Submitted URL: http://www.gitlab.utopie2.ru/
Effective URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Submission: On February 08 via api from US — Scanned from US

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 55 HTTP transactions. The main IP is 5.187.4.118, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is mob.howeatu.com.
TLS certificate: Issued by R3 on December 30th 2022. Valid for: 3 months.
This is the only time mob.howeatu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 94.103.183.63 212913 (TIMEHOST-AS)
1 1 91.228.154.172 44066 (DE-FIRSTC...)
41 5.187.4.118 44066 (DE-FIRSTC...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 2607:f8b0:400... 15169 (GOOGLE)
5 11 2a02:6b8::1:119 208722 (GLOBAL_DC)
55 7
Apex Domain
Subdomains
Transfer
41 howeatu.com
mob.howeatu.com
622 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9092
3 KB
4 gstatic.com
fonts.gstatic.com
82 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3735
73 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 673
75 KB
1 clicktvf.com
clicktvf.com
454 B
1 utopie2.ru
www.gitlab.utopie2.ru
349 B
55 8
Domain Requested by
41 mob.howeatu.com mob.howeatu.com
8 mc.yandex.com 3 redirects mob.howeatu.com
4 fonts.gstatic.com fonts.googleapis.com
3 mc.yandex.ru 2 redirects mob.howeatu.com
2 fonts.googleapis.com mob.howeatu.com
1 code.jquery.com mob.howeatu.com
1 clicktvf.com 1 redirects
1 www.gitlab.utopie2.ru
55 8

This site contains links to these domains. Also see Links.

Domain
client.howeatu.com
Subject Issuer Validity Valid
howeatu.com
R3
2022-12-30 -
2023-03-30
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-10-18 -
2023-03-30
5 months crt.sh

This page contains 1 frames:

Primary Page: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Frame ID: 6CBE37513AFE671E721DCC5CA09B09E4
Requests: 62 HTTP requests in this frame

Screenshot

Page Title

How Eat Plan

Page URL History Show full URLs

  1. http://www.gitlab.utopie2.ru/ Page URL
  2. https://clicktvf.com/E24u HTTP 302
    https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_24... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

93 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

855 kB
Transfer

1623 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.gitlab.utopie2.ru/ Page URL
  2. https://clicktvf.com/E24u HTTP 302
    https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9907.3iB2YtJy84KVJC3tYEr1nj9D0FhDdjXy8T2gzHQwoSazp85dwDCltT1VvoPNbCy8.IPWr7HReQKIWZDbC2rAKBLAGxU4%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9907.VydOhr5Bs7L9PsneJV-uCBLXzISqa2q2Q7aIeOhbx-gyJcb4LNvgD9PPOn7TQHCeECBV3J39UGDF5Z2mR3LAEj-O9H22hpnmxBJvbIW-Iww%2C.J640gHPBE8AYWQqkmD2g2P6pWb0%2C
Request Chain 58
  • https://mc.yandex.com/watch/80078182?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.gitlab.utopie2.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1802%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A924034033409%3Ahid%3A1064399048%3Az%3A0%3Ai%3A20230208025421%3Aet%3A1675824862%3Ac%3A1%3Arn%3A290036123%3Arqn%3A1%3Au%3A1675824862756088454%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A72%2C312%2C159%2C112%2C620%2C0%2C%2C737%2C7%2C2414%2C2414%2C2%2C2016%3Aco%3A0%3Acpf%3A1%3Ans%3A1675824858691%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675824862%3At%3AHow%20Eat%20Plan&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/80078182/1?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.gitlab.utopie2.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1802%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A924034033409%3Ahid%3A1064399048%3Az%3A0%3Ai%3A20230208025421%3Aet%3A1675824862%3Ac%3A1%3Arn%3A290036123%3Arqn%3A1%3Au%3A1675824862756088454%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A72%2C312%2C159%2C112%2C620%2C0%2C%2C737%2C7%2C2414%2C2414%2C2%2C2016%3Aco%3A0%3Acpf%3A1%3Ans%3A1675824858691%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675824862%3At%3AHow%20Eat%20Plan&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 59
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9907.4vXpY11M7xXDMOs5yIHcRPAcZFftELIqrz_CYnucAiP8gdbcpHTEXoRQpZY_OAo_.nhT7_jrhJ12f0IW6vl1lL4eejuE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9907.cSwLNOis7I_DnF8tcfemRBG2GaEeEOibd1SlmyizkK8cvT_Y2UaoGOF1N9di32_73zMsNEY2Mf6klVI-3iRIXKWUefN-lBxPDWuMg4vcICs%2C.m6V7LG19s9U6IwJKCLlToONov-Y%2C

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.gitlab.utopie2.ru/
67 B
349 B
Document
General
Full URL
http://www.gitlab.utopie2.ru/
Protocol
HTTP/1.1
Server
94.103.183.63 Moscow, Russian Federation, ASN212913 (TIMEHOST-AS, UA),
Reverse DNS
dream124.ru
Software
Apache /
Resource Hash
a5427f81716f26c79e361fdcfcaadedc6f47d709e9666d03cc8cd9eff6033870

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
67
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Feb 2023 02:54:18 GMT
ETag
"43-5f34f2f0e8540"
Keep-Alive
timeout=5, max=100
Last-Modified
Sat, 28 Jan 2023 08:58:21 GMT
Server
Apache
Primary Request /
mob.howeatu.com/
Redirect Chain
  • https://clicktvf.com/E24u
  • https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
101 KB
29 KB
Document
General
Full URL
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
3e5ee94ee13bf8b5bc553b2998944e15b039bb44c16c692f4d98fa2fc0c7869b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.gitlab.utopie2.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 08 Feb 2023 02:54:19 GMT
etag
W/"637dd515-192f9"
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Feb 2023 02:54:19 GMT
Location
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Server
nginx
Transfer-Encoding
chunked
slick.css
mob.howeatu.com/css/
1 KB
702 B
Stylesheet
General
Full URL
https://mob.howeatu.com/css/slick.css
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a20debf70ed5ac2d94ccf79320caf0d202fae423dd9eaeafec377a7197a561a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:10:11 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd563-4f3"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
slick-theme.css
mob.howeatu.com/css/
2 KB
979 B
Stylesheet
General
Full URL
https://mob.howeatu.com/css/slick-theme.css
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
6d21824a15b7f09a6594085569aac9b4614d4d80bb3b4b2a16c5f104d4eeb15a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:10:11 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd563-911"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
css2
fonts.googleapis.com/
1 KB
871 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Prata&display=swap
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96c4e58e8a03bbdefeb244e74873ce152349cdb30b308628dd7c3e2d7c7e118a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 02:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 02:46:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 02:54:20 GMT
css2
fonts.googleapis.com/
19 KB
923 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab0fa9c93fab0eb6648fa9e816fc7d7565843ec93ffabbc79884f4ceff243e6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 02:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 02:54:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 02:54:20 GMT
style.css
mob.howeatu.com/css/
27 KB
5 KB
Stylesheet
General
Full URL
https://mob.howeatu.com/css/style.css
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a56e97fbc21c258a36cd7237dde7856124c53811fbfe29d5506b2de71cf5ef38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:10:11 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd563-6ce0"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
jquery-2.2.4.js
code.jquery.com/
252 KB
75 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

Referer
https://mob.howeatu.com/
Origin
https://mob.howeatu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
content-encoding
gzip
x-sp-metadata
HS256.COy5jJ8GEo0BCiRmNjgwOGNjMi1hYTBjLTQzNDUtOGJlYi0yODU3NDc3YjljYTAQqKenrJKE/QIaBgjcnYyfBiISMjYwMjpmZmM4OjI6MTA0OjozKKSrAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYzlkOWM1OTEtNDk5ZC00N2U0LWI5NmQtYjM4YWE4NTFjNjY4GNXTBCIYCAISFGNkczE0MS5hbTUuaHdjZG4ubmV0.tlbxeNTrTgCe6RomU8d86GoFZeFj5jnXDU8ysw3xKHs=
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-3ee0f"
vary
Accept-Encoding
x-hw
1675824860.dop007.am5.t,1675824860.cds267.am5.hn,1675824860.cds141.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
76245
avocado.webp
mob.howeatu.com/img/
55 KB
55 KB
Image
General
Full URL
https://mob.howeatu.com/img/avocado.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
9760126ff5aa053e4cd2fa98601cfc4eb9d2ae1f14a0b2368d67619d5f151927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-dc0c"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
56332
logo.svg
mob.howeatu.com/img/
18 KB
18 KB
Image
General
Full URL
https://mob.howeatu.com/img/logo.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
27e6611b052aa46e89c711cd683300ed9910bb42af74ef367c2459b2dda819d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-4698"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
18072
active_2x.webp
mob.howeatu.com/img/
19 KB
19 KB
Image
General
Full URL
https://mob.howeatu.com/img/active_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
10a46bb0bc012a7017a72155ec97e21522dc3874ab90408a43a5f4036078e7cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-4bd2"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
19410
meat_2x.webp
mob.howeatu.com/img/
21 KB
21 KB
Image
General
Full URL
https://mob.howeatu.com/img/meat_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
27456a86ba8c72a6ed26a56148b6c5e2e857e51c16c5880f0949533702015f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-52e4"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
21220
veg_2x.webp
mob.howeatu.com/img/
26 KB
26 KB
Image
General
Full URL
https://mob.howeatu.com/img/veg_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
42098e9f0832ab3821a0c128bf6734e34d7061faab784988c5d2b1181b3c63ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-66e0"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
26336
eat_2x.webp
mob.howeatu.com/img/
34 KB
34 KB
Image
General
Full URL
https://mob.howeatu.com/img/eat_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
db5189c701eb9686d85b5fa62d48d376e2442f149f1f1aa794b1b27433b10c3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-86c6"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
34502
day_2x.webp
mob.howeatu.com/img/
18 KB
18 KB
Image
General
Full URL
https://mob.howeatu.com/img/day_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
75e66a53cb4eb10911152911ba8e31a5597a046ab7f474b96dd0406a4d656404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-4642"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
17986
habits_2x.webp
mob.howeatu.com/img/
26 KB
26 KB
Image
General
Full URL
https://mob.howeatu.com/img/habits_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
4f9fa48848443dd0af9d2f2d8dcaeea3d5da969f6ab95c087a1297278ce4e256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-66a4"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
26276
param_2x.webp
mob.howeatu.com/img/
17 KB
17 KB
Image
General
Full URL
https://mob.howeatu.com/img/param_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
51e81e18fa29539f2df42999caa1304b711762115dbbb6f96569f4f15a284c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-4262"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
16994
creation-1_2x.webp
mob.howeatu.com/img/
27 KB
27 KB
Image
General
Full URL
https://mob.howeatu.com/img/creation-1_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
c9164f2fcc7abd8cd5f179d52924aca0b2b15eabc7104c71e918a315209fc47b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-6b40"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
27456
creation-2_2x.webp
mob.howeatu.com/img/
27 KB
27 KB
Image
General
Full URL
https://mob.howeatu.com/img/creation-2_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
ae3cb33ab3edd530289c225cd7e7fc0b8ad38576828e42e9c09bb9c45e3a262a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-6bd2"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
27602
creation-3_2x.webp
mob.howeatu.com/img/
30 KB
31 KB
Image
General
Full URL
https://mob.howeatu.com/img/creation-3_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
848baddeeeb8a4b8d47d7434a14852d405ef8c424b8deae21bf671f777fdf7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-79c8"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
31176
creation-4_2x.webp
mob.howeatu.com/img/
26 KB
26 KB
Image
General
Full URL
https://mob.howeatu.com/img/creation-4_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
effed7f323a7d2b7a4c9d716a528229bb9487de84e2e56fb428d2374b5664f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-6754"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
26452
help_2x.webp
mob.howeatu.com/img/
3 KB
3 KB
Image
General
Full URL
https://mob.howeatu.com/img/help_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
e1b6836413a8e89375cc01f0e2e3ebc96a278369b64b6b3aa9078a1d8c443de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-a06"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
2566
close.webp
mob.howeatu.com/img/
162 B
376 B
Image
General
Full URL
https://mob.howeatu.com/img/close.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
2802df914b2f462ee9b94ecfcb6f0e65ad41976db3b1dca4eaf19bf0b79b89ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-a2"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
162
line.webp
mob.howeatu.com/img/
898 B
1 KB
Image
General
Full URL
https://mob.howeatu.com/img/line.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
d563bf88e6062dba9351399ab0766bc7be80dad7a4ec330b5723d64325cb7330
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-382"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
898
drop.webp
mob.howeatu.com/img/
376 B
591 B
Image
General
Full URL
https://mob.howeatu.com/img/drop.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
d7f472fe7df29a69d2766da82c6d35e705ae2c267076f4183fe7e19fa7fc5a34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-178"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
376
calories.svg
mob.howeatu.com/img/
4 KB
4 KB
Image
General
Full URL
https://mob.howeatu.com/img/calories.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
9a790e5f2295099b82dc899deabe42f80905feba5c8c7dce09301fdadc2ed49a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-ef1"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
3825
bottle.svg
mob.howeatu.com/img/
2 KB
2 KB
Image
General
Full URL
https://mob.howeatu.com/img/bottle.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
9f58db579bed6dba80f3a0d44e4cf2ab050094ad47c2c3e0e596d663e76e8665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-747"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
1863
body_2x.webp
mob.howeatu.com/img/
7 KB
7 KB
Image
General
Full URL
https://mob.howeatu.com/img/body_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
728cb89c47bd7fea479d9277f5cc77c6fac298a1db7c37af7a9a8712fcd74714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-1b44"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
6980
scales.svg
mob.howeatu.com/img/
1 KB
1 KB
Image
General
Full URL
https://mob.howeatu.com/img/scales.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
8eed3f9e46e9b93f44aa6216e1a39b815ff9ffbe684a9c8b725538d9d7b60b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-4a5"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
1189
plan_2x.webp
mob.howeatu.com/img/
6 KB
6 KB
Image
General
Full URL
https://mob.howeatu.com/img/plan_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
852251aaaafc996c443aa4227a2faf282e5e6dfa15569f8c07b26b95631e811b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-1760"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
5984
chart_2x.webp
mob.howeatu.com/img/
3 KB
3 KB
Image
General
Full URL
https://mob.howeatu.com/img/chart_2x.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
b75bca401e828d0f11f1ec384b512743965ad1711c4418381d01ff3ce3ccb4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-a5a"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
2650
slide-img-1.webp
mob.howeatu.com/img/
12 KB
12 KB
Image
General
Full URL
https://mob.howeatu.com/img/slide-img-1.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
de11004b272b251e65bc73c6090087fae633316362d411b810f09de16178ffb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-2f9a"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
12186
slide-img-2.webp
mob.howeatu.com/img/
23 KB
24 KB
Image
General
Full URL
https://mob.howeatu.com/img/slide-img-2.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
3d9a876749233f2e8a6c9a0dee68ba4868b56e9fcadb5920807e27e1a901e146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-5d14"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
23828
slide-img-3.webp
mob.howeatu.com/img/
18 KB
18 KB
Image
General
Full URL
https://mob.howeatu.com/img/slide-img-3.webp
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
b8bc2cc73cd936294ce6748e881bc26fd7d8a32bb5111dff1b0492a89dd03958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-47f8"
content-type
image/webp
cache-control
no-cache
accept-ranges
bytes
content-length
18424
clipboard.svg
mob.howeatu.com/img/
2 KB
2 KB
Image
General
Full URL
https://mob.howeatu.com/img/clipboard.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a4306944438913020b71fa3e4325386894edb8b7a4520cd8114975c13c83916d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-8a3"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
2211
food.svg
mob.howeatu.com/img/
4 KB
5 KB
Image
General
Full URL
https://mob.howeatu.com/img/food.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
17570af5f3aac0a1d9f99127878a57246e5dbe06a8d3e83b33e39b562ca8a324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-118a"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
4490
recipe-book.svg
mob.howeatu.com/img/
2 KB
3 KB
Image
General
Full URL
https://mob.howeatu.com/img/recipe-book.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a00a3a611e8e84edee995e1daef41b212a095f48d8c3f7fa2453def54c5251dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-9d6"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
2518
cupcake.svg
mob.howeatu.com/img/
4 KB
4 KB
Image
General
Full URL
https://mob.howeatu.com/img/cupcake.svg
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
12227ebefe8f3a629eb2477299dceb1da69ba24e38a01d80e21ff7ea28a44240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-f3c"
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
3900
bundle.js
mob.howeatu.com/_sys/js/
386 KB
87 KB
Script
General
Full URL
https://mob.howeatu.com/_sys/js/bundle.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
b6830db8aefda5f42b66055591b0a54bbd19b94fe4dfe8d1235cde1572be35a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 11 Jan 2023 07:36:37 GMT
server
nginx
content-encoding
gzip
etag
W/"63be6705-607c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
slick.min.js
mob.howeatu.com/js/
41 KB
10 KB
Script
General
Full URL
https://mob.howeatu.com/js/slick.min.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
25ec06817c90bbc4a4d401873cc727c92318ed250b271385bd44757dff373473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd515-a49f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
jquery.animateNumber.min.js
mob.howeatu.com/js/
1 KB
875 B
Script
General
Full URL
https://mob.howeatu.com/js/jquery.animateNumber.min.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
a56c70f7175903c48a5ee31299849563184148bdf0c66588bf044c228777a297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd515-4df"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
scripts.js
mob.howeatu.com/js/
10 KB
3 KB
Script
General
Full URL
https://mob.howeatu.com/js/scripts.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
81e1fea6b4e1bc6cae9b61a899212e8b01dfef6b80415ceb21c46939d0004029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
content-encoding
gzip
etag
W/"637dd515-29c9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache
urlParams.js
mob.howeatu.com/js/
195 B
427 B
Script
General
Full URL
https://mob.howeatu.com/js/urlParams.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
8c7e5ee29d4af8df9d0d8a04bea3aed88a70d682514f049374642a8628c68482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-c3"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
content-length
195
body-bg.png
mob.howeatu.com/img/
41 KB
41 KB
Image
General
Full URL
https://mob.howeatu.com/img/body-bg.png
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx /
Resource Hash
665daf8422e61c75457220c31d41c6a510de432a0c79a02e5f2274233a395b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 23 Nov 2022 08:08:53 GMT
server
nginx
etag
"637dd515-a232"
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
41522
6xKhdSpbNNCT-sWLCm7JLQ.woff2
fonts.gstatic.com/s/prata/v18/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/prata/v18/6xKhdSpbNNCT-sWLCm7JLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prata&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6bcac65940833ea880e91d719671f35204de10545d415575970bc6344bad19b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mob.howeatu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 05:28:21 GMT
x-content-type-options
nosniff
age
422759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12768
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:41:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Feb 2024 05:28:21 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mob.howeatu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 01:53:16 GMT
x-content-type-options
nosniff
age
435664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21276
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:01:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Feb 2024 01:53:16 GMT
6xKhdSpbNNCT-sWPCm4.woff2
fonts.gstatic.com/s/prata/v18/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/prata/v18/6xKhdSpbNNCT-sWPCm4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prata&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bcb1e2c165a9dab26ede996b90fc62ce359f19cdcf076aa09876a943f20075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mob.howeatu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 09:35:46 GMT
x-content-type-options
nosniff
age
407914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18396
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:41:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Feb 2024 09:35:46 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mob.howeatu.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 06:16:57 GMT
x-content-type-options
nosniff
age
419843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Feb 2024 06:16:57 GMT
domain
mob.howeatu.com/
5 KB
2 KB
Fetch
General
Full URL
https://mob.howeatu.com/domain?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/_sys/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.187.4.118 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde657-74.fornex.org
Software
nginx / PHP/7.4.30
Resource Hash
dcd8a4488cf0e91c89a4b0b69c1384b7b1cc9928929e05772fed4026b4cc1a34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/?utm_source=cpa&utm_medium=1012_930434&utm_campaign=2733861&utm_term=1012_2494530057
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, private
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
178f86d5b510e200c46c7f528bbe148d207d545130ba99157bef327ffbab7828

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf64af538275379131ee54530f1d6fa546de3708f877aeff2ec57c30a131ece3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
983 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7144cbe7a69d67a0e3590f76ce781884bdfaee992c650eff0639a21313cd2f9d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f835a2e5ec4550bfc72954d84d811ab7bd54eb9f4bf56b2a2d395db34c163f0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
709 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e805811761c928ec88ee9acf9b7e82976495c738f6e4aa038b8ab80b31d22242

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3100bd49cd2b1f62591ce786a107ce232fb11786e149cea6f084552620f37a57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
608 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
094e22cc6b61a5959d32a44f1f9bab7b1be6e589b47b9cf246c7628bdefb603b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
tag.js
mc.yandex.ru/metrika/
211 KB
73 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/_sys/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 15:40:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63c93a4b-11ffd"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73725
expires
Wed, 08 Feb 2023 03:54:21 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9907.3iB2YtJy84KVJC3tYEr1nj9D0FhDdjXy8T2gzHQwoSazp85dwDCltT1VvoPNbCy8.IPWr7HReQKIWZDbC2rAKBLAGxU4%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9907.VydOhr5Bs7L9PsneJV-uCBLXzISqa2q2Q7aIeOhbx-gyJcb4LNvgD9PPOn7TQHCeECBV3J39UGDF5Z2mR3LAEj-O9H22hpnmxBJvbIW-Iww%2C.J640gHPBE8AYWQqkmD2g2P6pWb0%2C
43 B
67 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9907.VydOhr5Bs7L9PsneJV-uCBLXzISqa2q2Q7aIeOhbx-gyJcb4LNvgD9PPOn7TQHCeECBV3J39UGDF5Z2mR3LAEj-O9H22hpnmxBJvbIW-Iww%2C.J640gHPBE8AYWQqkmD2g2P6pWb0%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:22 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9907.VydOhr5Bs7L9PsneJV-uCBLXzISqa2q2Q7aIeOhbx-gyJcb4LNvgD9PPOn7TQHCeECBV3J39UGDF5Z2mR3LAEj-O9H22hpnmxBJvbIW-Iww%2C.J640gHPBE8AYWQqkmD2g2P6pWb0%2C
date
Wed, 08 Feb 2023 02:54:22 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
113 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:21 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 15:40:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63c93a4b-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 08 Feb 2023 03:54:21 GMT
1
mc.yandex.com/watch/80078182/
Redirect Chain
  • https://mc.yandex.com/watch/80078182?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.gitlab.utopie2.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%...
  • https://mc.yandex.com/watch/80078182/1?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.gitlab.utopie2.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09n...
435 B
518 B
XHR
General
Full URL
https://mc.yandex.com/watch/80078182/1?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.gitlab.utopie2.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1802%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A924034033409%3Ahid%3A1064399048%3Az%3A0%3Ai%3A20230208025421%3Aet%3A1675824862%3Ac%3A1%3Arn%3A290036123%3Arqn%3A1%3Au%3A1675824862756088454%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A72%2C312%2C159%2C112%2C620%2C0%2C%2C737%2C7%2C2414%2C2414%2C2%2C2016%3Aco%3A0%3Acpf%3A1%3Ans%3A1675824858691%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675824862%3At%3AHow%20Eat%20Plan&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
cbdb81217ae73b3f4fca010a51fecf4e730fd7dd69e5b10303c68aa71ece5502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 02:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 08-Feb-2023 02:54:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mob.howeatu.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Wed, 08-Feb-2023 02:54:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 02:54:22 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08-Feb-2023 02:54:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/80078182/1?wmode=7&page-url=https%3A%2F%2Fmob.howeatu.com%2F&page-ref=http%3A%2F%2Fwww.gitlab.utopie2.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1802%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A924034033409%3Ahid%3A1064399048%3Az%3A0%3Ai%3A20230208025421%3Aet%3A1675824862%3Ac%3A1%3Arn%3A290036123%3Arqn%3A1%3Au%3A1675824862756088454%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A72%2C312%2C159%2C112%2C620%2C0%2C%2C737%2C7%2C2414%2C2414%2C2%2C2016%3Aco%3A0%3Acpf%3A1%3Ans%3A1675824858691%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675824862%3At%3AHow%20Eat%20Plan&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://mob.howeatu.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 08-Feb-2023 02:54:22 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9907.4vXpY11M7xXDMOs5yIHcRPAcZFftELIqrz_CYnucAiP8gdbcpHTEXoRQpZY_OAo_.nhT7_jrhJ12f0IW6vl1lL4eejuE%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9907.cSwLNOis7I_DnF8tcfemRBG2GaEeEOibd1SlmyizkK8cvT_Y2UaoGOF1N9di32_73zMsNEY2Mf6klVI-3iRIXKWUefN-lBxPDWuMg4vcICs%2C.m6V7LG19s9U6IwJKCL...
43 B
122 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9907.cSwLNOis7I_DnF8tcfemRBG2GaEeEOibd1SlmyizkK8cvT_Y2UaoGOF1N9di32_73zMsNEY2Mf6klVI-3iRIXKWUefN-lBxPDWuMg4vcICs%2C.m6V7LG19s9U6IwJKCLlToONov-Y%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mob.howeatu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:54:23 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9907.cSwLNOis7I_DnF8tcfemRBG2GaEeEOibd1SlmyizkK8cvT_Y2UaoGOF1N9di32_73zMsNEY2Mf6klVI-3iRIXKWUefN-lBxPDWuMg4vcICs%2C.m6V7LG19s9U6IwJKCLlToONov-Y%2C
date
Wed, 08 Feb 2023 02:54:22 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1
mc.yandex.com/watch/80078182/
43 B
351 B
XHR
General
Full URL
https://mc.yandex.com/watch/80078182/1?page-url=https%3A%2F%2Fmob.howeatu.com%2F&charset=utf-8&hittoken=1675824862_ca4947eb84162b9d9e36127605c62c58459c05aefc09872698354afe6319c2d7&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A1%3Als%3A924034033409%3Ahid%3A1064399048%3Az%3A0%3Ai%3A20230208025422%3Aet%3A1675824863%3Ac%3A1%3Arn%3A1044370349%3Arqn%3A2%3Au%3A1675824862756088454%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1675824858691%3Aadb%3A2%3Ast%3A1675824863&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)lt(16400)aw(1)ti(2)
Requested by
Host: mob.howeatu.com
URL: https://mob.howeatu.com/_sys/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mob.howeatu.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 02:54:23 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08-Feb-2023 02:54:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://mob.howeatu.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 08-Feb-2023 02:54:23 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| _excluded function| _objectWithoutProperties function| _objectWithoutPropertiesLoose function| _get function| _superPropBase function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _createForOfIteratorHelper function| ownKeys function| _objectSpread function| _defineProperty function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _classCallCheck function| _inherits function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _wrapNativeSuper function| _construct function| _isNativeReflectConstruct function| _isNativeFunction function| _setPrototypeOf function| _getPrototypeOf function| _typeof function| SentryDomain function| debounce object| app object| Sentry function| Vue object| __SENTRY__ function| burgerMenu boolean| ref boolean| isResponse function| ym object| Ya object| __sentry_instrumentation_handlers__ object| yaCounter80078182

8 Cookies

Domain/Path Name / Value
.clicktvf.com/ Name: ad1T1lod1BSaVdpMmx5MGdOc2g1Q1FkZz09
Value: 1
mob.howeatu.com/ Name: _utmc
Value: %7B%22utm_campaign%22%3A%222733861%22%2C%22utm_medium%22%3A%221012_930434%22%2C%22utm_source%22%3A%22cpa%22%2C%22utm_term%22%3A%221012_2494530057%22%2C%22utm_content%22%3Anull%7D
.mob.howeatu.com/ Name: lgl
Value: 8
.howeatu.com/ Name: _ym_uid
Value: 1675824862756088454
.howeatu.com/ Name: _ym_d
Value: 1675824862
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1744950007fake
.howeatu.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1707831881fake

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicktvf.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
mob.howeatu.com
www.gitlab.utopie2.ru
2001:4de0:ac18::1:a:2b
2607:f8b0:4006:807::200a
2607:f8b0:4006:809::2003
2a02:6b8::1:119
5.187.4.118
91.228.154.172
94.103.183.63
094e22cc6b61a5959d32a44f1f9bab7b1be6e589b47b9cf246c7628bdefb603b
10a46bb0bc012a7017a72155ec97e21522dc3874ab90408a43a5f4036078e7cd
12227ebefe8f3a629eb2477299dceb1da69ba24e38a01d80e21ff7ea28a44240
17570af5f3aac0a1d9f99127878a57246e5dbe06a8d3e83b33e39b562ca8a324
178f86d5b510e200c46c7f528bbe148d207d545130ba99157bef327ffbab7828
25ec06817c90bbc4a4d401873cc727c92318ed250b271385bd44757dff373473
27456a86ba8c72a6ed26a56148b6c5e2e857e51c16c5880f0949533702015f2a
27e6611b052aa46e89c711cd683300ed9910bb42af74ef367c2459b2dda819d5
2802df914b2f462ee9b94ecfcb6f0e65ad41976db3b1dca4eaf19bf0b79b89ce
3100bd49cd2b1f62591ce786a107ce232fb11786e149cea6f084552620f37a57
3d9a876749233f2e8a6c9a0dee68ba4868b56e9fcadb5920807e27e1a901e146
3e5ee94ee13bf8b5bc553b2998944e15b039bb44c16c692f4d98fa2fc0c7869b
3f835a2e5ec4550bfc72954d84d811ab7bd54eb9f4bf56b2a2d395db34c163f0
42098e9f0832ab3821a0c128bf6734e34d7061faab784988c5d2b1181b3c63ca
4f9fa48848443dd0af9d2f2d8dcaeea3d5da969f6ab95c087a1297278ce4e256
51e81e18fa29539f2df42999caa1304b711762115dbbb6f96569f4f15a284c14
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
665daf8422e61c75457220c31d41c6a510de432a0c79a02e5f2274233a395b5f
6d21824a15b7f09a6594085569aac9b4614d4d80bb3b4b2a16c5f104d4eeb15a
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
7144cbe7a69d67a0e3590f76ce781884bdfaee992c650eff0639a21313cd2f9d
728cb89c47bd7fea479d9277f5cc77c6fac298a1db7c37af7a9a8712fcd74714
75bcb1e2c165a9dab26ede996b90fc62ce359f19cdcf076aa09876a943f20075
75e66a53cb4eb10911152911ba8e31a5597a046ab7f474b96dd0406a4d656404
81e1fea6b4e1bc6cae9b61a899212e8b01dfef6b80415ceb21c46939d0004029
848baddeeeb8a4b8d47d7434a14852d405ef8c424b8deae21bf671f777fdf7a4
852251aaaafc996c443aa4227a2faf282e5e6dfa15569f8c07b26b95631e811b
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
8c7e5ee29d4af8df9d0d8a04bea3aed88a70d682514f049374642a8628c68482
8eed3f9e46e9b93f44aa6216e1a39b815ff9ffbe684a9c8b725538d9d7b60b49
96c4e58e8a03bbdefeb244e74873ce152349cdb30b308628dd7c3e2d7c7e118a
9760126ff5aa053e4cd2fa98601cfc4eb9d2ae1f14a0b2368d67619d5f151927
9a790e5f2295099b82dc899deabe42f80905feba5c8c7dce09301fdadc2ed49a
9f58db579bed6dba80f3a0d44e4cf2ab050094ad47c2c3e0e596d663e76e8665
a00a3a611e8e84edee995e1daef41b212a095f48d8c3f7fa2453def54c5251dc
a20debf70ed5ac2d94ccf79320caf0d202fae423dd9eaeafec377a7197a561a7
a4306944438913020b71fa3e4325386894edb8b7a4520cd8114975c13c83916d
a5427f81716f26c79e361fdcfcaadedc6f47d709e9666d03cc8cd9eff6033870
a56c70f7175903c48a5ee31299849563184148bdf0c66588bf044c228777a297
a56e97fbc21c258a36cd7237dde7856124c53811fbfe29d5506b2de71cf5ef38
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
ab0fa9c93fab0eb6648fa9e816fc7d7565843ec93ffabbc79884f4ceff243e6d
ae3cb33ab3edd530289c225cd7e7fc0b8ad38576828e42e9c09bb9c45e3a262a
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b6830db8aefda5f42b66055591b0a54bbd19b94fe4dfe8d1235cde1572be35a0
b75bca401e828d0f11f1ec384b512743965ad1711c4418381d01ff3ce3ccb4a9
b8bc2cc73cd936294ce6748e881bc26fd7d8a32bb5111dff1b0492a89dd03958
c9164f2fcc7abd8cd5f179d52924aca0b2b15eabc7104c71e918a315209fc47b
cbdb81217ae73b3f4fca010a51fecf4e730fd7dd69e5b10303c68aa71ece5502
cf64af538275379131ee54530f1d6fa546de3708f877aeff2ec57c30a131ece3
d563bf88e6062dba9351399ab0766bc7be80dad7a4ec330b5723d64325cb7330
d7f472fe7df29a69d2766da82c6d35e705ae2c267076f4183fe7e19fa7fc5a34
db5189c701eb9686d85b5fa62d48d376e2442f149f1f1aa794b1b27433b10c3c
dcd8a4488cf0e91c89a4b0b69c1384b7b1cc9928929e05772fed4026b4cc1a34
de11004b272b251e65bc73c6090087fae633316362d411b810f09de16178ffb9
e1b6836413a8e89375cc01f0e2e3ebc96a278369b64b6b3aa9078a1d8c443de1
e805811761c928ec88ee9acf9b7e82976495c738f6e4aa038b8ab80b31d22242
effed7f323a7d2b7a4c9d716a528229bb9487de84e2e56fb428d2374b5664f48
f6bcac65940833ea880e91d719671f35204de10545d415575970bc6344bad19b