p2a.co Open in urlscan Pro
52.20.104.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.liunaactionnetwork.org/site/R?i=pTZGljaBGPl-oOOwJ4R_zg
Effective URL:
https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jG...
Submission: On October 21 via api (October 21st 2019, 3:13:21 pm UTC) from US

Summary HTTP 60 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 26 domains to perform 60 HTTP transactions. The main IP is 52.20.104.44, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is p2a.co.
TLS certificate: Issued by Amazon on August 5th 2019. Valid for: a year.

This is the only time p2a.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	74.123.154.146 74.123.154.146	394901 (VXCHNGE-TX01) (VXCHNGE-TX01 - vXchnge Operating)
2	52.20.104.44 52.20.104.44	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4 4	54.192.94.96 54.192.94.96	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	52.5.125.15 52.5.125.15	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY - Fastly)
6	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	107.178.240.159 107.178.240.159	15169 (GOOGLE) (GOOGLE - Google LLC)
3 16	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2 3	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.216.132.171 52.216.132.171	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4 5	185.33.223.200 185.33.223.200	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
4 4	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.29.131.80 52.29.131.80	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
60	25

1 74.123.154.146 (United States) 1 redirects

ASN394901 (VXCHNGE-TX01 - vXchnge Operating, LLC, US)
PTR: cluster3.convio.net

www.liunaactionnetwork.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.104.44 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-20-104-44.compute-1.amazonaws.com

p2a.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.192.94.96 (Seattle, United States) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-96.fra2.r.cloudfront.net

d2ab4fmh03vt6m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.5.125.15 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-5-125-15.compute-1.amazonaws.com

admin.phone2action.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (United States)

ASN15169 (GOOGLE - Google LLC, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.159 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 159.240.178.107.bc.googleusercontent.com

api.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.132.171 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

p2a-files.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.223.200 (Netherlands) 4 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 308.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.205.230 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.131.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-131-80.eu-central-1.compute.amazonaws.com

pixel.mediaiqdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	google-analytics.com 3 redirects www.google-analytics.com	59 KB
7	doubleclick.net 6 redirects stats.g.doubleclick.net ad.doubleclick.net	2 KB
7	googleapis.com fonts.googleapis.com maps.googleapis.com	191 KB
5	adnxs.com 4 redirects secure.adnxs.com	5 KB
5	facebook.com 1 redirects www.facebook.com staticxx.facebook.com	729 B
5	gstatic.com fonts.gstatic.com maps.gstatic.com	52 KB
4	google.com 2 redirects www.google.com adservice.google.com	732 B
4	facebook.net connect.facebook.net	147 KB
4	phone2action.com admin.phone2action.com	358 KB
4	cloudfront.net 4 redirects d2ab4fmh03vt6m.cloudfront.net	2 KB
3	googletagmanager.com www.googletagmanager.com	80 KB
2	google.de www.google.de	218 B
2	mixpanel.com api.mixpanel.com	458 B
2	p2a.co p2a.co	34 KB
1	nr-data.net bam.nr-data.net	261 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	ytimg.com s.ytimg.com	9 KB
1	atdmt.com cx.atdmt.com	407 B
1	mediaiqdigital.com pixel.mediaiqdigital.com	429 B
1	youtube.com www.youtube.com	923 B
1	amazonaws.com p2a-files.s3.amazonaws.com	43 KB
1	mxpnl.com cdn.mxpnl.com	24 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	twitter.com 1 redirects platform.twitter.com	321 B
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	liunaactionnetwork.org 1 redirects www.liunaactionnetwork.org	835 B
60	26

	Domain	Requested by
16	www.google-analytics.com	3 redirects www.googletagmanager.com www.google-analytics.com p2a.co
6	maps.googleapis.com	p2a.co maps.googleapis.com
5	secure.adnxs.com	4 redirects p2a.co
4	ad.doubleclick.net	4 redirects
4	www.facebook.com	1 redirects p2a.co connect.facebook.net
4	connect.facebook.net	p2a.co connect.facebook.net admin.phone2action.com
4	admin.phone2action.com	p2a.co
4	d2ab4fmh03vt6m.cloudfront.net	4 redirects
3	stats.g.doubleclick.net	2 redirects p2a.co
3	fonts.gstatic.com	p2a.co admin.phone2action.com
3	www.googletagmanager.com	p2a.co
2	adservice.google.com	p2a.co
2	www.google.de	p2a.co
2	www.google.com	2 redirects
2	maps.gstatic.com	p2a.co
2	api.mixpanel.com	p2a.co
2	p2a.co	admin.phone2action.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	p2a.co
1	s.ytimg.com	www.youtube.com
1	cx.atdmt.com	p2a.co
1	staticxx.facebook.com	connect.facebook.net
1	pixel.mediaiqdigital.com	p2a.co
1	www.youtube.com	p2a.co
1	p2a-files.s3.amazonaws.com	p2a.co
1	cdn.mxpnl.com	p2a.co
1	static.ads-twitter.com	p2a.co
1	platform.twitter.com	1 redirects
1	fonts.googleapis.com	p2a.co
1	cdnjs.cloudflare.com	p2a.co
1	www.liunaactionnetwork.org	1 redirects
60	31

This site contains links to these domains. Also see Links.

Domain
phone2action.com

Subject Issuer	Validity	Valid
p2a.co Amazon	`2019-08-05` - `2020-09-05`	a year	crt.sh
*.phone2action.com Go Daddy Secure Certificate Authority - G2	`2019-09-05` - `2021-09-05`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.mixpanel.com RapidSSL RSA CA 2018	`2018-01-11` - `2020-05-01`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-11-07` - `2020-02-07`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.mediaiqdigital.com DigiCert SHA2 Secure Server CA	`2018-04-02` - `2020-05-13`	2 years	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2019-10-01` - `2019-11-23`	2 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Frame ID: 0C38446762F3B683C77739AD18FA8E5C
Requests: 59 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 80EB1E318717418C03D31FFA1CBE0EB3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.liunaactionnetwork.org/site/R?i=pTZGljaBGPl-oOOwJ4R_zg HTTP 302
https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOM... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

60
Requests

100 %
HTTPS

60 %
IPv6

26
Domains

31
Subdomains

25
IPs

5
Countries

1018 kB
Transfer

3127 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://phone2action.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.liunaactionnetwork.org/site/R?i=pTZGljaBGPl-oOOwJ4R_zg HTTP 302
https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://d2ab4fmh03vt6m.cloudfront.net/css/campaign/aero/master.css?v=1571418224 HTTP 301
https://admin.phone2action.com/css/campaign/aero/master.css?v=1571418224

Request Chain 3

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 5

https://d2ab4fmh03vt6m.cloudfront.net/js/campaign/manifest.js?v=1571418224 HTTP 301
https://admin.phone2action.com/js/campaign/manifest.js?v=1571418224

Request Chain 6

https://d2ab4fmh03vt6m.cloudfront.net/js/campaign/vendor.js?v=1571418224 HTTP 301
https://admin.phone2action.com/js/campaign/vendor.js?v=1571418224

Request Chain 7

https://d2ab4fmh03vt6m.cloudfront.net/js/campaign/app.js?v=1571418224 HTTP 301
https://admin.phone2action.com/js/campaign/app.js?v=1571418224

Request Chain 20

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1228018809&t=pageview&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQ~&jid=747531026&gjid=444744190&cid=322369464.1571670784&tid=UA-74468413-2&_gid=1727757915.1571670784&_r=1&gtm=2wgaa0K5JN975&z=1898031927 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74468413-2&cid=322369464.1571670784&jid=747531026&_gid=1727757915.1571670784&gjid=444744190&_v=j79&z=1898031927

Request Chain 36

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1228018809&t=pageview&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&jid=538309076&gjid=2098745270&cid=322369464.1571670784&tid=UA-64350532-1&_gid=1727757915.1571670784&_r=1&gtm=2wgaa0KRGWMDS&z=1641102141 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64350532-1&cid=322369464.1571670784&jid=538309076&_gid=1727757915.1571670784&gjid=2098745270&_v=j79&z=1641102141 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=322369464.1571670784&jid=538309076&_v=j79&z=1641102141 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=322369464.1571670784&jid=538309076&_v=j79&z=1641102141&slf_rd=1&random=880697482

Request Chain 37

https://secure.adnxs.com/px?id=1145864&seg=18807846&t=2 HTTP 302
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1145864%26seg%3D18807846%26t%3D2

Request Chain 38

https://ad.doubleclick.net/ddm/activity/src=9569225;type=invmedia;cat=energ0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9569225;dc_pre=CK2sz_bRreUCFRcHiwodikUN0Q;type=invmedia;cat=energ0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9569225;dc_pre=CK2sz_bRreUCFRcHiwodikUN0Q;type=invmedia;cat=energ0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 39

https://secure.adnxs.com/px?id=1145865&seg=18807847&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu3%3D%26u4%3D%26pixel_id%3D1145865%26uid%3D%24UID&t=2 HTTP 302
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1145865%26seg%3D18807847%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu3%253D%2526u4%253D%2526pixel_id%253D1145865%2526uid%253D%2524UID%26t%3D2 HTTP 302
https://secure.adnxs.com/getuid?https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1145865&uid=$UID HTTP 302
https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1145865&uid=964552449868735562

Request Chain 40

https://ad.doubleclick.net/ddm/activity/src=9569225;type=invmedia;cat=energ00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9569225;dc_pre=CMO4z_bRreUCFRbJdwodQcQIAg;type=invmedia;cat=energ00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9569225;dc_pre=CMO4z_bRreUCFRbJdwodQcQIAg;type=invmedia;cat=energ00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 49

https://www.facebook.com/tr/?id=630823353746843&ev=Microdata&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&rl=&if=false&ts=1571670784720&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Build%20the%20Atlantic%20Coast%20Pipeline%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Build%20the%20Atlantic%20Coast%20Pipeline%22%2C%22og%3Asite_name%22%3A%22EnergySure%22%2C%22og%3Adescription%22%3A%22I%20just%20took%20action%20to%20support%20the%20%23BuildTheACP%20petition%20-%20for%20the%20workers%2C%20businesses%20and%20families%20that%20need%20it.%20Click%20to%20do%20the%20same%3A%20%5B%40campaign%5D%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fp2a.co%2FduXl4fM%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=stable&ec=2&o=30&fbc=fb.1.1571670784178.IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&fbp=fb.1.1571670784179.1464908452&it=1571670784052&coo=false&es=automatic&rqm=GET HTTP 302
https://cx.atdmt.com/?c=2594938959650927833&f=AYx4tuPqWXqwOsEcsNnvO6P7woQ3k20nujxs5D7uWTLoZmb3NTvEy-TP3zn3c8pakCYBzdPnXFWv6iPVVT8HPScA&id=630823353746843&l=3&v=0

Request Chain 53

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=10%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=1810871553&gjid=378529454&cid=1321635601.1571670785&tid=UA-64350532-1&_gid=633533603.1571670785&_r=1&gtm=2wgaa0KRGWMDS&z=1029322532 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64350532-1&cid=1321635601.1571670785&jid=1810871553&_gid=633533603.1571670785&gjid=378529454&_v=j79&z=1029322532 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=1321635601.1571670785&jid=1810871553&_v=j79&z=1029322532 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=1321635601.1571670785&jid=1810871553&_v=j79&z=1029322532&slf_rd=1&random=105963491

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request duXl4fM Show response
p2a.co/
Redirect Chain

http://www.liunaactionnetwork.org/site/R?i=pTZGljaBGPl-oOOwJ4R_zg
https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

104 KB
30 KB

808ms
607ms

Document
text/html

52.20.104.44
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.20.104.44 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-20-104-44.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3dc47f16fbfab4b223c6ac032e45dc26380645b92ebd828fc703a2861ca39512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: p2a.co
:scheme: https
:path: /duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 21 Oct 2019 15:13:03 GMT
content-type: text/html; charset=UTF-8
server: Apache
cache-control: no-cache
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains;
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: XSRF-TOKEN=eyJpdiI6IktXTEhHcm4xbkVxczN5NVYwd1dnOGc9PSIsInZhbHVlIjoiT3VtYjJcL2taU3dLemJidXlLdEhcL3lkVUhcL1BNYWlxQmZWbVhJRW4yc25WVlp0cVFmV2Y1cDRtOWdxVGNLQVl4d3RyZEg0SklGbDlNQjRMWDlFb2N4YXc9PSIsIm1hYyI6IjdlMWFhYWY4ZjUyMjM5MGUyNGIwMDc4Y2E1YjA2OGQ1MGFiOGE2ZDNhZDg3YzJmMzlhNjAzZTcxM2ZkOWUwMzEifQ%3D%3D; expires=Mon, 21-Oct-2019 17:13:03 GMT; Max-Age=7200; path=/ phone2action-production=eyJpdiI6InhrTk53dTd3N2xpM29ZXC9veno2Wkl3PT0iLCJ2YWx1ZSI6IjFjTUYwbVlYZWtwb3VNSFhraUQ0bUtYMFdyWlhGUFh3SXh2WHNIV2lJSTMwUUhwRnk3WDNUSlJHdE4wV3pub1hJOWE0WEdxT05oTFZkTlo4R091WklnPT0iLCJtYWMiOiIwZGEzZDhkYWFjNDQxMDA5ZjM5ZjdmMjRkZDQxYThkZDlkYWU5MzU1NzE5YTE5NDkwZTNkMjZiYjc5NzJiOWM5In0%3D; path=/; HttpOnly p2a_tc=eyJpdiI6IkFcL0lTRFl5emF4NG9BKzNOZjZHSzBnPT0iLCJ2YWx1ZSI6Im90XC9oQjVqMHdNVENUMk1iWGRwbkZQM3lVUnR1U3RWbTNsaDIyb0lVWU5ydHBXXC9ZNEtTcUl0V2VZOG5valU4UCIsIm1hYyI6IjMxZmM0NWI2YmNkYTFkZTI2MzM3ZjdmNDJiYTVlYTU2NTc1NTM4ZDQ3ZWI3NGNjOTk3YTY2YTQ1Y2M0OTUzNWUifQ%3D%3D; expires=Mon, 28-Oct-2019 15:13:03 GMT; Max-Age=604800; path=/; HttpOnly
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

Date: Mon, 21 Oct 2019 15:13:02 GMT
Server: Apache
Cache-Control: private
Set-Cookie: JSESSIONID=4EB3EFB4912962417020B38558D13326.app317b; Path=/; HttpOnly JSESSIONID=4EB3EFB4912962417020B38558D13326.app317b; Path=/ redirector_cookie=34850142548:; Max-Age=2592000; Expires=Wed, 20-Nov-2019 15:13:02 GMT; Path=/
Content-Security-Policy: frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri http://www.liunaactionnetwork.org/site/XFrameViolation
Location: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Content-Length: 0
Keep-Alive: timeout=15, max=470
Connection: Keep-Alive
Content-Type: text/html

GET
H2

200

master.css
admin.phone2action.com/css/campaign/aero/
Redirect Chain

https://d2ab4fmh03vt6m.cloudfront.net/css/campaign/aero/master.css?v=1571418224
https://admin.phone2action.com/css/campaign/aero/master.css?v=1571418224

42 KB
13 KB

369ms
173ms

Stylesheet
text/css

52.5.125.15
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.phone2action.com/css/campaign/aero/master.css?v=1571418224
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.125.15 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-5-125-15.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 64763dc027928e1dd0b5dfe746b91dd24fd24ffa314e635fdad64deebabded1c

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:03 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 2019 17:03:01 GMT
server: Apache
etag: "a6b7-595324e7f52ec-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 13068

Redirect headers

Date: Mon, 21 Oct 2019 13:24:07 GMT
Via: 1.1 7e6ac12144acebd1fc302708f2ecfad6.cloudfront.net (CloudFront)
Server: awselb/2.0
Age: 6536
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://admin.phone2action.com:443/css/campaign/aero/master.css?v=1571418224
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Content-Length: 150
X-Amz-Cf-Id: lwxFhBaSK_pGACOytfz2pzoovHoyjB7_dIHWXALU7BiluqDvl9Xz5A==

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 46ms
19ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Origin: https://p2a.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16304724
status: 200
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 52942c5ddb0ccbac-VIE
expires: Sat, 10 Oct 2020 15:13:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
532 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:300,400,600

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0e5231731d55eff5a2e49d3d8c39f49db9a77e0596893fbb466d288c624d3913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 15:13:03 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 15:13:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:13:03 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

19ms
6ms

Script
application/javascript

151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:03 GMT
content-encoding: gzip
age: 25177
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-fra19160-FRA
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1571670784.729528,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

Redirect headers

Access-Control-Allow-Origin: *
Date: Mon, 21 Oct 2019 15:12:16 GMT
Server: ECS (fcn/40D6)
Content-Length: 0
Location: https://static.ads-twitter.com/oct.js
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 117 KB
38 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyC4R9aVocwhuhFvyDGBltGAnoU4mfb-xxA

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

3b40398f08bcb34199de1ae7fddcf256ab3181f28914760031c0fccd7e5d1091

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:03 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=12
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38591
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:43:03 GMT

GET
H2

200

manifest.js Show response
admin.phone2action.com/js/campaign/
Redirect Chain

https://d2ab4fmh03vt6m.cloudfront.net/js/campaign/manifest.js?v=1571418224
https://admin.phone2action.com/js/campaign/manifest.js?v=1571418224

3 KB
2 KB

222ms
89ms

Script
application/javascript

52.5.125.15
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.phone2action.com/js/campaign/manifest.js?v=1571418224
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.125.15 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-5-125-15.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 42c58a7a55084e6acc0e46a8397648d4983508004595470b36e3e2127fa75197

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:03 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 2019 17:02:30 GMT
server: Apache
etag: "bf1-595324ca274e9-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1361

Redirect headers

Date: Mon, 21 Oct 2019 13:24:07 GMT
Via: 1.1 7e6ac12144acebd1fc302708f2ecfad6.cloudfront.net (CloudFront)
Server: awselb/2.0
Age: 6536
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://admin.phone2action.com:443/js/campaign/manifest.js?v=1571418224
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Content-Length: 150
X-Amz-Cf-Id: lTWQMQTkMxBP_9nJ6t_AgayOEllSPpHzYQvel_u3Zc5JiKUPESUacg==

GET
H2

200

vendor.js Show response
admin.phone2action.com/js/campaign/
Redirect Chain

https://d2ab4fmh03vt6m.cloudfront.net/js/campaign/vendor.js?v=1571418224
https://admin.phone2action.com/js/campaign/vendor.js?v=1571418224

487 KB
159 KB

302ms
177ms

Script
application/javascript

52.5.125.15
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.phone2action.com/js/campaign/vendor.js?v=1571418224
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.125.15 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-5-125-15.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 8b9fb1ff664b5a27f0c0330b8c5edefcbb63994ad86cf4819f1c538e6d3c4be5

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:03 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 2019 17:02:24 GMT
server: Apache
etag: "79a58-595324c4a4bb0-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes

Redirect headers

Date: Mon, 21 Oct 2019 13:24:07 GMT
Via: 1.1 7e6ac12144acebd1fc302708f2ecfad6.cloudfront.net (CloudFront)
Server: awselb/2.0
Age: 6536
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://admin.phone2action.com:443/js/campaign/vendor.js?v=1571418224
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Content-Length: 150
X-Amz-Cf-Id: inevUOFBdFx-pb0AIdekLyz0G7QUlr4OsQmTiIJs_Jei9G0VeNQ12A==

GET
H2

200

app.js Show response
admin.phone2action.com/js/campaign/
Redirect Chain

https://d2ab4fmh03vt6m.cloudfront.net/js/campaign/app.js?v=1571418224
https://admin.phone2action.com/js/campaign/app.js?v=1571418224

693 KB
184 KB

379ms
259ms

Script
application/javascript

52.5.125.15
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.phone2action.com/js/campaign/app.js?v=1571418224
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.125.15 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-5-125-15.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 0c830c03e801d357baa07f0ef783aaa5ee9d5f950034f3d2aac03ba52623064c

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:03 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 2019 17:03:02 GMT
server: Apache
etag: "ad27f-595324e8af94b-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes

Redirect headers

Date: Mon, 21 Oct 2019 13:24:07 GMT
Via: 1.1 10e95c517e657ad53448fce5195e9cba.cloudfront.net (CloudFront)
Server: awselb/2.0
Age: 6536
X-Cache: Hit from cloudfront
Content-Type: text/html
Location: https://admin.phone2action.com:443/js/campaign/app.js?v=1571418224
Connection: keep-alive
X-Amz-Cf-Pop: FRA2
Content-Length: 150
X-Amz-Cf-Id: 8JI1p4Bl7cH8_nA70SpCQfEjhjEJIC79TQO7pIdG1YKerf66q6gwKg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-64350532-1

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d29ecf3f5a1f957a4da5d9f2864ccf2ed9c6006332d28d06203277a5da20e69a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28467
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:13:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 61 KB
21 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5JN975

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3810c3b58f3adfa72d17a62e5967986e98d6a0c5bb15d0a7ff4fa334428e7fa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21892
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:13:04 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 71 KB
24 KB 20ms
6ms Script
text/javascript 2600:1901:0:498c::
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1901:0:498c:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b8c868fdd2f11d86739846d3728b57765e0523bce5494996237f2a1f0acde071

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:12:01 GMT
content-encoding: gzip
age: 63
x-guploader-uploadid: AEnB2UpjBXTxM3rTFsYaeEbd3oSDzXPN2H8xtz-cIldq7C8cXOaCsrv0p1n8Z3r_7J80pNIAOIbzs017yuB46G1XC_AzSd9c4A
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 23725
last-modified: Thu, 22 Aug 2019 14:24:31 GMT
server: UploadServer
etag: "c9bbc71e4c51349554a79efa9ca9e0c3"
vary: Accept-Encoding
x-goog-hash: crc32c=lUpILg==, md5=ybvHHkxRNJVUp576nKngww==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1566483871866728
cache-control: public,max-age=600
x-goog-stored-content-length: 23725
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 21 Oct 2019 15:22:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
22 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 22458
x-xss-protection: 0
pragma: public
x-fb-debug: eXDHlRWPmjeAIWwvnBJVfGgzSgufqZUWkUuT8DJ2skfCgu/pvufZxhvLqLoJN4rwIfWImUWPYNEsr6Y/EHpnWA==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Mon, 21 Oct 2019 15:13:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v5/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v5/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Work+Sans:300,400,600
Origin: https://p2a.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 04:53:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:14 GMT
server: sffe
age: 469166
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
expires: Thu, 15 Oct 2020 04:53:38 GMT

GET
H2 200 630823353746843 Show response
connect.facebook.net/signals/config/ 281 KB
65 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/630823353746843?v=2.9.5&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

01dc4ed9385d83539f9f35107db37ae829d51d0c5e6428ef491b0d8963ff960f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 66310
x-xss-protection: 0
pragma: public
x-fb-debug: qAsTX4C2AwWXecgxR06PaBrUfwqdKxGwmeZ6duV9KpDQjxNNGvlSTgMD1XqnLqfOfFmLB+6aij16AQp0Vw2rhA==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Mon, 21 Oct 2019 15:13:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
api.mixpanel.com/decide/ 65 B
143 B 32ms
18ms XHR
application/json 107.178.240.159
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=f2eda7e4cc64587235ae3ee4ffd1dc1c&ip=1&_=1571670784152
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.240.159 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 159.240.178.107.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Sec-Fetch-Mode: cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:04 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://p2a.co
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 / Show response
api.mixpanel.com/track/ 1 B
315 B 27ms
16ms XHR
application/json 107.178.240.159
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTWFjIE9TIFgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly9wMmEuY28vZHVYbDRmTT9wMmFzb3VyY2U9d2Vic2l0ZWNsaWNrcyZmYmNsaWQ9SXdBUjF1SWJDOF9waGZweDhIYTJwSGp0UzZTRXRnSERFbFFPTWhyc01jVVIxYjdiRDYwRVQtM2pHTVlBWSIsIiRicm93c2VyX3ZlcnNpb24iOiA3NCwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIyLjI5LjEiLCJ0aW1lIjogMTU3MTY3MDc4NC4xNTUsImRpc3RpbmN0X2lkIjogIjE2ZGVlZTBmODk1NWY4LTAyOTU3NzIyZWY1NzY1LTM3NjQ3ZTAzLTFkNGMwMC0xNmRlZWUwZjg5NjMyYiIsIiRkZXZpY2VfaWQiOiAiMTZkZWVlMGY4OTU1ZjgtMDI5NTc3MjJlZjU3NjUtMzc2NDdlMDMtMWQ0YzAwLTE2ZGVlZTBmODk2MzJiIiwiJGluaXRpYWxfcmVmZXJyZXIiOiAiJGRpcmVjdCIsIiRpbml0aWFsX3JlZmVycmluZ19kb21haW4iOiAiJGRpcmVjdCIsIm1wX3BhZ2UiOiAiaHR0cHM6Ly9wMmEuY28vZHVYbDRmTT9wMmFzb3VyY2U9d2Vic2l0ZWNsaWNrcyZmYmNsaWQ9SXdBUjF1SWJDOF9waGZweDhIYTJwSGp0UzZTRXRnSERFbFFPTWhyc01jVVIxYjdiRDYwRVQtM2pHTVlBWSIsIm1wX2Jyb3dzZXIiOiAiQ2hyb21lIiwibXBfcGxhdGZvcm0iOiAiTWFjIE9TIFgiLCJ0b2tlbiI6ICJmMmVkYTdlNGNjNjQ1ODcyMzVhZTNlZTRmZmQxZGMxYyJ9fQ%3D%3D&ip=1&_=1571670784156
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.240.159 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 159.240.178.107.bc.googleusercontent.com
Software: envoy /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Sec-Fetch-Mode: cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:03 GMT
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://p2a.co
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: clear
content-length: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5JN975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4735
date: Mon, 21 Oct 2019 13:54:09 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 21 Oct 2019 15:54:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
200 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=630823353746843&ev=PageView&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&rl=&if=false&ts=1571670784179&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=30&fbc=fb.1.1571670784178.IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&fbp=fb.1.1571670784179.1464908452&it=1571670784052&coo=false&rqm=GET

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 21 Oct 2019 15:13:04 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=630823353746843&ev=ViewContent&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&rl=&if=false&ts=1571670784180&sw=1600&sh=1200&v=2.9.5&r=stable&ec=1&o=30&fbc=fb.1.1571670784178.IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&fbp=fb.1.1571670784179.1464908452&it=1571670784052&coo=false&rqm=GET

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 21 Oct 2019 15:13:04 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 60 KB
22 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5R5J73V&t=gtm2&cid=322369464.1571670784

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b418c7d113e7b6669cd5081d3d6d8047d9db0efe6789c03130bdf9736a542d5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 22750
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:13:04 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1228018809&t=pageview&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsM...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74468413-2&cid=322369464.1571670784&jid=747531026&_gid=1727757915.1571670784&gjid=444744190&_v=j79&z=1898031927

35 B
136 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74468413-2&cid=322369464.1571670784&jid=747531026&_gid=1727757915.1571670784&gjid=444744190&_v=j79&z=1898031927

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Oct 2019 15:13:04 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:04 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-74468413-2&cid=322369464.1571670784&jid=747531026&_gid=1727757915.1571670784&gjid=444744190&_v=j79&z=1898031927
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 174.js Show response
p2a.co/icns/chunks/ 13 KB
4 KB 91ms
90ms Script
application/javascript 52.20.104.44
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://p2a.co/icns/chunks/174.js
Requested by: Host: admin.phone2action.com
URL: https://admin.phone2action.com/js/campaign/manifest.js?v=1571418224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.104.44 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-20-104-44.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 08d216a7b19e98399c8b1ab33ed6d74b3d8af4ac13a6adb5ced02c6eccb0c5c6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:04 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 2019 17:03:02 GMT
server: Apache
etag: "3238-595324e8c60a7-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3778

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: admin.phone2action.com
URL: https://admin.phone2action.com/js/campaign/app.js?v=1571418224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

da340751e379e3ed10c38327a34b1038ddb170ef7c895ae6b371d83f6ed423ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pgl87ic7vNfj1NWS3ooP9g==
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 1780
etag: "db29fc42dfb7b69dd4d5037a31a1395d"
x-fb-debug: 0VkvQ5eMEw+LdhFA3q1p/CG0hSUriIAvztkFNVBkhA9t8/3O/GGYp7qAsn+jFuwUS3EXOCGKf2IE09eZLaxOnQ==
x-fb-trip-id: 1850256238
x-fb-content-md5: 2d07a6de99cd212ea778607cdd8ef02a
x-frame-options: DENY
date: Mon, 21 Oct 2019 15:13:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 21 Oct 2019 15:27:52 GMT

GET
H2 200 QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ 16 KB
16 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh3o4T8mNhNy_r-Kw.woff2

Requested by

Host: admin.phone2action.com
URL: https://admin.phone2action.com/js/campaign/app.js?v=1571418224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5a3fdd33eef5a838c25b2afe031bc8478dd97dcd175ce9b9d99c2a77163b6748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Work+Sans:300,400,600
Origin: https://p2a.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 21:46:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:25:40 GMT
server: sffe
age: 581165
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16608
x-xss-protection: 0
expires: Tue, 13 Oct 2020 21:46:59 GMT

GET
H2 200 QGYpz_wNahGAdqQ43Rh314L8mNhNy_r-Kw.woff2
fonts.gstatic.com/s/worksans/v5/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v5/QGYpz_wNahGAdqQ43Rh314L8mNhNy_r-Kw.woff2

Requested by

Host: admin.phone2action.com
URL: https://admin.phone2action.com/js/campaign/app.js?v=1571418224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

387a679cdec1f4b30a90e92fceea0b475ab1c50a6b7faf8a7659d4f3caf8a747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Work+Sans:300,400,600
Origin: https://p2a.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 23:52:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:58 GMT
server: sffe
age: 919214
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16120
x-xss-protection: 0
expires: Fri, 09 Oct 2020 23:52:50 GMT

GET
H/1.1 200
OK Pv9ByitODAcYHKWe8eOD2nJ6jW7556png
p2a-files.s3.amazonaws.com/production/campaigns/44172/ 43 KB
43 KB 386ms
97ms Image
image/png 52.216.132.171
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2a-files.s3.amazonaws.com/production/campaigns/44172/Pv9ByitODAcYHKWe8eOD2nJ6jW7556png
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.132.171 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1b38c93227a93ff0a6678ff97898e7c6f7a5a1e3f1e2bb4b27f28286ea8b3c5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:13:05 GMT
Last-Modified: Tue, 26 Mar 2019 15:08:26 GMT
Server: AmazonS3
x-amz-request-id: A7F50517F4251A88
ETag: "15da5089ab6664aadabcf3072053b471"
Content-Type: image/png
x-amz-version-id: RazX4u1wCytJvLdd1hZ9pLSaaDHEDBml
Accept-Ranges: bytes
Content-Length: 43748
x-amz-id-2: 6W7AcbLJ2lVZqEXHyxsMziaz1dhEQAC+7eaVdz9+4TBD6V/5ClwrLsbrqhFEqoaCq7c5IaifnoE=

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/38/8/ 75 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/38/8/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyC4R9aVocwhuhFvyDGBltGAnoU4mfb-xxA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c8bf0c92e9d760687900c78550d36be64b89a20978f6edda34dcae384dceb06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 08:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 20:45:26 GMT
server: sffe
age: 24452
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28289
x-xss-protection: 0
expires: Tue, 20 Oct 2020 08:25:32 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/38/8/ 141 KB
52 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/38/8/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyC4R9aVocwhuhFvyDGBltGAnoU4mfb-xxA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2b20899b14f2ec5b8fde3819eab47d0003826f831014efc701299292c910a469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 08:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 20:45:26 GMT
server: sffe
age: 24465
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 53568
x-xss-protection: 0
expires: Tue, 20 Oct 2020 08:25:19 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/38/8/ 208 KB
56 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/38/8/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyC4R9aVocwhuhFvyDGBltGAnoU4mfb-xxA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63f80bc0163a9984ad398863d0a3626a4f588824183e851e3ff30f96522d7b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 20 Oct 2019 12:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 20:45:26 GMT
server: sffe
age: 94822
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 57505
x-xss-protection: 0
expires: Mon, 19 Oct 2020 12:52:42 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/38/8/ 40 KB
16 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/38/8/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyC4R9aVocwhuhFvyDGBltGAnoU4mfb-xxA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8118aafc6a160108aed988875d2deb6ea67030c436cafbb1897722dee7a25c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 14:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 20:45:26 GMT
server: sffe
age: 263274
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15861
x-xss-protection: 0
expires: Sat, 17 Oct 2020 14:05:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
30 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRGWMDS

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a25ac6b606f7bfc056f561afff44b0381ae39f1267e4f159585659351955821

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30911
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:13:04 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
58 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d3877694b096c760e0de3074cf38078c&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

9cfc4bc40845c958785e2596a4dcb2845f9adf98bd7d259e12ed1fa6f136ca1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Origin: https://p2a.co
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xshkCMJNIs63dKasDc4eVA==
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 59079
etag: "01ae09386a30d668dfffa7e919fe47f4"
x-fb-debug: r3gnUvhcaT201BNxwaCVbm+vj156hLNJLUTI8LY4yQ3U5qkqszdUUddfn5iCrzgfGnhCVE3LU31N4hzB1ix3gg==
x-fb-trip-id: 1850256238
x-fb-content-md5: 5f8a32dd2399b08303ef03a28ba7b88d
x-frame-options: DENY
date: Mon, 21 Oct 2019 15:13:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 20 Oct 2020 13:51:40 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 33ms
14ms Image
image/png 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:13:04 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 33ms
15ms Image
image/png 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
expires: Mon, 21 Oct 2019 15:13:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRGWMDS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4735
date: Mon, 21 Oct 2019 13:54:09 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 21 Oct 2019 15:54:09 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
923 B 22ms
21ms Script
application/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

16dd54686a3ed4ca169cba44af157ea072d91930a6b5ad3690b4651820e5e0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:04 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 EST

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1228018809&t=pageview&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsM...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64350532-1&cid=322369464.1571670784&jid=538309076&_gid=1727757915.1571670784&gjid=2098745270&_v=j79&z=1641102141
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=322369464.1571670784&jid=538309076&_v=j79&z=1641102141
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=322369464.1571670784&jid=538309076&_v=j79&z=1641102141&slf_rd=1&random=880697482

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=322369464.1571670784&jid=538309076&_v=j79&z=1641102141&slf_rd=1&random=880697482

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=322369464.1571670784&jid=538309076&_v=j79&z=1641102141&slf_rd=1&random=880697482
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1145864&seg=18807846&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1145864%26seg%3D18807846%26t%3D2

43 B
1017 B

14ms
14ms

Image
image/gif

185.33.223.200
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1145864%26seg%3D18807846%26t%3D2

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.200 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

308.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Oct 2019 15:13:06 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.74:80
AN-X-Request-Uuid: 09d4ac54-ca21-4e71-82ab-c7c27480edb4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Oct 2019 15:13:06 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.45:80
AN-X-Request-Uuid: 6cf90311-ecb6-47e1-8b29-bdfade28af9d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1145864%26seg%3D18807846%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

src=9569225;dc_pre=CK2sz_bRreUCFRcHiwodikUN0Q;type=invmedia;cat=energ0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9569225;type=invmedia;cat=energ0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9569225;dc_pre=CK2sz_bRreUCFRcHiwodikUN0Q;type=invmedia;cat=energ0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=9569225;dc_pre=CK2sz_bRreUCFRcHiwodikUN0Q;type=invmedia;cat=energ0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9569225;dc_pre=CK2sz_bRreUCFRcHiwodikUN0Q;type=invmedia;cat=energ0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9569225;dc_pre=CK2sz_bRreUCFRcHiwodikUN0Q;type=invmedia;cat=energ0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

pixel
pixel.mediaiqdigital.com/
Redirect Chain

https://secure.adnxs.com/px?id=1145865&seg=18807847&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu3%3D%26u4%3D%26pixel_id%3D1145865%26uid%3D%24UI...
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1145865%26seg%3D18807847%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu3%253...
https://secure.adnxs.com/getuid?https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1145865&uid=$UID
https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1145865&uid=964552449868735562

2 B
429 B

62ms
9ms

Image
application/json

52.29.131.80
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1145865&uid=964552449868735562
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.131.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-131-80.eu-central-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 15:13:04 GMT
Server: nginx/1.13.12
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Origin,x-requested-with,origin,Content-Type,accept,X-PINGARUNER
Content-Length: 2

Redirect headers

Pragma: no-cache
Date: Mon, 21 Oct 2019 15:13:06 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.142:80
AN-X-Request-Uuid: af9f2297-d546-4b12-b508-763c45fc357b
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=1145865&uid=964552449868735562
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

src=9569225;dc_pre=CMO4z_bRreUCFRbJdwodQcQIAg;type=invmedia;cat=energ00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9569225;type=invmedia;cat=energ00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9569225;dc_pre=CMO4z_bRreUCFRbJdwodQcQIAg;type=invmedia;cat=energ00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=9569225;dc_pre=CMO4z_bRreUCFRbJdwodQcQIAg;type=invmedia;cat=energ00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
264 B

19ms
19ms

Image
image/gif

2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9569225;dc_pre=CMO4z_bRreUCFRbJdwodQcQIAg;type=invmedia;cat=energ00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9569225;dc_pre=CMO4z_bRreUCFRbJdwodQcQIAg;type=invmedia;cat=energ00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
6ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=10%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=&gjid=&cid=322369464.1571670784&tid=UA-64350532-1&_gid=1727757915.1571670784&gtm=2wgaa0KRGWMDS&z=1852546025

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Oct 2019 18:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112991
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 7ms
5ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=&gjid=&cid=322369464.1571670784&tid=UA-64350532-1&_gid=1727757915.1571670784&gtm=2wgaa0KRGWMDS&z=1947450981

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Oct 2019 18:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112991
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 9ms
7ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=50%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=&gjid=&cid=322369464.1571670784&tid=UA-64350532-1&_gid=1727757915.1571670784&gtm=2wgaa0KRGWMDS&z=1235988601

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Oct 2019 18:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112991
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 9ms
7ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=75%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=&gjid=&cid=322369464.1571670784&tid=UA-64350532-1&_gid=1727757915.1571670784&gtm=2wgaa0KRGWMDS&z=400692185

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Oct 2019 18:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112991
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
7ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=90%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=&gjid=&cid=322369464.1571670784&tid=UA-64350532-1&_gid=1727757915.1571670784&gtm=2wgaa0KRGWMDS&z=1178093115

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Oct 2019 18:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112991
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
5ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=100%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=&gjid=&cid=322369464.1571670784&tid=UA-64350532-1&_gid=1727757915.1571670784&gtm=2wgaa0KRGWMDS&z=337695279

Requested by

Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Oct 2019 18:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112991
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 80EB 0
0 6ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d3877694b096c760e0de3074cf38078c&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
accept-encoding: gzip, deflate, br
cookie: fr=0aUvcXF9NpBuhjffs..BdrcsA..F2t.1.0.BdrcsA.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 17 Oct 2020 20:00:51 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: gzip
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 7EbcxTR5t98NfCdjFmheah09imgdUnHrGKKxdHNhEE04hm9tRB7HVszQJDGyECnRxQvCgYyJ8xiUuHF7A51FjA==
content-length: 12380
x-fb-trip-id: 1850256238
date: Mon, 21 Oct 2019 15:13:04 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 36ms
35ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1427167970874264&input_token&origin=1&redirect_uri=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d3877694b096c760e0de3074cf38078c&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://p2a.co/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: BJhK+V0eFsxAzE77LP88+gx/ICk4WZRFO0XxSG/Gsgj/imQOWUL5i8oxJGgioNEazkyhr6QWbdgm0SdHw1HYWg==
fb-s: unknown
status: 200
date: Mon, 21 Oct 2019 15:13:04 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://p2a.co
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-23=":443"; ma=3600
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=630823353746843&ev=Microdata&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&r...
https://cx.atdmt.com/?c=2594938959650927833&f=AYx4tuPqWXqwOsEcsNnvO6P7woQ3k20nujxs5D7uWTLoZmb3NTvEy-TP3zn3c8pakCYBzdPnXFWv6iPVVT8HPScA&id=630823353746843&l=3&v=0

42 B
407 B

53ms
39ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=2594938959650927833&f=AYx4tuPqWXqwOsEcsNnvO6P7woQ3k20nujxs5D7uWTLoZmb3NTvEy-TP3zn3c8pakCYBzdPnXFWv6iPVVT8HPScA&id=630823353746843&l=3&v=0
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 21 Oct 2019 15:13:04 GMT
content-type: image/gif
content-length: 42
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:04 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=2594938959650927833&f=AYx4tuPqWXqwOsEcsNnvO6P7woQ3k20nujxs5D7uWTLoZmb3NTvEy-TP3zn3c8pakCYBzdPnXFWv6iPVVT8HPScA&id=630823353746843&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-23=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/ 23 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 06:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31921
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8680
x-xss-protection: 0
last-modified: Sun, 20 Oct 2019 04:15:26 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 29 Oct 2019 06:21:03 GMT

GET
H2 200 nr-1130.min.js Show response
js-agent.newrelic.com/ 24 KB
10 KB 22ms
5ms Script
application/javascript 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1130.min.js
Requested by: Host: p2a.co
URL: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 15:13:05 GMT
content-encoding: gzip
x-amz-request-id: FC2E5E9385FF35C9
x-cache: HIT
status: 200
content-length: 9407
x-amz-id-2: 3XNtuktyD4wqrPKGubF2M/YqUHo1gnfCUg2ZcA6WpCpRhqESM5LEOkXHaOHxrPCQ1vUCnpmkB8M=
x-served-by: cache-hhn4056-HHN
last-modified: Tue, 09 Jul 2019 23:52:06 GMT
server: AmazonS3
x-timer: S1571670785.057955,VS0,VE0
etag: "73f8857196b9ef7fd3b302cbc557b8ac"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 32278

GET
H/1.1 200
OK 4b097c870f Show response
bam.nr-data.net/1/ 57 B
261 B 466ms
116ms Script
text/javascript 162.247.242.20
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/4b097c870f?a=21577045&v=1130.54e767a&to=YVIEYEdSDEcCBkENVlgYJ1dBWg1aTCRFFGV%2BQxJEaXANWhcXWghVU0UVaHRDEncMC0EWVlpbA0Z1VAdAIhVF&rst=2528&ref=https://p2a.co/duXl4fM&ap=512&be=1089&fe=2501&dc=2051&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1571670782537,%22n%22:0,%22f%22:273,%22dn%22:274,%22dne%22:300,%22c%22:300,%22s%22:386,%22ce%22:475,%22rq%22:475,%22rp%22:1082,%22rpe%22:1169,%22dl%22:1084,%22di%22:2051,%22ds%22:2051,%22de%22:2051,%22dc%22:2501,%22l%22:2501,%22le%22:2503%7D,%22navigation%22:%7B%7D%7D&fp=2065&fcp=2065&at=TRUHFg9IH0k%3D&ja=%7B%22engine%22:%22sombra%22,%22theme%22:%22aero%22%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1130.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhr...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64350532-1&cid=1321635601.1571670785&jid=1810871553&_gid=633533603.1571670785&gjid=378529454&_v=j79&z=1029322532
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=1321635601.1571670785&jid=1810871553&_v=j79&z=1029322532
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=1321635601.1571670785&jid=1810871553&_v=j79&z=1029322532&slf_rd=1&random=105963491

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=1321635601.1571670785&jid=1810871553&_v=j79&z=1029322532&slf_rd=1&random=105963491

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64350532-1&cid=1321635601.1571670785&jid=1810871553&_v=j79&z=1029322532&slf_rd=1&random=105963491
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 13ms
12ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=&gjid=&cid=1321635601.1571670785&tid=UA-64350532-1&_gid=633533603.1571670785&gtm=2wgaa0KRGWMDS&z=2111027782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Oct 2019 18:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112992
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 12ms
12ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=50%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=&gjid=&cid=1321635601.1571670785&tid=UA-64350532-1&_gid=633533603.1571670785&gtm=2wgaa0KRGWMDS&z=40128366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Oct 2019 18:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112992
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 12ms
11ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=75%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=&gjid=&cid=1321635601.1571670785&tid=UA-64350532-1&_gid=633533603.1571670785&gtm=2wgaa0KRGWMDS&z=620812854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Oct 2019 18:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112992
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 11ms
10ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1228018809&t=event&ni=1&_s=1&dl=https%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&ul=en-us&de=UTF-8&dt=Build%20the%20Atlantic%20Coast%20Pipeline&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20Tracking&ea=90%25&el=%2FduXl4fM&_u=aGDAAEADQ~&jid=&gjid=&cid=1321635601.1571670785&tid=UA-64350532-1&_gid=633533603.1571670785&gtm=2wgaa0KRGWMDS&z=785079769

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Oct 2019 18:03:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112992
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
210 B 23ms
23ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fp2a.co%2FduXl4fM%3Fp2asource%3Dwebsiteclicks%26fbclid%3DIwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY&4sAIzaSyC4R9aVocwhuhFvyDGBltGAnoU4mfb-xxA&callback=_xdc_._payyua&key=AIzaSyC4R9aVocwhuhFvyDGBltGAnoU4mfb-xxA&token=111817

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/38/8/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

8ef17fb0a07517b87370056c8baf1cdbbb5649fd832953c9a39ba348e55bbfce

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://p2a.co/duXl4fM?p2asource=websiteclicks&fbclid=IwAR1uIbC8_phfpx8Ha2pHjtS6SEtgHDElQOMhrsMcUR1b7bD60ET-3jGMYAY
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 15:13:09 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=10
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://admin.phone2action.com/js/campaign/app.js?v=1571418224(Line 1) Message: TypeError: Cannot read property 'setItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
admin.phone2action.com
adservice.google.com
api.mixpanel.com
bam.nr-data.net
cdn.mxpnl.com
cdnjs.cloudflare.com
connect.facebook.net
cx.atdmt.com
d2ab4fmh03vt6m.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
maps.googleapis.com
maps.gstatic.com
p2a-files.s3.amazonaws.com
p2a.co
pixel.mediaiqdigital.com
platform.twitter.com
s.ytimg.com
secure.adnxs.com
static.ads-twitter.com
staticxx.facebook.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.liunaactionnetwork.org
www.youtube.com
107.178.240.159
151.101.114.110
151.101.12.157
162.247.242.20
185.33.223.200
216.58.205.230
2600:1901:0:498c::
2606:2800:234:59:254c:406:2366:268c
2606:4700::6813:c497
2a00:1450:4001:809::200e
2a00:1450:4001:815::200e
2a00:1450:4001:816::2003
2a00:1450:4001:818::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2002
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2004
2a00:1450:4001:821::2003
2a00:1450:4001:821::200e
2a00:1450:4001:824::200a
2a00:1450:400c:c00::9a
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.20.104.44
52.216.132.171
52.29.131.80
52.5.125.15
54.192.94.96
74.123.154.146
01dc4ed9385d83539f9f35107db37ae829d51d0c5e6428ef491b0d8963ff960f
08d216a7b19e98399c8b1ab33ed6d74b3d8af4ac13a6adb5ced02c6eccb0c5c6
0c830c03e801d357baa07f0ef783aaa5ee9d5f950034f3d2aac03ba52623064c
0e5231731d55eff5a2e49d3d8c39f49db9a77e0596893fbb466d288c624d3913
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16dd54686a3ed4ca169cba44af157ea072d91930a6b5ad3690b4651820e5e0b2
1b418c7d113e7b6669cd5081d3d6d8047d9db0efe6789c03130bdf9736a542d5
2b20899b14f2ec5b8fde3819eab47d0003826f831014efc701299292c910a469
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
387a679cdec1f4b30a90e92fceea0b475ab1c50a6b7faf8a7659d4f3caf8a747
3b40398f08bcb34199de1ae7fddcf256ab3181f28914760031c0fccd7e5d1091
3dc47f16fbfab4b223c6ac032e45dc26380645b92ebd828fc703a2861ca39512
42c58a7a55084e6acc0e46a8397648d4983508004595470b36e3e2127fa75197
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5a3fdd33eef5a838c25b2afe031bc8478dd97dcd175ce9b9d99c2a77163b6748
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
63f80bc0163a9984ad398863d0a3626a4f588824183e851e3ff30f96522d7b32
64763dc027928e1dd0b5dfe746b91dd24fd24ffa314e635fdad64deebabded1c
6a25ac6b606f7bfc056f561afff44b0381ae39f1267e4f159585659351955821
6a645c93a587df5075444babe7d852b13ed4e4d24e339e307551acf743e214ec
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d8118aafc6a160108aed988875d2deb6ea67030c436cafbb1897722dee7a25c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b9fb1ff664b5a27f0c0330b8c5edefcbb63994ad86cf4819f1c538e6d3c4be5
8ef17fb0a07517b87370056c8baf1cdbbb5649fd832953c9a39ba348e55bbfce
9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31
9cfc4bc40845c958785e2596a4dcb2845f9adf98bd7d259e12ed1fa6f136ca1e
b1b38c93227a93ff0a6678ff97898e7c6f7a5a1e3f1e2bb4b27f28286ea8b3c5
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
b8c868fdd2f11d86739846d3728b57765e0523bce5494996237f2a1f0acde071
c8bf0c92e9d760687900c78550d36be64b89a20978f6edda34dcae384dceb06e
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d29ecf3f5a1f957a4da5d9f2864ccf2ed9c6006332d28d06203277a5da20e69a
da340751e379e3ed10c38327a34b1038ddb170ef7c895ae6b371d83f6ed423ff
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3810c3b58f3adfa72d17a62e5967986e98d6a0c5bb15d0a7ff4fa334428e7fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

p2a.co Open in urlscan Pro 52.20.104.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

60 %IPv6

26 Domains

31 Subdomains

25 IPs

5 Countries

1018 kBTransfer

3127 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

p2a.co Open in urlscan Pro
52.20.104.44 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

60 %
IPv6

26
Domains

31
Subdomains

25
IPs

5
Countries

1018 kB
Transfer

3127 kB
Size

0
Cookies

60 HTTP transactions
0 data transactions