auth.myadcash.com Open in urlscan Pro
34.66.104.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://adcash.myadcash.com/
Effective URL:
https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1&state=c0ziydEo...
Submission: On August 09 via api (August 9th 2024, 11:45:27 am UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 18 domains to perform 48 HTTP transactions. The main IP is 34.66.104.14, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is auth.myadcash.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 25th 2024. Valid for: a year.

This is the only time auth.myadcash.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700::68... 2606:4700::6811:300e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	34.66.104.14 34.66.104.14	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.66.112.115 18.66.112.115	16509 (AMAZON-02) (AMAZON-02)
2	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:320... 2a06:98c1:3200::90:0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2	172.65.202.85 172.65.202.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.211.221.65 54.211.221.65	14618 (AMAZON-AES) (AMAZON-AES)
1	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.236.181 172.65.236.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.102.98 18.66.102.98	16509 (AMAZON-02) (AMAZON-02)
48	22

2 2606:4700::6811:300e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

adcash.myadcash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.66.104.14 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 14.104.66.34.bc.googleusercontent.com

auth.myadcash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.112.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-115.fra56.r.cloudfront.net

cdn.elev.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3200::90:0 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.202.85 (United States)

ASN13335 (CLOUDFLARENET, US)

api-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.221.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-221-65.compute-1.amazonaws.com

ipa.elev.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.236.181 (United States)

ASN13335 (CLOUDFLARENET, US)

app-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-98.fra56.r.cloudfront.net

events.elev.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	myadcash.com 2 redirects adcash.myadcash.com auth.myadcash.com	540 KB
9	elev.io cdn.elev.io — Cisco Umbrella Rank: 36521 ipa.elev.io — Cisco Umbrella Rank: 35996 events.elev.io — Cisco Umbrella Rank: 245182	122 KB
4	hubspot.com api-eu1.hubspot.com — Cisco Umbrella Rank: 67932 app-eu1.hubspot.com — Cisco Umbrella Rank: 78406 track-eu1.hubspot.com — Cisco Umbrella Rank: 28501	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
2	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 51227 forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 53121	25 KB
2	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 27842	29 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	75 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	214 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
1	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 53409	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	255 B
1	usemessages.com js-eu1.usemessages.com — Cisco Umbrella Rank: 70668	24 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 28245	25 KB
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 25412	1 KB
1	gstatic.com fonts.gstatic.com	48 KB
48	18

	Domain	Requested by
12	auth.myadcash.com	auth.myadcash.com
6	cdn.elev.io	auth.myadcash.com cdn.elev.io
2	events.elev.io	cdn.elev.io
2	www.facebook.com	auth.myadcash.com
2	api-eu1.hubspot.com	js-eu1.usemessages.com
2	region1.analytics.google.com	www.googletagmanager.com
2	js-eu1.hs-banner.com	js-eu1.hs-scripts.com js-eu1.hs-banner.com
2	connect.facebook.net	auth.myadcash.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	auth.myadcash.com www.googletagmanager.com
2	fonts.googleapis.com	auth.myadcash.com
2	adcash.myadcash.com	2 redirects
1	track-eu1.hubspot.com
1	app-eu1.hubspot.com	js-eu1.usemessages.com
1	forms-eu1.hsforms.com	auth.myadcash.com
1	ipa.elev.io	cdn.elev.io
1	forms-eu1.hscollectedforms.net	js-eu1.hscollectedforms.net
1	www.google.de	auth.myadcash.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	js-eu1.usemessages.com	js-eu1.hs-scripts.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.hs-scripts.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
48	24

This site contains links to these domains. Also see Links.

Domain
adcash.myadcash.com

Subject Issuer	Validity	Valid
*.myadcash.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-25` - `2025-01-25`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-18` - `2024-08-16`	3 months	crt.sh
hs-scripts.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
cdn.elev.io Amazon RSA 2048 M02	`2024-04-12` - `2025-05-10`	a year	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
hscollectedforms.net WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
hs-analytics.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
usemessages.com WE1	`2024-08-08` - `2024-11-06`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.elev.io Amazon RSA 2048 M02	`2024-08-09` - `2025-09-08`	a year	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1&state=c0ziydEo8wXKquHVlNb5HbcJVlEogFfe&scope=profile%20email%20openid&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fadcash.myadcash.com%2Fauth%2Fweb%2Fsso-login&client_id=dsp
Frame ID: BEF468757C3472E4C744AFA37497B950
Requests: 45 HTTP requests in this frame

Frame: https://app-eu1.hubspot.com/conversations-visitor/26876019/threads/utk/303452e6536c405aa720fa0c4a95d011?uuid=840f249eb13a43aa84748731801adbc2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=auth.myadcash.com&inApp53=false&messagesUtk=303452e6536c405aa720fa0c4a95d011&url=https%3A%2F%2Fauth.myadcash.com%2Frealms%2Fadcash%2Fprotocol%2Fopenid-connect%2Fauth%3Fnonce%3DnOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1%26state%3Dc0ziydEo8wXKquHVlNb5HbcJVlEogFfe%26scope%3Dprofile%2520email%2520openid%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fadcash.myadcash.com%252Fauth%252Fweb%252Fsso-login%26client_id%3Ddsp&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true
Frame ID: C7A4C22E627896D1B2D72D3C6423C8F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Adcash

Page URL History Show full URLs

https://adcash.myadcash.com/ HTTP 302
https://adcash.myadcash.com/login HTTP 302
https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3p... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

48
Requests

100 %
HTTPS

43 %
IPv6

18
Domains

24
Subdomains

22
IPs

3
Countries

1134 kB
Transfer

2749 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://adcash.myadcash.com/auth/web/reset-password
Title: Forgot?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://adcash.myadcash.com/ HTTP 302
https://adcash.myadcash.com/login HTTP 302
https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1&state=c0ziydEo8wXKquHVlNb5HbcJVlEogFfe&scope=profile%20email%20openid&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fadcash.myadcash.com%2Fauth%2Fweb%2Fsso-login&client_id=dsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request auth Show response
auth.myadcash.com/realms/adcash/protocol/openid-connect/
Redirect Chain

https://adcash.myadcash.com/
https://adcash.myadcash.com/login
https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1&state=c0ziydEo8wXKquHVlNb5HbcJVlEogFfe&scope=profile%20email%20openid&response_type=code&...

7 KB
9 KB

375ms
124ms

Document
text/html

34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1&state=c0ziydEo8wXKquHVlNb5HbcJVlEogFfe&scope=profile%20email%20openid&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fadcash.myadcash.com%2Fauth%2Fweb%2Fsso-login&client_id=dsp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

6cef5bed0738479b02af75020ea0510488b323e2421d40704189f22f41ab1c5a

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' https://www.google.com https://.myadcash.com https://.hubspot.com; frame-ancestors 'self' *.myadcash.com; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Language: en
Content-Length: 7644
Content-Security-Policy: frame-src 'self' https://www.google.com https://*.myadcash.com https://*.hubspot.com; frame-ancestors 'self' *.myadcash.com; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Fri, 09 Aug 2024 11:45:20 GMT
Referrer-Policy: no-referrer
Server: openresty
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b077fd64fa86ae7-FRA
content-type: text/html; charset=UTF-8
date: Fri, 09 Aug 2024 11:45:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1&state=c0ziydEo8wXKquHVlNb5HbcJVlEogFfe&scope=profile%20email%20openid&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fadcash.myadcash.com%2Fauth%2Fweb%2Fsso-login&client_id=dsp
pragma: no-cache
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 131ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700,600,400italic

Requested by

Host: auth.myadcash.com
URL: https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1&state=c0ziydEo8wXKquHVlNb5HbcJVlEogFfe&scope=profile%20email%20openid&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fadcash.myadcash.com%2Fauth%2Fweb%2Fsso-login&client_id=dsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa0cb011831b1dd8cc412a7b3396060e9a4a52070ad33994094b20ea2a486a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Aug 2024 11:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 11:45:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Aug 2024 11:45:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 30 KB
2 KB 137ms
54ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700%7CLato:400,700,600,400italic,700italic&subset=latin,cyrillic,latin-ext,latin,latin-ext

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

edf201e7eb45d7795f688e535299ac8c3faff0f771e0dc30f73e89c4f42f2b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Aug 2024 11:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 11:45:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Aug 2024 11:45:20 GMT

GET
H/1.1 200
OK all.min.css
auth.myadcash.com/resources/zw32r/login/adcash/css/font-awesome/css/ 489 KB
96 KB 119ms
117ms Stylesheet
text/css 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/css/font-awesome/css/all.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

85f960e3432c0471f11459de92e48be7d41fef9315a78761306bafb4e435b899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:20 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sharp-solid.min.css
auth.myadcash.com/resources/zw32r/login/adcash/css/font-awesome/css/ 557 B
660 B 358ms
130ms Stylesheet
text/css 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/css/font-awesome/css/sharp-solid.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

ecaefc49eb89759d07ff9bc8e7d02a5b296c09ed7f1f22bcdd947f9c175c9f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 300
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
auth.myadcash.com/resources/zw32r/login/adcash/css/ 6 KB
2 KB 359ms
131ms Stylesheet
text/css 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/css/style.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

8704ac40e4337af3f2f105f3f483c2417c83109d02fee07d92b786468b5e5fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 1536
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK login.css
auth.myadcash.com/resources/zw32r/login/adcash/css/ 3 KB
1 KB 359ms
130ms Stylesheet
text/css 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/css/login.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

03e05b9b82c789c44d07a8e6afef645b8e6e04bed45a3b0e8d1b9ee71269fa75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 1028
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK adcash_logo_white.svg
auth.myadcash.com/resources/zw32r/login/adcash/img/ 10 KB
5 KB 496ms
118ms Image
image/svg+xml 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/img/adcash_logo_white.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

9e7db829447feca143656a06c70bcceee7bf0abcf00d448be177b2c85aa15abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 4298
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK passwordVisibility.js Show response
auth.myadcash.com/resources/zw32r/login/adcash/js/ 714 B
679 B 357ms
129ms Script
text/javascript 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/js/passwordVisibility.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

10452e0774b024679c33339a65e6983826a41cf08395164f33b7179c9171702b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://auth.myadcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 312
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 294 KB
104 KB 159ms
56ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJ43N4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4fbeff8d220061bc06f2ba67186814a54850d698de3af79a27d807405809573a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106264
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Aug 2024 11:45:21 GMT

GET
H/1.1 200
OK authChecker.js Show response
auth.myadcash.com/resources/zw32r/login/adcash/js/ 2 KB
1 KB 217ms
129ms Script
text/javascript 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/js/authChecker.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

be91b2216acb6673f2afbeedbcf39aef1535899b9963134c3048303db7ea5557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://auth.myadcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 713
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK WorldBackground.svg
auth.myadcash.com/resources/zw32r/login/adcash/img/ 13 KB
5 KB 123ms
120ms Image
image/svg+xml 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/img/WorldBackground.svg

Requested by

Host: auth.myadcash.com
URL: https://auth.myadcash.com/resources/zw32r/login/adcash/css/login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

decce868327faf423ed6fc525eba48517ed809f13f704c500cd3a8bd2b0ff323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 5070
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK google.svg
auth.myadcash.com/resources/zw32r/login/adcash/img/ 847 B
863 B 119ms
116ms Image
image/svg+xml 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/img/google.svg

Requested by

Host: auth.myadcash.com
URL: https://auth.myadcash.com/resources/zw32r/login/adcash/css/login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

2262edeb6cb7a00bb2f3f5e28ece9b4a4b6d151e493c32fc480008940e6bf093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 498
X-XSS-Protection: 1; mode=block

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 125ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700%7CLato:400,700,600,400italic,700italic&subset=latin,cyrillic,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auth.myadcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 16:29:10 GMT
x-content-type-options: nosniff
age: 155771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 16:29:10 GMT

GET
H/1.1 200
OK fa-light-300.woff2
auth.myadcash.com/resources/zw32r/login/adcash/css/font-awesome/webfonts/ 418 KB
418 KB 245ms
243ms Font
application/octet-stream 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/css/font-awesome/webfonts/fa-light-300.woff2

Requested by

Host: auth.myadcash.com
URL: https://auth.myadcash.com/resources/zw32r/login/adcash/css/font-awesome/css/all.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

f450dd903b7e6e62eb9c722c2f475142ca1b2dbfff601f1c4f7611ccfc1e1d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://auth.myadcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 346 KB
110 KB 61ms
54ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-20Y182RNS0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ43N4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83716757b1c7a36c59a1684fa267548426d78afa894fe2788bcbc3001a7b957f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 112768
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Aug 2024 11:45:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 123ms
36ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ43N4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 10:40:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3882
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 09 Aug 2024 12:40:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Aug 2024 11:45:21 GMT
document-policy: force-load-at-top
x-fb-server-load: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1368, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: xMUaEfXMaxIOuMm3piFI8e/YpXxddG5psJWfSuOeV4dO2i39cztcmJQpuELZBesYRd8lkcfVG+AV0LAG5ShqQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 26876019.js Show response
js-eu1.hs-scripts.com/ 2 KB
1 KB 64ms
33ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-scripts.com/26876019.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ43N4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8b36f6056dbed518d59b2ffb95711a12894589dbd86a622b62bcfaf21e44ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bd85aa5f-293e-4c0c-86d9-3815e114284c
cf-polished: origSize=2032
age: 2049
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bd85aa5f-293e-4c0c-86d9-3815e114284c
cf-bgj: minify
last-modified: Fri, 09 Aug 2024 11:11:12 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-576d445cf9-tvtgx
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cf-ray: 8b077fdd1a479279-FRA

GET
H2 200 elevio-bootloader.js Show response
cdn.elev.io/sdk/bootloader/v4/ 794 B
1 KB 73ms
7ms Script
application/javascript 18.66.112.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/bootloader/v4/elevio-bootloader.js?cid=5a09b9f6365f7
Requested by: Host: auth.myadcash.com
URL: https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1&state=c0ziydEo8wXKquHVlNb5HbcJVlEogFfe&scope=profile%20email%20openid&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fadcash.myadcash.com%2Fauth%2Fweb%2Fsso-login&client_id=dsp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab135659fd911eec420c7f1586b70d71d616415247b9a6ddb4a10e234dcd2aa3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: lsYuJL1M7m3xYYeJB2rD8_uduNN10msk
date: Fri, 09 Aug 2024 05:54:25 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age: 21057
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 794
last-modified: Thu, 02 May 2024 07:15:45 GMT
server: AmazonS3
etag: "96c5db343c7753fa2229b742bc1fe147"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: 0nj1j1-iigmSJbIfTTy-Rjy4VpxZdyu-E8piDesAzL4BtJA3iCfs1g==

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/26876019/ 82 KB
28 KB 111ms
30ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/26876019/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26876019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f59dc122973d2707ff55649d3ecc773c4ecd96a816efc80d292e30775141ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:21 GMT
x-amz-version-id: no2GsFCYh6.CH9A7jKbrjPnOhYXR2Ppi
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: E2V870EBR55PT33B
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1970dc30-bd24-424a-88e6-7a526347d82b
age: 244
x-envoy-upstream-service-time: 39
x-amz-id-2: e3z2R4ckFJLvX11sGZ3PHhYXIvtJRsiLcDlWPyRSs0YeIV8Ax5PW/Lb3+g4PeE8QVRBAhCYjShs=
x-evy-trace-listener: listener_https
x-request-id: 1970dc30-bd24-424a-88e6-7a526347d82b
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 16 Jul 2024 19:45:39 GMT
server: cloudflare
etag: W/"4ed6046a208aa7b53627c97ecb2df110"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://adcash.myadcash.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-tzlhx
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8b077fddda9392ab-FRA
expires: Fri, 09 Aug 2024 11:46:17 GMT

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 69 KB
25 KB 135ms
54ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hscollectedforms.net/collectedforms.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26876019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://auth.myadcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:21 GMT
x-amz-version-id: FCxgV_B3nWescR00el0uV0Hdj2lazDBZ
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 399b4972-f622-49a0-a531-22d680291dc4
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.586/bundles/project.js&cfRay=8b077fdddc114dc5-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 399b4972-f622-49a0-a531-22d680291dc4
last-modified: Tue, 23 Jul 2024 12:55:20 UTC
server: cloudflare
etag: W/"ac41634810840adc02ea51748cb19c2f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-75dd7fb59f-qrw6z
cf-ray: 8b077fdddc114dc5-FRA
x-amz-cf-id: sd1wN4zd7CCsdX0unuQxjOBQiDdzeWx9i8KhrWivPGfCofQDBfR4NQ==
x-hs-target-asset: collected-forms-embed-js/static-1.586/bundles/project.js

GET
H2 200 26876019.js Show response
js-eu1.hs-analytics.net/analytics/1723201800000/ 68 KB
25 KB 160ms
43ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1723201800000/26876019.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26876019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3837777c1642512c704dc5666207f4da2db87caac0c6237ae4bd5168aa190ecb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:21 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: X5SCQ2XX6FRKHDS1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 0676136a-9864-4bbb-9d25-d32069e3f2af
age: 35
x-envoy-upstream-service-time: 79
x-amz-id-2: YA/d5sJuBIBFRzjev03+5te1hxGXPigOQErmHoeNI9lU0CoG+4htCwmUzIVKS6bJ2b3+9C3wDWk=
x-evy-trace-listener: listener_https
x-request-id: 0676136a-9864-4bbb-9d25-d32069e3f2af
x-evy-trace-route-configuration: listener_https/all
last-modified: Sat, 03 Aug 2024 00:30:26 GMT
server: cloudflare
etag: W/"07e2c2a91e5bd5e3324227c5b5a2e21e"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-5cc6cdbf4d-46bll
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8b077fde1ea9bbb0-FRA
expires: Fri, 09 Aug 2024 11:49:46 GMT

GET
H2 200 conversations-embed.js Show response
js-eu1.usemessages.com/ 85 KB
24 KB 78ms
36ms Script
application/javascript 2a06:98c1:3200::90:0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.usemessages.com/conversations-embed.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26876019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7ed318241870f903fff41d6a794e810f50196b374ff4274fc36b2b33bfb6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:21 GMT
x-amz-version-id: IOZvZyCQvESzzIXDpDb8C47v20ojhaU7
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P6
age: 157
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.17367/bundles/project.js&cfRay=8b077c06ac4c1c3a-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: bacfe21c-46f6-43ed-92df-43ee3a69d2ec
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bacfe21c-46f6-43ed-92df-43ee3a69d2ec
last-modified: Thu, 01 Aug 2024 19:44:14 UTC
server: cloudflare
etag: W/"b57858533bdc895fc298584a34a08c3a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-75dd7fb59f-qrw6z
cf-ray: 8b077fdd9adc35ea-FRA
x-amz-cf-id: f5disRvZp-iKYzLnXuLyyzuepKY_ABedj9-wQ8kWHWirBXkKdYHRmg==
x-hs-target-asset: conversations-embed/static-1.17367/bundles/project.js

GET
H2 200 371663313025502 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 91ms
87ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/371663313025502?v=2.9.164&r=stable&domain=auth.myadcash.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48da2167bff7f56120791d8d0a54e4a7c8ac7d1e6aa31c7278a1ebf84a9dd009

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Aug 2024 11:45:21 GMT
document-policy: force-load-at-top
x-fb-server-load: 62
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=64, mss=1368, tbw=64434, tp=-1, tpl=-1, uplat=80, ullat=0
pragma: public
x-fb-debug: yGRXru98dCa+ardpiDcI2o58zWEQAFWOtDgXSZGcT7CLe2fbor9QVpOz+Hv/VQjfKZR0yG4Qj8FPYNCeRq1MnQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 elevio-main.js Show response
cdn.elev.io/sdk/main/v4/1714634144204/ 392 KB
102 KB 12ms
9ms Script
application/javascript 18.66.112.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/main/v4/1714634144204/elevio-main.js
Requested by: Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/bootloader/v4/elevio-bootloader.js?cid=5a09b9f6365f7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eff675463cdd7fa83e596bef0da69affed168d370af3f8703993ae42c4d80a10

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Q4cFTfD0NTVe99rdHOv63VqG7bJ7Pq_T
content-encoding: gzip
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
date: Fri, 09 Aug 2024 06:16:25 GMT
age: 19737
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 02 May 2024 07:15:45 GMT
server: AmazonS3
etag: W/"cb11f8ca9f8a5761d8cd635ec64618ae"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, immutable
x-amz-cf-id: DCKlqddy1Y9xAXhvpEvx9ABQazMdFGG5TDIkBSQToc25dqGc4aEHiQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 94ms
17ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-20Y182RNS0&gtm=45je4880v875666998z872506941za200zb72506941&_p=1723203921048&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1161029288.1723203922&ecid=1170161612&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EA&_s=1&sid=1723203921&sct=1&seg=0&dl=https%3A%2F%2Fauth.myadcash.com%2Frealms%2Fadcash%2Fprotocol%2Fopenid-connect%2Fauth%3Fnonce%3DnOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1%26state%3Dc0ziydEo8wXKquHVlNb5HbcJVlEogFfe%26scope%3Dprofile%2520email%2520openid%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fadcash.myadcash.com%252Fauth%252Fweb%252Fsso-login%26client_id%3Ddsp&dt=Sign%20in%20to%20Adcash&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1471
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-20Y182RNS0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:45:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.myadcash.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 83ms
22ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-20Y182RNS0&cid=1161029288.1723203922&gtm=45je4880v875666998z872506941za200zb72506941&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-20Y182RNS0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:45:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.myadcash.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 124ms
70ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-20Y182RNS0&cid=1161029288.1723203922&gtm=45je4880v875666998z872506941za200zb72506941&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1080636545

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:45:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 58ms
41ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1796637379&t=pageview&_s=1&dl=https%3A%2F%2Fauth.myadcash.com%2Frealms%2Fadcash%2Fprotocol%2Fopenid-connect%2Fauth%3Fnonce%3DnOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1%26state%3Dc0ziydEo8wXKquHVlNb5HbcJVlEogFfe%26scope%3Dprofile%2520email%2520openid%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fadcash.myadcash.com%252Fauth%252Fweb%252Fsso-login%26client_id%3Ddsp&ul=de-de&de=UTF-8&dt=Sign%20in%20to%20Adcash&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=688820753&gjid=136897940&cid=1161029288.1723203922&tid=UA-26904811-1&_gid=1156479010.1723203922&_r=1&_slc=1&gtm=45He4880n71TJ43N4v72506941za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=27111306

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:45:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.myadcash.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 public Show response
api-eu1.hubspot.com/livechat-public/v1/message/ 4 KB
2 KB 181ms
180ms XHR
application/json 172.65.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubspot.com/livechat-public/v1/message/public?portalId=26876019&conversations-embed=static-1.17367&mobile=false&messagesUtk=303452e6536c405aa720fa0c4a95d011&traceId=303452e6536c405aa720fa0c4a95d011

Requested by

Host: js-eu1.usemessages.com
URL: https://js-eu1.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

311800dfdf86664862e9e7ad1c64f6365ffc919a9417e1bc014b8aa49234009d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
X-HubSpot-Messages-Uri: https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1&state=c0ziydEo8wXKquHVlNb5HbcJVlEogFfe&scope=profile%20email%20openid&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fadcash.myadcash.com%2Fauth%2Fweb%2Fsso-login&client_id=dsp
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d362f6fb-5c1f-4021-adf8-3bc1d7d0c9a9
x-envoy-upstream-service-time: 147
content-length: 1724
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d362f6fb-5c1f-4021-adf8-3bc1d7d0c9a9
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://auth.myadcash.com
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-576d445cf9-qd4w5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WUIJoHEU6TnBeqjF17kKatVsER9jTPdft1jKQlTEZSKeq5qKPYJuz%2BJYQUQ4XwVye1ELqYON78C7KVSL57PTWi4zPk9ZoBmWBDM6B13ROq%2FpQBcryRyi%2BxLyJmcbkGRw1k%2F1qo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b077fdf3dfe2bc6-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api-eu1.hubspot.com/livechat-public/v1/message/ Frame 0
0 106ms
38ms Preflight
text/plain 172.65.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://auth.myadcash.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://auth.myadcash.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8b077fdefdac2bc6-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 09 Aug 2024 11:45:21 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dl3ovjqfH2AS%2FbsD2xoAMJ7FsLVT5aZubymXb8U8SHDyDCqYxf5SfKPKRtFqUjkyu4nbBDFqAxs%2BXuW9uX9IS7r9fzbEqm4LVpoXD0cN9ETsVn7Oqa7cOsfTfVctd4U%2BcYo%2FqEo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-576d445cf9-45rqz
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 73320c32-5003-403f-a6f4-f768d658d850
x-request-id: 73320c32-5003-403f-a6f4-f768d658d850

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 39ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=371663313025502&ev=PageView&dl=https%3A%2F%2Fauth.myadcash.com%2Frealms%2Fadcash%2Fprotocol%2Fopenid-connect%2Fauth%3Fnonce%3DnOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1%26state%3Dc0ziydEo8wXKquHVlNb5HbcJVlEogFfe%26scope%3Dprofile%2520email%2520openid%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fadcash.myadcash.com%252Fauth%252Fweb%252Fsso-login%26client_id%3Ddsp&rl=&if=false&ts=1723203921715&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723203921712.740901795242342898&cs_est=true&ler=empty&cdl=API_unavailable&it=1723203921527&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Aug 2024 11:45:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 203ms
172ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=371663313025502&ev=PageView&dl=https%3A%2F%2Fauth.myadcash.com%2Frealms%2Fadcash%2Fprotocol%2Fopenid-connect%2Fauth%3Fnonce%3DnOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1%26state%3Dc0ziydEo8wXKquHVlNb5HbcJVlEogFfe%26scope%3Dprofile%2520email%2520openid%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fadcash.myadcash.com%252Fauth%252Fweb%252Fsso-login%26client_id%3Ddsp&rl=&if=false&ts=1723203921715&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723203921712.740901795242342898&cs_est=true&ler=empty&cdl=API_unavailable&it=1723203921527&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 09 Aug 2024 11:45:21 GMT
document-policy: force-load-at-top
x-fb-server-load: 50
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401104485599657888", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=3099, tp=-1, tpl=-1, uplat=163, ullat=0
pragma: no-cache
x-fb-debug: JGqf/a8/KuZTZb3e3r0Zrs/O1++SmlTGgxlRdoYKr6CfJLzxOscpk1d3v9Q7y3yo0yYI+XO8kZsY8AgGiD4XxQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401104485599657888"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cf-location Show response
js-eu1.hs-banner.com/v2/ 5 B
148 B 83ms
54ms Fetch
text/plain 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/cf-location
Requested by: Host: js-eu1.hs-banner.com
URL: https://js-eu1.hs-banner.com/v2/26876019/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b28ae40ac9ef82a5f8426c454cf12d9186a8e6813f6244bb9dddbef59af95071

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1500
cf-ray: 8b077fdecdf99f19-FRA
content-length: 5

GET
H2 200 json Show response
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 135 B
420 B 67ms
40ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=26876019&utk=

Requested by

Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c46e90a9e27ea4378b8dd8e0a0d81206e6fe21d38a72762f1be7d1a48491364

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0108e32f-5cbf-4151-a434-3eb12e8ea045
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0108e32f-5cbf-4151-a434-3eb12e8ea045
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://auth.myadcash.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-75dd7fb59f-qrw6z
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8b077fdf1e584dc5-FRA

GET
H2 200 en Show response
ipa.elev.io/api/settings/5a09b9f6365f7/ 1 KB
830 B 365ms
110ms XHR
application/json 54.211.221.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ipa.elev.io/api/settings/5a09b9f6365f7/en?is_init_load=true&loggedin_only=false&first_name=null&last_name=null&registered_at=null&previewMode=false&url=https%3A%2F%2Fauth.myadcash.com%2Frealms%2Fadcash%2Fprotocol%2Fopenid-connect%2Fauth%3Fnonce%3DnOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1%26state%3Dc0ziydEo8wXKquHVlNb5HbcJVlEogFfe%26scope%3Dprofile%2520email%2520openid%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fadcash.myadcash.com%252Fauth%252Fweb%252Fsso-login%26client_id%3Ddsp
Requested by: Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/main/v4/1714634144204/elevio-main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.221.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-221-65.compute-1.amazonaws.com
Software: /
Resource Hash: 8a1cf38592c886d6750484a13272f7fcbed6f9692e04d157c9f160598a9a4f25

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Aug 2024 11:45:22 GMT
content-encoding: gzip
content-type: application/json

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
1 KB 85ms
40ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b83a33ca-3e12-4482-bb9a-be55781d2b70
x-envoy-upstream-service-time: 4
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b83a33ca-3e12-4482-bb9a-be55781d2b70
Server: cloudflare
vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-6f6ff6474c-h86ll
access-control-expose-headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
CF-RAY: 8b077fdfa98b65b1-FRA

GET
H2 200 303452e6536c405aa720fa0c4a95d011
app-eu1.hubspot.com/conversations-visitor/26876019/threads/utk/ Frame C7A4 0
0 599ms
521ms Document
text/html 172.65.236.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-eu1.hubspot.com/conversations-visitor/26876019/threads/utk/303452e6536c405aa720fa0c4a95d011?uuid=840f249eb13a43aa84748731801adbc2&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=auth.myadcash.com&inApp53=false&messagesUtk=303452e6536c405aa720fa0c4a95d011&url=https%3A%2F%2Fauth.myadcash.com%2Frealms%2Fadcash%2Fprotocol%2Fopenid-connect%2Fauth%3Fnonce%3DnOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1%26state%3Dc0ziydEo8wXKquHVlNb5HbcJVlEogFfe%26scope%3Dprofile%2520email%2520openid%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fadcash.myadcash.com%252Fauth%252Fweb%252Fsso-login%26client_id%3Ddsp&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true

Requested by

Host: js-eu1.usemessages.com
URL: https://js-eu1.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
age: 2105
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 8b077fe0de62695d-FRA
content-encoding: gzip
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.19819/html/index.html&cfRay=8b077fe0de62695d&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Fconversations-visitor%2F26876019%2Fthreads%2Futk%2F303452e6536c405aa720fa0c4a95d011%3Fuuid%3D840f249eb13a43aa84748731801adbc2%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dauth.myadcash.com%26inApp53%3Dfalse%26messagesUtk%3D303452e6536c405aa720fa0c4a95d011%26url%3Dhttps%253A%252F%252Fauth.myadcash.com%252Frealms%252Fadcash%252Fprotocol%252Fopenid-connect%252Fauth%253Fnonce%253DnOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1%2526state%253Dc0ziydEo8wXKquHVlNb5HbcJVlEogFfe%2526scope%253Dprofile%252520email%252520openid%2526response_type%253Dcode%2526approval_prompt%253Dauto%2526redirect_uri%253Dhttps%25253A%25252F%25252Fadcash.myadcash.com%25252Fauth%25252Fweb%25252Fsso-login%2526client_id%253Ddsp%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue&referrer=&cfenv=prod&pdt=2024-08-09&csp=ro
content-type: text/html; charset=utf-8
date: Fri, 09 Aug 2024 11:45:22 GMT
etag: W/"38c1e37b97f9ff944a5ec6c9e9e029c3"
last-modified: Thu, 01 Aug 2024 19:44:14 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8b077fe0de62695d&resource=conversations-visitor-ui/static-1.19819/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
x-amz-cf-id: 72895QtvKntL5kZmcJFYu52Za_y5owjxW1iXHUOo26bqDRaJWquteQ==
x-amz-cf-pop: FRA60-P6
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: uajQiO9H6Nuks.TQxN7J0mDYokmRP0rl
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 11
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-75dd7fb59f-qd26b
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.19819/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: d03600f6-b749-4e29-89d5-e4ff64fd80b3
x-request-id: d03600f6-b749-4e29-89d5-e4ff64fd80b3

GET
H2 200 elevio-noto-sans-400.woff
cdn.elev.io/sdk/fonts/ 14 KB
14 KB 35ms
11ms Font
application/font-woff 18.66.112.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/fonts/elevio-noto-sans-400.woff
Requested by: Host: auth.myadcash.com
URL: https://auth.myadcash.com/realms/adcash/protocol/openid-connect/auth?nonce=nOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1&state=c0ziydEo8wXKquHVlNb5HbcJVlEogFfe&scope=profile%20email%20openid&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fadcash.myadcash.com%2Fauth%2Fweb%2Fsso-login&client_id=dsp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ec90d231372019fbb27c844ccefdc46a6837f62906fd4c9adefab05fa10c963

Request headers

Referer: https://auth.myadcash.com/
Origin: https://auth.myadcash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 09 Aug 2024 03:51:56 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
age: 28407
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13976
last-modified: Tue, 07 Jul 2020 06:02:44 GMT
server: AmazonS3
etag: "66388ef84ff4c5d874ed3875ea4c110b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 8RrJLLG5V1WCiLNp9CYRn_L8LeQQRJknmNJEGpQoAs738tyLGXxhhA==

GET
H2 200 leanpub.svg Show response
cdn.elev.io/sdk/icons/v9/ 441 B
962 B 14ms
13ms XHR
image/svg+xml 18.66.112.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/icons/v9/leanpub.svg
Requested by: Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/main/v4/1714634144204/elevio-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 843dca7954237b79c8902ec340475dae0be71123b72fbddf1fefffd91ef33714

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 09 Aug 2024 05:58:55 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
age: 20787
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 441
last-modified: Thu, 17 Nov 2016 04:22:10 GMT
server: AmazonS3
etag: "9c8c557128dea2244f3737504554cfdd"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: ekSHio8io_29gp-w37jby4Ad4hG_KB4mPzJAeozwVF4LlYtZvG8oVQ==

GET
H2 200 pencil.svg Show response
cdn.elev.io/sdk/icons/v9/ 559 B
1 KB 17ms
16ms XHR
image/svg+xml 18.66.112.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/icons/v9/pencil.svg
Requested by: Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/main/v4/1714634144204/elevio-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae3e9c22feac71a406818967718250e570295d14a5a87b5d844feb480d3d2f48

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 09 Aug 2024 05:58:55 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
age: 20787
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 559
last-modified: Thu, 17 Nov 2016 04:22:10 GMT
server: AmazonS3
etag: "04979a702d553459ece7280f357bdde6"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: n7yYR885Ml11ehlCzlpmX9CBq3bGwZQh8NtERFEUd_ltDNcg29R0tQ==

GET
H2 200 university.svg Show response
cdn.elev.io/sdk/icons/v9/ 274 B
795 B 15ms
15ms XHR
image/svg+xml 18.66.112.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/icons/v9/university.svg
Requested by: Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/main/v4/1714634144204/elevio-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-115.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f078e5e19ca48a85a3f9c86617344166fc12297331d47050c673f6fd839b6a7a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 09 Aug 2024 06:32:27 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
age: 18776
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 274
last-modified: Thu, 17 Nov 2016 04:22:10 GMT
server: AmazonS3
etag: "180262858c6d8500ec6584e06ebef1fd"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 3SEWTOiV5qfcGTQlB95OMOou6aAeMiKcOtSY2xKdYWA3IwxxgPt_6w==

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
955 B 92ms
53ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1240600147&v=1.1&a=26876019&pu=https%3A%2F%2Fauth.myadcash.com%2Frealms%2Fadcash%2Fprotocol%2Fopenid-connect%2Fauth%3Fnonce%3DnOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1%26state%3Dc0ziydEo8wXKquHVlNb5HbcJVlEogFfe%26scope%3Dprofile%2520email%2520openid%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fadcash.myadcash.com%252Fauth%252Fweb%252Fsso-login%26client_id%3Ddsp&t=Sign+in+to+Adcash&cts=1723203922959&vi=213bc0bd727f903304cd92504d5e2954&nc=true&u=80691400.213bc0bd727f903304cd92504d5e2954.1723203922951.1723203922951.1723203922951.1&b=80691400.1.1723203922952&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:45:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 37b8488c-a85c-445b-82fb-dc2b477c3068
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 37b8488c-a85c-445b-82fb-dc2b477c3068
last-modified: Fri, 09 Aug 2024 11:45:23 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=driWwb%2Ba3r1Glb0p0seEVnN7LWLlrWYFoQttbpBxJvE5JI3mc%2FFTqGkZu54YT1S3P7Xpp4PIQ9bHhQ0iHyCx2Mms96tYcj%2F9Qi0rKQqwzdaAtxwC3Ou%2FG2LEUKroENpakc6XUpm3vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-6c6cdbccc5-nscnj
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 8b077fe6aaed6ab9-FRA
x-robots-tag: none

GET
H/1.1 200
OK favicon.ico
auth.myadcash.com/resources/zw32r/login/adcash/img/ 894 B
467 B 126ms
123ms Other
application/octet-stream 34.66.104.14
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.myadcash.com/resources/zw32r/login/adcash/img/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.66.104.14 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

14.104.66.34.bc.googleusercontent.com

Software

openresty /

Resource Hash

37198be5c9537422537c93ba381fad0c74fc5ee2d90c24eb7983ce727b2108f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:45:23 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: openresty
X-Content-Type-Options: nosniff
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 92
X-XSS-Protection: 1; mode=block

OPTIONS
H2 200 events
events.elev.io/v1/ Frame 0
0 330ms
284ms Preflight
application/json 18.66.102.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.elev.io/v1/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-98.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://auth.myadcash.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-elevio-debug-temp
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Fri, 09 Aug 2024 11:45:23 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-apigw-id: cPUlFFs7oAMEoJw=
x-amz-cf-id: Tx5yRf17WgRh-9-Sf-JJkrLKQT75DAybq3K99Wtr74zjS59UvxwCgw==
x-amz-cf-pop: FRA56-P2
x-amzn-requestid: 49ad428a-6500-4f2b-b209-00d7cc3197f8
x-cache: Miss from cloudfront

POST
H2 200 events Show response
events.elev.io/v1/ 13 B
604 B 339ms
335ms XHR
application/json 18.66.102.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.elev.io/v1/events
Requested by: Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/main/v4/1714634144204/elevio-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-98.fra56.r.cloudfront.net
Software: /
Resource Hash: f40a853e58a18759e1f7321d266d63494e320e9651af27d9373ec16380e414b6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Aug 2024 11:45:23 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amzn-requestid: e53b61e8-ce35-404f-a075-d8c36455a985
x-amzn-trace-id: Root=1-66b60153-0ce479bd19f42627658fb97a;Parent=566d71032f5eb672;Sampled=0;lineage=ba02c674:0
access-control-max-age: 86400
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: cPUlIFjToAMEc9Q=
content-length: 13
x-amz-cf-id: QafUpeD_ilLeeLJ0xzkilxDLWsAUsesyU7gzCSpL-0O_9z7pI17zeQ==
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 19ms
19ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-20Y182RNS0&gtm=45je4880v875666998za200zb72506941&_p=1723203921048&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1161029288.1723203922&ecid=1170161612&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1723203921&sct=1&seg=0&dl=https%3A%2F%2Fauth.myadcash.com%2Frealms%2Fadcash%2Fprotocol%2Fopenid-connect%2Fauth%3Fnonce%3DnOUpNkvCR-8Ro5ZLPUq7tY4SK3pgSKB1%26state%3Dc0ziydEo8wXKquHVlNb5HbcJVlEogFfe%26scope%3Dprofile%2520email%2520openid%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttps%253A%252F%252Fadcash.myadcash.com%252Fauth%252Fweb%252Fsso-login%26client_id%3Ddsp&dt=Sign%20in%20to%20Adcash&en=scroll&epn.percent_scrolled=90&_et=6&tfd=6487
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-20Y182RNS0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:45:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth.myadcash.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth.myadcash.com/realms/adcash/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 64393c2c-3d33-4b81-938f-b389a0013891.us-keycloak-auth-worker-b-usb-g1-2024-03-06-v2-bpvv-45233
auth.myadcash.com/realms/adcash/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 64393c2c-3d33-4b81-938f-b389a0013891.us-keycloak-auth-worker-b-usb-g1-2024-03-06-v2-bpvv-45233
auth.myadcash.com/realms/adcash/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI2NmYyMjQwNy1lYmMzLTQzZWMtOTNiZS03YjdkNzExODRiMjQifQ.eyJjaWQiOiJkc3AiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2FkY2FzaC5teWFkY2FzaC5jb20vYXV0aC93ZWIvc3NvLWxvZ2luIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJwcm9maWxlIGVtYWlsIG9wZW5pZCIsImlzcyI6Imh0dHBzOi8vYXV0aC5teWFkY2FzaC5jb20vcmVhbG1zL2FkY2FzaCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwiY2xpZW50X3JlcXVlc3RfcGFyYW1fYXBwcm92YWxfcHJvbXB0IjoiYXV0byIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vYWRjYXNoLm15YWRjYXNoLmNvbS9hdXRoL3dlYi9zc28tbG9naW4iLCJzdGF0ZSI6ImMweml5ZEVvOHdYS3F1SFZsTmI1SGJjSlZsRW9nRmZlIiwibm9uY2UiOiJuT1VwTmt2Q1ItOFJvNVpMUFVxN3RZNFNLM3BnU0tCMSJ9fQ.PHPIEf3KicibiXTSYUF26UpVFUrR-0VSxTAtUkcnvhE
adcash.myadcash.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fgbq54en76iufgafkoct99ffse
.myadcash.com/	1970-01-21 00:49:39	Name: _gcl_au Value: 1.1.1268988700.1723203921
.myadcash.com/	1970-01-21 08:16:03	Name: _ga_20Y182RNS0 Value: GS1.1.1723203921.1.0.1723203921.60.0.1170161612
.myadcash.com/	1970-01-21 08:16:03	Name: _ga Value: GA1.2.1161029288.1723203922
.myadcash.com/	1970-01-20 22:41:30	Name: _gid Value: GA1.2.1156479010.1723203922
.myadcash.com/	1970-01-20 22:40:03	Name: _gat_UA-26904811-1 Value: 1
.myadcash.com/	1970-01-21 00:49:39	Name: _fbp Value: fb.1.1723203921712.740901795242342898
.hsforms.com/	1970-01-20 22:40:05	Name: __cf_bm Value: LTtRexZZ3ky9Bsc7Gc0cIvo4X31VgQwlIIEEh3vi3W8-1723203921-1.0.1.1-qJOn8u_1Ec0K.QGMP8VF.6.IGhdcQgzk4lkEgBHvL_lZkGP4mDDCeD3K5CoDoTkl1DDuYQ6B0U9s0lqtOICY_Q
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: kftXDwy18Wtn4uXFJxVJS.U693pIslVk2LrbeIfjzvA-1723203921894-0.0.1.1-604800000
.auth.myadcash.com/	1970-01-21 02:59:15	Name: messagesUtk Value: 303452e6536c405aa720fa0c4a95d011
auth.myadcash.com/	1970-01-21 02:59:15	Name: __hstc Value: 80691400.213bc0bd727f903304cd92504d5e2954.1723203922951.1723203922951.1723203922951.1
auth.myadcash.com/	1970-01-21 02:59:15	Name: hubspotutk Value: 213bc0bd727f903304cd92504d5e2954
auth.myadcash.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
auth.myadcash.com/	1970-01-20 22:40:05	Name: __hssc Value: 80691400.1.1723203922952
.hubspot.com/	1970-01-20 22:40:05	Name: __cf_bm Value: _Hj0Fy8h1YQzAFvguCnzfmdlWo9V8xyAzz.xp95O6w4-1723203922-1.0.1.1-ocJ8na8FKvqQVNzu8mMFcUTYxsFSDu.4K7ZoX0FG_XZP0rcjnrRlxL0uAT5elZIQbtw2xO2LXUrbfDKOhbGtJw
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 01Gs91EMx0eShG49cdW5cX19f_iJ3y.GLul4AByFEc8-1723203922977-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self' https://www.google.com https://.myadcash.com https://.hubspot.com; frame-ancestors 'self' *.myadcash.com; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adcash.myadcash.com
api-eu1.hubspot.com
app-eu1.hubspot.com
auth.myadcash.com
cdn.elev.io
connect.facebook.net
events.elev.io
fonts.googleapis.com
fonts.gstatic.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
ipa.elev.io
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
js-eu1.usemessages.com
region1.analytics.google.com
stats.g.doubleclick.net
track-eu1.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
142.250.186.67
172.65.192.122
172.65.202.201
172.65.202.85
172.65.208.22
172.65.232.43
172.65.236.181
172.65.238.60
172.65.240.166
18.66.102.98
18.66.112.115
2001:4860:4802:34::36
2606:4700::6811:300e
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3200::90:0
34.66.104.14
54.211.221.65
03e05b9b82c789c44d07a8e6afef645b8e6e04bed45a3b0e8d1b9ee71269fa75
0ec90d231372019fbb27c844ccefdc46a6837f62906fd4c9adefab05fa10c963
10452e0774b024679c33339a65e6983826a41cf08395164f33b7179c9171702b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2262edeb6cb7a00bb2f3f5e28ece9b4a4b6d151e493c32fc480008940e6bf093
311800dfdf86664862e9e7ad1c64f6365ffc919a9417e1bc014b8aa49234009d
37198be5c9537422537c93ba381fad0c74fc5ee2d90c24eb7983ce727b2108f7
3837777c1642512c704dc5666207f4da2db87caac0c6237ae4bd5168aa190ecb
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
48da2167bff7f56120791d8d0a54e4a7c8ac7d1e6aa31c7278a1ebf84a9dd009
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4fbeff8d220061bc06f2ba67186814a54850d698de3af79a27d807405809573a
5c46e90a9e27ea4378b8dd8e0a0d81206e6fe21d38a72762f1be7d1a48491364
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cef5bed0738479b02af75020ea0510488b323e2421d40704189f22f41ab1c5a
6d7ed318241870f903fff41d6a794e810f50196b374ff4274fc36b2b33bfb6af
83716757b1c7a36c59a1684fa267548426d78afa894fe2788bcbc3001a7b957f
843dca7954237b79c8902ec340475dae0be71123b72fbddf1fefffd91ef33714
85f960e3432c0471f11459de92e48be7d41fef9315a78761306bafb4e435b899
8704ac40e4337af3f2f105f3f483c2417c83109d02fee07d92b786468b5e5fff
8a1cf38592c886d6750484a13272f7fcbed6f9692e04d157c9f160598a9a4f25
99f59dc122973d2707ff55649d3ecc773c4ecd96a816efc80d292e30775141ac
9e7db829447feca143656a06c70bcceee7bf0abcf00d448be177b2c85aa15abc
aa0cb011831b1dd8cc412a7b3396060e9a4a52070ad33994094b20ea2a486a06
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab135659fd911eec420c7f1586b70d71d616415247b9a6ddb4a10e234dcd2aa3
ae3e9c22feac71a406818967718250e570295d14a5a87b5d844feb480d3d2f48
b28ae40ac9ef82a5f8426c454cf12d9186a8e6813f6244bb9dddbef59af95071
be91b2216acb6673f2afbeedbcf39aef1535899b9963134c3048303db7ea5557
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decce868327faf423ed6fc525eba48517ed809f13f704c500cd3a8bd2b0ff323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecaefc49eb89759d07ff9bc8e7d02a5b296c09ed7f1f22bcdd947f9c175c9f4d
edf201e7eb45d7795f688e535299ac8c3faff0f771e0dc30f73e89c4f42f2b1f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff675463cdd7fa83e596bef0da69affed168d370af3f8703993ae42c4d80a10
f078e5e19ca48a85a3f9c86617344166fc12297331d47050c673f6fd839b6a7a
f40a853e58a18759e1f7321d266d63494e320e9651af27d9373ec16380e414b6
f450dd903b7e6e62eb9c722c2f475142ca1b2dbfff601f1c4f7611ccfc1e1d04
f8b36f6056dbed518d59b2ffb95711a12894589dbd86a622b62bcfaf21e44ee7

auth.myadcash.com Open in urlscan Pro 34.66.104.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

43 %IPv6

18 Domains

24 Subdomains

22 IPs

3 Countries

1134 kBTransfer

2749 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auth.myadcash.com Open in urlscan Pro
34.66.104.14 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

43 %
IPv6

18
Domains

24
Subdomains

22
IPs

3
Countries

1134 kB
Transfer

2749 kB
Size

19
Cookies

48 HTTP transactions
0 data transactions