbiv1t6LWWCQiyjr3v.m7-r3zLZw97pXRiJLt31KRVOgrk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9938.UOXGOyKJMFuO3RVpm7eg_utGvregmJxamTyC-rSg4mdh925OQdRtvDUrSymJMsS46jQpfR2WzEWlQpWlgx2QVSWMp-nRpdz5dxd2yf_4gEs%2C.331kiN95zhfvmrRClAJ7-5qqfu4%2C
Request Chain 58
  • https://mc.yandex.com/watch/80078182?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1582%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1084993074097%3Ahid%3A183109665%3Az%3A0%3Ai%3A20230310124425%3Aet%3A1678452265%3Ac%3A1%3Arn%3A583693315%3Arqn%3A1%3Au%3A1678452265799234062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A65%2C277%2C139%2C92%2C875%2C0%2C%2C531%2C5%2C2223%2C2223%2C2%2C1980%3Aco%3A0%3Acpf%3A1%3Ans%3A1678452262553%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678452266%3At%3AHow%20Eat%20Plan&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/80078182/1?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1582%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1084993074097%3Ahid%3A183109665%3Az%3A0%3Ai%3A20230310124425%3Aet%3A1678452265%3Ac%3A1%3Arn%3A583693315%3Arqn%3A1%3Au%3A1678452265799234062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A65%2C277%2C139%2C92%2C875%2C0%2C%2C531%2C5%2C2223%2C2223%2C2%2C1980%3Aco%3A0%3Acpf%3A1%3Ans%3A1678452262553%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678452266%3At%3AHow%20Eat%20Plan&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 59
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9938.o1hy_S9KfPWVf86dC08lSuN0UPTULKuu8k62EqkPT5bVy9QkRT5vpUfKSHcbEo_0.slr-OROQ6ar9Ba4wlmJTy6WUbvg%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9938.IUDXWrpQB_y3itlzyXs9vLH6I6rDT8r1sNhBhAYMahmodmx_HMD11GTabThJW91xpksUih0oWjnduBGh_U1tnSHkTn9v_h-ZzX1WXRsQ688%2C.y8nA3VcYfM4J7ZUmAfIY97wO-1I%2C

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru/
71 B
353 B
Document
General
Full URL
http://www.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru/
Protocol
HTTP/1.1
Server
94.103.183.63 Moscow, Russian Federation, ASN212913 (TIMEHOST-AS, UA),
Reverse DNS
dream124.ru
Software
Apache /
Resource Hash
d2ca7c7eda552bcf520db4e9a8a1d036c49998bb3bb745389117f8797038f922

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
71
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Mar 2023 12:44:22 GMT
ETag
"47-5f64eb54a9840"
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 07 Mar 2023 12:39:53 GMT
Server
Apache
Primary Request /
mob.howeatu.com/
Redirect Chain
  • http://planpitaniya11.ru/DVga
  • https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
101 KB
29 KB
Document
General
Full URL
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
3e5ee94ee13bf8b5bc553b2998944e15b039bb44c16c692f4d98fa2fc0c7869b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 10 Mar 2023 12:44:23 GMT
etag
W/"637dd515-192f9"
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 10 Mar 2023 12:44:23 GMT
Location
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Server
nginx
Transfer-Encoding
chunked
slick.css
mob.howeatu.com/css/
1 KB
702 B
Stylesheet
General
Full URL
https://mob.howeatu.com/css/slick.css
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a20debf70ed5ac2d94ccf79320caf0d202fae423dd9eaeafec377a7197a561a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:10:11 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd563-4f3"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
slick-theme.css
mob.howeatu.com/css/
2 KB
979 B
Stylesheet
General
Full URL
https://mob.howeatu.com/css/slick-theme.css
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
6d21824a15b7f09a6594085569aac9b4614d4d80bb3b4b2a16c5f104d4eeb15a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:10:11 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd563-911"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
css2
fonts.googleapis.com/
1 KB
871 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Prata&display=swap
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96c4e58e8a03bbdefeb244e74873ce152349cdb30b308628dd7c3e2d7c7e118a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Mar 2023 12:44:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 12:43:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Mar 2023 12:44:23 GMT
css2
fonts.googleapis.com/
19 KB
923 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab0fa9c93fab0eb6648fa9e816fc7d7565843ec93ffabbc79884f4ceff243e6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Mar 2023 12:44:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 12:44:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Mar 2023 12:44:23 GMT
style.css
mob.howeatu.com/css/
27 KB
5 KB
Stylesheet
General
Full URL
https://mob.howeatu.com/css/style.css
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a56e97fbc21c258a36cd7237dde7856124c53811fbfe29d5506b2de71cf5ef38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:10:11 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd563-6ce0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
jquery-2.2.4.js
code.jquery.com/
252 KB
75 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

Referer
https://mob.howeatu.com/
Origin
https://mob.howeatu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:23 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-3ee0f"
vary
Accept-Encoding
x-hw
1678452263.dop146.ny3.t,1678452263.cds219.ny3.hn,1678452263.cds201.ny3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
76245
avocado.webp
mob.howeatu.com/img/
55 KB
55 KB
Image
General
Full URL
https://mob.howeatu.com/img/avocado.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
9760126ff5aa053e4cd2fa98601cfc4eb9d2ae1f14a0b2368d67619d5f151927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-dc0c"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
56332
logo.svg
mob.howeatu.com/img/
18 KB
18 KB
Image
General
Full URL
https://mob.howeatu.com/img/logo.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
27e6611b052aa46e89c711cd683300ed9910bb42af74ef367c2459b2dda819d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-4698"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
18072
active_2x.webp
mob.howeatu.com/img/
19 KB
19 KB
Image
General
Full URL
https://mob.howeatu.com/img/active_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
10a46bb0bc012a7017a72155ec97e21522dc3874ab90408a43a5f4036078e7cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-4bd2"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
19410
meat_2x.webp
mob.howeatu.com/img/
21 KB
21 KB
Image
General
Full URL
https://mob.howeatu.com/img/meat_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
27456a86ba8c72a6ed26a56148b6c5e2e857e51c16c5880f0949533702015f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-52e4"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
21220
veg_2x.webp
mob.howeatu.com/img/
26 KB
26 KB
Image
General
Full URL
https://mob.howeatu.com/img/veg_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
42098e9f0832ab3821a0c128bf6734e34d7061faab784988c5d2b1181b3c63ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-66e0"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
26336
eat_2x.webp
mob.howeatu.com/img/
34 KB
34 KB
Image
General
Full URL
https://mob.howeatu.com/img/eat_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
db5189c701eb9686d85b5fa62d48d376e2442f149f1f1aa794b1b27433b10c3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-86c6"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
34502
day_2x.webp
mob.howeatu.com/img/
18 KB
18 KB
Image
General
Full URL
https://mob.howeatu.com/img/day_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
75e66a53cb4eb10911152911ba8e31a5597a046ab7f474b96dd0406a4d656404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-4642"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
17986
habits_2x.webp
mob.howeatu.com/img/
26 KB
26 KB
Image
General
Full URL
https://mob.howeatu.com/img/habits_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
4f9fa48848443dd0af9d2f2d8dcaeea3d5da969f6ab95c087a1297278ce4e256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-66a4"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
26276
param_2x.webp
mob.howeatu.com/img/
17 KB
17 KB
Image
General
Full URL
https://mob.howeatu.com/img/param_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
51e81e18fa29539f2df42999caa1304b711762115dbbb6f96569f4f15a284c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-4262"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
16994
creation-1_2x.webp
mob.howeatu.com/img/
27 KB
27 KB
Image
General
Full URL
https://mob.howeatu.com/img/creation-1_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
c9164f2fcc7abd8cd5f179d52924aca0b2b15eabc7104c71e918a315209fc47b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-6b40"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
27456
creation-2_2x.webp
mob.howeatu.com/img/
27 KB
27 KB
Image
General
Full URL
https://mob.howeatu.com/img/creation-2_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
ae3cb33ab3edd530289c225cd7e7fc0b8ad38576828e42e9c09bb9c45e3a262a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-6bd2"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
27602
creation-3_2x.webp
mob.howeatu.com/img/
30 KB
31 KB
Image
General
Full URL
https://mob.howeatu.com/img/creation-3_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
848baddeeeb8a4b8d47d7434a14852d405ef8c424b8deae21bf671f777fdf7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-79c8"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
31176
creation-4_2x.webp
mob.howeatu.com/img/
26 KB
26 KB
Image
General
Full URL
https://mob.howeatu.com/img/creation-4_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
effed7f323a7d2b7a4c9d716a528229bb9487de84e2e56fb428d2374b5664f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-6754"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
26452
help_2x.webp
mob.howeatu.com/img/
3 KB
3 KB
Image
General
Full URL
https://mob.howeatu.com/img/help_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
e1b6836413a8e89375cc01f0e2e3ebc96a278369b64b6b3aa9078a1d8c443de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-a06"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
2566
close.webp
mob.howeatu.com/img/
162 B
376 B
Image
General
Full URL
https://mob.howeatu.com/img/close.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
2802df914b2f462ee9b94ecfcb6f0e65ad41976db3b1dca4eaf19bf0b79b89ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-a2"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
162
line.webp
mob.howeatu.com/img/
898 B
1 KB
Image
General
Full URL
https://mob.howeatu.com/img/line.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
d563bf88e6062dba9351399ab0766bc7be80dad7a4ec330b5723d64325cb7330
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-382"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
898
drop.webp
mob.howeatu.com/img/
376 B
591 B
Image
General
Full URL
https://mob.howeatu.com/img/drop.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
d7f472fe7df29a69d2766da82c6d35e705ae2c267076f4183fe7e19fa7fc5a34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-178"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
376
calories.svg
mob.howeatu.com/img/
4 KB
4 KB
Image
General
Full URL
https://mob.howeatu.com/img/calories.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
9a790e5f2295099b82dc899deabe42f80905feba5c8c7dce09301fdadc2ed49a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-ef1"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
3825
bottle.svg
mob.howeatu.com/img/
2 KB
2 KB
Image
General
Full URL
https://mob.howeatu.com/img/bottle.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
9f58db579bed6dba80f3a0d44e4cf2ab050094ad47c2c3e0e596d663e76e8665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-747"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
1863
body_2x.webp
mob.howeatu.com/img/
7 KB
7 KB
Image
General
Full URL
https://mob.howeatu.com/img/body_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
728cb89c47bd7fea479d9277f5cc77c6fac298a1db7c37af7a9a8712fcd74714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-1b44"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
6980
scales.svg
mob.howeatu.com/img/
1 KB
1 KB
Image
General
Full URL
https://mob.howeatu.com/img/scales.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
8eed3f9e46e9b93f44aa6216e1a39b815ff9ffbe684a9c8b725538d9d7b60b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-4a5"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
1189
plan_2x.webp
mob.howeatu.com/img/
6 KB
6 KB
Image
General
Full URL
https://mob.howeatu.com/img/plan_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
852251aaaafc996c443aa4227a2faf282e5e6dfa15569f8c07b26b95631e811b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-1760"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
5984
chart_2x.webp
mob.howeatu.com/img/
3 KB
3 KB
Image
General
Full URL
https://mob.howeatu.com/img/chart_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
b75bca401e828d0f11f1ec384b512743965ad1711c4418381d01ff3ce3ccb4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-a5a"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
2650
slide-img-1.webp
mob.howeatu.com/img/
12 KB
12 KB
Image
General
Full URL
https://mob.howeatu.com/img/slide-img-1.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
de11004b272b251e65bc73c6090087fae633316362d411b810f09de16178ffb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-2f9a"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
12186
slide-img-2.webp
mob.howeatu.com/img/
23 KB
24 KB
Image
General
Full URL
https://mob.howeatu.com/img/slide-img-2.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
3d9a876749233f2e8a6c9a0dee68ba4868b56e9fcadb5920807e27e1a901e146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-5d14"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
23828
slide-img-3.webp
mob.howeatu.com/img/
18 KB
18 KB
Image
General
Full URL
https://mob.howeatu.com/img/slide-img-3.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
b8bc2cc73cd936294ce6748e881bc26fd7d8a32bb5111dff1b0492a89dd03958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-47f8"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
18424
clipboard.svg
mob.howeatu.com/img/
2 KB
2 KB
Image
General
Full URL
https://mob.howeatu.com/img/clipboard.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a4306944438913020b71fa3e4325386894edb8b7a4520cd8114975c13c83916d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-8a3"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
2211
food.svg
mob.howeatu.com/img/
4 KB
5 KB
Image
General
Full URL
https://mob.howeatu.com/img/food.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
17570af5f3aac0a1d9f99127878a57246e5dbe06a8d3e83b33e39b562ca8a324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-118a"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
4490
recipe-book.svg
mob.howeatu.com/img/
2 KB
3 KB
Image
General
Full URL
https://mob.howeatu.com/img/recipe-book.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a00a3a611e8e84edee995e1daef41b212a095f48d8c3f7fa2453def54c5251dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-9d6"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
2518
cupcake.svg
mob.howeatu.com/img/
4 KB
4 KB
Image
General
Full URL
https://mob.howeatu.com/img/cupcake.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
12227ebefe8f3a629eb2477299dceb1da69ba24e38a01d80e21ff7ea28a44240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-f3c"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
3900
bundle.js
mob.howeatu.com/_sys/js/
374 KB
87 KB
Script
General
Full URL
https://mob.howeatu.com/_sys/js/bundle.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
4795e431cdbe764e3a33c7d7e6d61c040bc4a7dbbbda9afbc8d79c010c798480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 10 Mar 2023 11:26:49 GMT
server
nginx
content-encoding
gzip
etag
W/"640b13f9-5d67d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
slick.min.js
mob.howeatu.com/js/
41 KB
10 KB
Script
General
Full URL
https://mob.howeatu.com/js/slick.min.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
25ec06817c90bbc4a4d401873cc727c92318ed250b271385bd44757dff373473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd515-a49f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
jquery.animateNumber.min.js
mob.howeatu.com/js/
1 KB
875 B
Script
General
Full URL
https://mob.howeatu.com/js/jquery.animateNumber.min.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a56c70f7175903c48a5ee31299849563184148bdf0c66588bf044c228777a297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd515-4df"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
scripts.js
mob.howeatu.com/js/
10 KB
3 KB
Script
General
Full URL
https://mob.howeatu.com/js/scripts.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
81e1fea6b4e1bc6cae9b61a899212e8b01dfef6b80415ceb21c46939d0004029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd515-29c9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
urlParams.js
mob.howeatu.com/js/
195 B
427 B
Script
General
Full URL
https://mob.howeatu.com/js/urlParams.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
8c7e5ee29d4af8df9d0d8a04bea3aed88a70d682514f049374642a8628c68482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-c3"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
content-length
195
body-bg.png
mob.howeatu.com/img/
41 KB
41 KB
Image
General
Full URL
https://mob.howeatu.com/img/body-bg.png
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
665daf8422e61c75457220c31d41c6a510de432a0c79a02e5f2274233a395b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-a232"
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
41522
6xKhdSpbNNCT-sWLCm7JLQ.woff2
fonts.gstatic.com/s/prata/v18/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/prata/v18/6xKhdSpbNNCT-sWLCm7JLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prata&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6bcac65940833ea880e91d719671f35204de10545d415575970bc6344bad19b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mob.howeatu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 20:05:48 GMT
x-content-type-options
nosniff
age
232716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12768
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:41:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Mar 2024 20:05:48 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mob.howeatu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 23:11:44 GMT
x-content-type-options
nosniff
age
135160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21276
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:01:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Mar 2024 23:11:44 GMT
6xKhdSpbNNCT-sWPCm4.woff2
fonts.gstatic.com/s/prata/v18/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/prata/v18/6xKhdSpbNNCT-sWPCm4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prata&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bcb1e2c165a9dab26ede996b90fc62ce359f19cdcf076aa09876a943f20075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mob.howeatu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 19:15:05 GMT
x-content-type-options
nosniff
age
235759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18396
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:41:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Mar 2024 19:15:05 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mob.howeatu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 02:34:22 GMT
x-content-type-options
nosniff
age
36602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 02:34:22 GMT
domain
mob.howeatu.com/
7 KB
2 KB
Fetch
General
Full URL
https://mob.howeatu.com/domain?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/_sys/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx / PHP/7.4.30
Resource Hash
f07965b7e5aaa804786ff130624a005763792a0b02a9f10ac1f23da0282d2490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2726243&utm_term=1012_2505431341
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, private
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
178f86d5b510e200c46c7f528bbe148d207d545130ba99157bef327ffbab7828

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf64af538275379131ee54530f1d6fa546de3708f877aeff2ec57c30a131ece3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
983 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7144cbe7a69d67a0e3590f76ce781884bdfaee992c650eff0639a21313cd2f9d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f835a2e5ec4550bfc72954d84d811ab7bd54eb9f4bf56b2a2d395db34c163f0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
709 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e805811761c928ec88ee9acf9b7e82976495c738f6e4aa038b8ab80b31d22242

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3100bd49cd2b1f62591ce786a107ce232fb11786e149cea6f084552620f37a57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
608 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
094e22cc6b61a5959d32a44f1f9bab7b1be6e589b47b9cf246c7628bdefb603b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
tag.js
mc.yandex.ru/metrika/
211 KB
73 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/_sys/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Mar 2023 10:05:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6406e24d-11fef"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73711
expires
Fri, 10 Mar 2023 13:44:25 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9938.Qp2NJxBc1BQFI_UGcGOwsoIQ2DeiKDlFm5FR4-Q_UJdhNEbbiv1t6LWWCQiyjr3v.m7-r3zLZw97pXRiJLt31KRVOgrk%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9938.UOXGOyKJMFuO3RVpm7eg_utGvregmJxamTyC-rSg4mdh925OQdRtvDUrSymJMsS46jQpfR2WzEWlQpWlgx2QVSWMp-nRpdz5dxd2yf_4gEs%2C.331kiN95zhfvmrRClAJ7-5qqfu4%2C
43 B
67 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9938.UOXGOyKJMFuO3RVpm7eg_utGvregmJxamTyC-rSg4mdh925OQdRtvDUrSymJMsS46jQpfR2WzEWlQpWlgx2QVSWMp-nRpdz5dxd2yf_4gEs%2C.331kiN95zhfvmrRClAJ7-5qqfu4%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:25 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9938.UOXGOyKJMFuO3RVpm7eg_utGvregmJxamTyC-rSg4mdh925OQdRtvDUrSymJMsS46jQpfR2WzEWlQpWlgx2QVSWMp-nRpdz5dxd2yf_4gEs%2C.331kiN95zhfvmrRClAJ7-5qqfu4%2C
date
Fri, 10 Mar 2023 12:44:25 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
113 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:25 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Mar 2023 10:05:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6406e24d-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 10 Mar 2023 13:44:25 GMT
1
mc.yandex.com/watch/80078182/
Redirect Chain
  • https://mc.yandex.com/watch/80078182?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru%2F&charset=utf-8&browser-info=pv%3...
  • https://mc.yandex.com/watch/80078182/1?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru%2F&charset=utf-8&browser-info=pv...
435 B
518 B
XHR
General
Full URL
https://mc.yandex.com/watch/80078182/1?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1582%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1084993074097%3Ahid%3A183109665%3Az%3A0%3Ai%3A20230310124425%3Aet%3A1678452265%3Ac%3A1%3Arn%3A583693315%3Arqn%3A1%3Au%3A1678452265799234062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A65%2C277%2C139%2C92%2C875%2C0%2C%2C531%2C5%2C2223%2C2223%2C2%2C1980%3Aco%3A0%3Acpf%3A1%3Ans%3A1678452262553%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678452266%3At%3AHow%20Eat%20Plan&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
d9dc5afc4529a9c838a6fe08610d9ee7c64ad5f708477b8ce9ed63c256ae0708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 12:44:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 10-Mar-2023 12:44:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mob.howeatu.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Fri, 10-Mar-2023 12:44:25 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Mar 2023 12:44:25 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 10-Mar-2023 12:44:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/80078182/1?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1582%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1084993074097%3Ahid%3A183109665%3Az%3A0%3Ai%3A20230310124425%3Aet%3A1678452265%3Ac%3A1%3Arn%3A583693315%3Arqn%3A1%3Au%3A1678452265799234062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A65%2C277%2C139%2C92%2C875%2C0%2C%2C531%2C5%2C2223%2C2223%2C2%2C1980%3Aco%3A0%3Acpf%3A1%3Ans%3A1678452262553%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678452266%3At%3AHow%20Eat%20Plan&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://mob.howeatu.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 10-Mar-2023 12:44:25 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9938.o1hy_S9KfPWVf86dC08lSuN0UPTULKuu8k62EqkPT5bVy9QkRT5vpUfKSHcbEo_0.slr-OROQ6ar9Ba4wlmJTy6WUbvg%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9938.IUDXWrpQB_y3itlzyXs9vLH6I6rDT8r1sNhBhAYMahmodmx_HMD11GTabThJW91xpksUih0oWjnduBGh_U1tnSHkTn9v_h-ZzX1WXRsQ688%2C.y8nA3VcYfM4J7ZUmAf...
43 B
67 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9938.IUDXWrpQB_y3itlzyXs9vLH6I6rDT8r1sNhBhAYMahmodmx_HMD11GTabThJW91xpksUih0oWjnduBGh_U1tnSHkTn9v_h-ZzX1WXRsQ688%2C.y8nA3VcYfM4J7ZUmAfIY97wO-1I%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 12:44:26 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9938.IUDXWrpQB_y3itlzyXs9vLH6I6rDT8r1sNhBhAYMahmodmx_HMD11GTabThJW91xpksUih0oWjnduBGh_U1tnSHkTn9v_h-ZzX1WXRsQ688%2C.y8nA3VcYfM4J7ZUmAfIY97wO-1I%2C
date
Fri, 10 Mar 2023 12:44:26 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1
mc.yandex.com/watch/80078182/
43 B
342 B
XHR
General
Full URL
https://mc.yandex.com/watch/80078182/1?page-url=https%3A%2F%2Fmob.howeatu.com%2F&charset=utf-8&hittoken=1678452265_934becc8d7d19f459aaab82ee31dffbf1220179a08ac58f474998477461c87c5&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A1084993074097%3Ahid%3A183109665%3Az%3A0%3Ai%3A20230310124426%3Aet%3A1678452266%3Ac%3A1%3Arn%3A33090125%3Arqn%3A2%3Au%3A1678452265799234062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678452262553%3Aadb%3A2%3Ast%3A1678452266&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)lt(9500)aw(1)ti(2)
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/_sys/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mob.howeatu.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 12:44:26 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 10-Mar-2023 12:44:26 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://mob.howeatu.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 10-Mar-2023 12:44:26 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| _excluded function| _objectWithoutProperties function| _objectWithoutPropertiesLoose function| _get function| _superPropBase function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _createForOfIteratorHelper function| ownKeys function| _objectSpread function| _defineProperty function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _classCallCheck function| _inherits function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _wrapNativeSuper function| _construct function| _isNativeReflectConstruct function| _isNativeFunction function| _setPrototypeOf function| _getPrototypeOf function| _typeof function| SentryDomain function| debounce object| app object| Sentry function| Vue function| canUseWebP object| __SENTRY__ function| burgerMenu boolean| ref boolean| isResponse function| ym object| Ya object| __sentry_instrumentation_handlers__ object| yaCounter80078182

14 Cookies

Domain/Path Name / Value
.planpitaniya11.ru/ Name: ad1QUdONVNLZXgxa09pSFdYWjREcEN4QT09
Value: 1
mob.howeatu.com/ Name: _utmc
Value: %7B%22utm_campaign%22%3A%222726243%22%2C%22utm_medium%22%3A%221012_930434%22%2C%22utm_source%22%3A%22cpa%22%2C%22utm_term%22%3A%221012_2505431341%22%2C%22utm_content%22%3Anull%7D
.mob.howeatu.com/ Name: lgl
Value: 9
.howeatu.com/ Name: _ym_uid
Value: 1678452265799234062
.howeatu.com/ Name: _ym_d
Value: 1678452265
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3554246255fake
.howeatu.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1921658576fake
mc.yandex.com/ Name: yabs-sid
Value: 229457951678452265
.yandex.com/ Name: i
Value: imdErgwKJPx+2i569O+IeFsM+FM34BIIlfC2zvPAdfCw9AKKLW80KjLJQf3yS9kk6DEaZwsUxr+bL9yKpGi3bDe57c0=
.yandex.com/ Name: yandexuid
Value: 4350453441678452265
.yandex.com/ Name: yuidss
Value: 4350453441678452265
.yandex.com/ Name: ymex
Value: 1709988265.yc.1678452265#1709988265.yrts.1678452265#1709988265.yrtsi.1678452265
.howeatu.com/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
mob.howeatu.com
planpitaniya11.ru
www.git.git.git.gitlab.gitlab.ford.new-auto-portal.ru
2001:4de0:ac18::1:a:2b
2607:f8b0:4006:809::2003
2607:f8b0:4006:81d::200a
2a02:6b8::1:119
5.187.0.70
5.187.4.118
94.103.183.63
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
094e22cc6b61a5959d32a44f1f9bab7b1be6e589b47b9cf246c7628bdefb603b
10a46bb0bc012a7017a72155ec97e21522dc3874ab90408a43a5f4036078e7cd
12227ebefe8f3a629eb2477299dceb1da69ba24e38a01d80e21ff7ea28a44240
17570af5f3aac0a1d9f99127878a57246e5dbe06a8d3e83b33e39b562ca8a324
178f86d5b510e200c46c7f528bbe148d207d545130ba99157bef327ffbab7828
25ec06817c90bbc4a4d401873cc727c92318ed250b271385bd44757dff373473
27456a86ba8c72a6ed26a56148b6c5e2e857e51c16c5880f0949533702015f2a
27e6611b052aa46e89c711cd683300ed9910bb42af74ef367c2459b2dda819d5
2802df914b2f462ee9b94ecfcb6f0e65ad41976db3b1dca4eaf19bf0b79b89ce
3100bd49cd2b1f62591ce786a107ce232fb11786e149cea6f084552620f37a57
3d9a876749233f2e8a6c9a0dee68ba4868b56e9fcadb5920807e27e1a901e146
3e5ee94ee13bf8b5bc553b2998944e15b039bb44c16c692f4d98fa2fc0c7869b
3f835a2e5ec4550bfc72954d84d811ab7bd54eb9f4bf56b2a2d395db34c163f0
42098e9f0832ab3821a0c128bf6734e34d7061faab784988c5d2b1181b3c63ca
4795e431cdbe764e3a33c7d7e6d61c040bc4a7dbbbda9afbc8d79c010c798480
4f9fa48848443dd0af9d2f2d8dcaeea3d5da969f6ab95c087a1297278ce4e256
51e81e18fa29539f2df42999caa1304b711762115dbbb6f96569f4f15a284c14
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
665daf8422e61c75457220c31d41c6a510de432a0c79a02e5f2274233a395b5f
6d21824a15b7f09a6594085569aac9b4614d4d80bb3b4b2a16c5f104d4eeb15a
7144cbe7a69d67a0e3590f76ce781884bdfaee992c650eff0639a21313cd2f9d
728cb89c47bd7fea479d9277f5cc77c6fac298a1db7c37af7a9a8712fcd74714
75bcb1e2c165a9dab26ede996b90fc62ce359f19cdcf076aa09876a943f20075
75e66a53cb4eb10911152911ba8e31a5597a046ab7f474b96dd0406a4d656404
81e1fea6b4e1bc6cae9b61a899212e8b01dfef6b80415ceb21c46939d0004029
848baddeeeb8a4b8d47d7434a14852d405ef8c424b8deae21bf671f777fdf7a4
852251aaaafc996c443aa4227a2faf282e5e6dfa15569f8c07b26b95631e811b
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
8c7e5ee29d4af8df9d0d8a04bea3aed88a70d682514f049374642a8628c68482
8eed3f9e46e9b93f44aa6216e1a39b815ff9ffbe684a9c8b725538d9d7b60b49
96c4e58e8a03bbdefeb244e74873ce152349cdb30b308628dd7c3e2d7c7e118a
9760126ff5aa053e4cd2fa98601cfc4eb9d2ae1f14a0b2368d67619d5f151927
9a790e5f2295099b82dc899deabe42f80905feba5c8c7dce09301fdadc2ed49a
9f58db579bed6dba80f3a0d44e4cf2ab050094ad47c2c3e0e596d663e76e8665
a00a3a611e8e84edee995e1daef41b212a095f48d8c3f7fa2453def54c5251dc
a20debf70ed5ac2d94ccf79320caf0d202fae423dd9eaeafec377a7197a561a7
a4306944438913020b71fa3e4325386894edb8b7a4520cd8114975c13c83916d
a56c70f7175903c48a5ee31299849563184148bdf0c66588bf044c228777a297
a56e97fbc21c258a36cd7237dde7856124c53811fbfe29d5506b2de71cf5ef38
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
ab0fa9c93fab0eb6648fa9e816fc7d7565843ec93ffabbc79884f4ceff243e6d
ae3cb33ab3edd530289c225cd7e7fc0b8ad38576828e42e9c09bb9c45e3a262a
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b75bca401e828d0f11f1ec384b512743965ad1711c4418381d01ff3ce3ccb4a9
b8bc2cc73cd936294ce6748e881bc26fd7d8a32bb5111dff1b0492a89dd03958
c9164f2fcc7abd8cd5f179d52924aca0b2b15eabc7104c71e918a315209fc47b
cf64af538275379131ee54530f1d6fa546de3708f877aeff2ec57c30a131ece3
d2ca7c7eda552bcf520db4e9a8a1d036c49998bb3bb745389117f8797038f922
d563bf88e6062dba9351399ab0766bc7be80dad7a4ec330b5723d64325cb7330
d7f472fe7df29a69d2766da82c6d35e705ae2c267076f4183fe7e19fa7fc5a34
d9dc5afc4529a9c838a6fe08610d9ee7c64ad5f708477b8ce9ed63c256ae0708
db5189c701eb9686d85b5fa62d48d376e2442f149f1f1aa794b1b27433b10c3c
de11004b272b251e65bc73c6090087fae633316362d411b810f09de16178ffb9
e1b6836413a8e89375cc01f0e2e3ebc96a278369b64b6b3aa9078a1d8c443de1
e805811761c928ec88ee9acf9b7e82976495c738f6e4aa038b8ab80b31d22242
effed7f323a7d2b7a4c9d716a528229bb9487de84e2e56fb428d2374b5664f48
f07965b7e5aaa804786ff130624a005763792a0b02a9f10ac1f23da0282d2490
f6bcac65940833ea880e91d719671f35204de10545d415575970bc6344bad19b