Submitted URL: http://buttons.cm/
Effective URL: https://buttons.cm/
Submission: On October 20 via api from CH

Summary

This website contacted 21 IPs in 6 countries across 20 domains to perform 42 HTTP transactions. The main IP is 103.28.41.100, located in Australia and belongs to CAMPAIGNMONITOR-AS-GLOBAL CAMPAIGN MONITOR PTY LTD, AU. The main domain is buttons.cm.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 15th 2019. Valid for: 2 years.
This is the only time buttons.cm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 103.28.41.100 55819 (CAMPAIGNM...)
1 2a00:1450:400... 15169 (GOOGLE)
2 99.86.2.93 16509 (AMAZON-02)
1 54.239.186.139 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 151.101.112.193 54113 (FASTLY)
2 2 151.101.16.193 54113 (FASTLY)
4 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.72 13414 (TWITTER)
1 52.41.92.51 16509 (AMAZON-02)
1 5 23.210.248.216 16625 (AKAMAI-AS)
1 1 99.80.195.146 16509 (AMAZON-02)
9 14 63.32.63.32 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 3.124.119.192 16509 (AMAZON-02)
1 2 64.202.112.191 22075 (AS-OUTBRAIN)
1 2 35.158.180.177 16509 (AMAZON-02)
1 1 2a00:1288:f03... 10310 (YAHOO-1)
1 2 35.157.168.25 16509 (AMAZON-02)
1 2 185.33.221.91 29990 (ASN-APPNEX)
1 2 34.98.64.218 15169 (GOOGLE)
1 1 216.58.207.66 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 34.251.170.149 16509 (AMAZON-02)
42 21
Domain Requested by
15 d.adroll.com 9 redirects
5 s.adroll.com 1 redirects buttons.cm
s.adroll.com
4 platform.twitter.com buttons.cm
platform.twitter.com
3 i.imgur.com buttons.cm
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 x.bidswitch.net 1 redirects
2 eb2.3lift.com 1 redirects
2 sync.outbrain.com 1 redirects
2 connect.facebook.net d.adroll.com
connect.facebook.net
2 www.google-analytics.com buttons.cm
www.google-analytics.com
2 imgur.com 2 redirects
2 www.facebook.com buttons.cm
2 i3.campaignmonitor.com buttons.cm
2 buttons.cm 1 redirects
1 ads.yahoo.com 1 redirects
1 pixel.advertising.com
1 d.adroll.mgr.consensu.org 1 redirects
1 api.segment.io cdn.segment.com
1 syndication.twitter.com buttons.cm
1 cdn.segment.com buttons.cm
1 fonts.googleapis.com buttons.cm
0 i1.campaignmonitor.com Failed buttons.cm
42 24
Subject Issuer Validity Valid
buttons.cm
DigiCert SHA2 Secure Server CA
2019-11-15 -
2021-12-15
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
campaignmonitor.com
Amazon
2020-06-18 -
2021-07-18
a year crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA
2020-06-12 -
2021-07-27
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-09-11 -
2020-12-10
3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA
2020-01-15 -
2022-03-16
2 years crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-11-18
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA
2020-01-29 -
2021-04-29
a year crt.sh
adroll.mgr.consensu.org
Amazon
2020-10-08 -
2021-11-07
a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2020-10-04 -
2021-03-31
6 months crt.sh
*.outbrain.com
Thawte RSA CA 2018
2019-10-29 -
2021-11-23
2 years crt.sh
*.3lift.com
Amazon
2020-07-04 -
2021-08-05
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh

This page contains 4 frames:

Primary Page: https://buttons.cm/
Frame ID: 054B37B1FA95174D01095B8AFA3651C4
Requests: 39 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=240480779309856&href=http%3A%2F%2Fbuttons.cm&send=false&layout=box_count&width=55&show_faces=false&action=like&colorscheme=light&font&height=90
Frame ID: 56A5919130AA8C0ED2D5AE97197A9ED7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fbuttons.cm
Frame ID: 5CD7B7F60FDB09FDC21A3C0246814A76
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Frame ID: D830AB4D19EB7EA0ABF53D2AC0E4B450
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://buttons.cm/ HTTP 301
    https://buttons.cm/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

42
Requests

86 %
HTTPS

28 %
IPv6

20
Domains

24
Subdomains

21
IPs

6
Countries

255 kB
Transfer

950 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buttons.cm/ HTTP 301
    https://buttons.cm/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://imgur.com/5BIp9d0.gif HTTP 301
  • https://i.imgur.com/5BIp9d0.gif
Request Chain 13
  • https://imgur.com/clZqdfM.gif HTTP 301
  • https://i.imgur.com/clZqdfM.gif
Request Chain 23
  • https://s.adroll.com/j/exp/UA2TOKRMTRCEFE3R6VYNQ2/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 25
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/UA2TOKRMTRCEFE3R6VYNQ2?_s=11ce879441d56d8779843d795e704829&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/UA2TOKRMTRCEFE3R6VYNQ2/?_s=11ce879441d56d8779843d795e704829&_b=2
Request Chain 26
  • https://d.adroll.com/pixel/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&pv=86804163396.90431&cookie=&adroll_s_ref=&keyw= HTTP 302
  • https://s.adroll.com/pixel/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI/SAVM7U4YFBBWBPSQLCKNBU.js
Request Chain 29
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2 HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 30
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&rdrctExp=true
Request Chain 31
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2 HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Request Chain 32
  • https://d.adroll.com/cm/r/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2 HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 33
  • https://d.adroll.com/cm/b/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
Request Chain 34
  • https://d.adroll.com/cm/x/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2 HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
Request Chain 36
  • https://d.adroll.com/cm/o/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=62918b2e822682c09f4a790217df9392 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=62918b2e822682c09f4a790217df9392
Request Chain 37
  • https://d.adroll.com/cm/g/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=YpGLLoImgsCfSnkCF9-Tkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=YpGLLoImgsCfSnkCF9-Tkg&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
buttons.cm/
Redirect Chain
  • http://buttons.cm/
  • https://buttons.cm/
61 KB
20 KB
Document
General
Full URL
https://buttons.cm/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.28.41.100 , Australia, ASN55819 (CAMPAIGNMONITOR-AS-GLOBAL CAMPAIGN MONITOR PTY LTD, AU),
Reverse DNS
Software
nginx /
Resource Hash
ea1a16ea3384ccd26a183eb06fc12d48dc0eea24dc01cb4474afdd1ffe4121fa

Request headers

Host
buttons.cm
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Tue, 20 Oct 2020 17:03:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip

Redirect headers

Content-Type
text/plain
Date
Tue, 20 Oct 2020 16:55:22 GMT
Location
https://buttons.cm/
Connection
Keep-Alive
Content-Length
0
css?family=Roboto+Condensed:700%7CRoboto:400,500,700
fonts.googleapis.com/
10 KB
944 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:400,500,700
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c0d5a004c05661da38f3dc1c7746eb622edd482dfb0f74b6d67bc9d5210de53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Oct 2020 17:03:15 GMT
server
ESF
date
Tue, 20 Oct 2020 17:03:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Oct 2020 17:03:15 GMT
dotcm.css?ver=240
i1.campaignmonitor.com/assets/style/
0
0

1.7.1.min.js?ver=240
i3.campaignmonitor.com/assets/js/_jquery/
0
0

header.js?ver=240
i3.campaignmonitor.com/assets/js/
0
0

global.js?ver=240
i3.campaignmonitor.com/assets/js/
0
0

emailbtn.js?ver=240
i3.campaignmonitor.com/assets/js/_pages/
0
0

farbtastic.js?ver=240
i3.campaignmonitor.com/assets/js/_plugins/
0
0

segment.js?ver=240
i3.campaignmonitor.com/assets/js/analytics/
7 KB
2 KB
Script
General
Full URL
https://i3.campaignmonitor.com/assets/js/analytics/segment.js?ver=240
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-93.fra6.r.cloudfront.net
Software
csw /
Resource Hash
48caa3eace2543c76668e272ecaecefb2f53329c108836df2c0ea72b70ae33b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
status
200
x-xss-protection
1;mode=block
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Oct 2020 13:54:07 GMT
server
csw
x-frame-options
DENY
date
Tue, 20 Oct 2020 17:03:16 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control
s-maxage=3600
etag
W/"5f845fff-1cea"
x-amz-cf-id
2q9tVddy63QMo6OWy47SxqDedBFVJzz9yG1QmirjE9EwSOfd91Y14A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ref-info.js?ver=240
i3.campaignmonitor.com/assets/js/
0
0
Script
General
Full URL
https://i3.campaignmonitor.com/assets/js/ref-info.js?ver=240
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-93.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
analytics.min.js
cdn.segment.com/analytics.js/v1/neBaWsPgqsqKfswlVYdVATRFqiVrB4LD/
349 KB
63 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/neBaWsPgqsqKfswlVYdVATRFqiVrB4LD/analytics.min.js
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.186.139 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-186-139.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f757efd04e8c2cce29ddad0e81f16b4cae0990f3a2e31be25d634db34df018ed

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
HYYVbqm5UZA.NFSyzSEkwE2c.svubqlE
content-encoding
gzip
etag
"0c79fb979dffc211f2cc2066e125768f"
x-amz-cf-pop
HAM50-C3
x-cache
RefreshHit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
63761
access-control-allow-origin
*
last-modified
Fri, 16 Oct 2020 17:32:07 GMT
server
AmazonS3
date
Tue, 20 Oct 2020 17:03:17 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 425ccbcb040dd779e5f3bdc76b6d8ff9.cloudfront.net (CloudFront)
cache-control
public, max-age=300
accept-ranges
bytes
x-amz-cf-id
rNtEQxmrEsl11MVpRSenva8K-BU7SHnH-CtuR7SN-X9x00H4_hUV7g==
like.php?app_id=240480779309856&href=http%3A%2F%2Fbuttons.cm&send=false&layout=box_count&width=55&show_faces=false&action=like&colorscheme=light&font&height=90
www.facebook.com/plugins/ Frame 56A5
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like.php?app_id=240480779309856&href=http%3A%2F%2Fbuttons.cm&send=false&layout=box_count&width=55&show_faces=false&action=like&colorscheme=light&font&height=90
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?app_id=240480779309856&href=http%3A%2F%2Fbuttons.cm&send=false&layout=box_count&width=55&show_faces=false&action=like&colorscheme=light&font&height=90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://buttons.cm/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://buttons.cm/

Response headers

status
200
vary
Accept-Encoding
pragma
no-cache
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
q7QhtlQZxfPZwc4hJUKJRWuol7Wy40RdAGtAevTCbTJUmMjgin+bjP7YzImPaBQzwFr82MnN8olfdrptEKH/zA==
date
Tue, 20 Oct 2020 17:03:16 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
0xPEf.gif
i.imgur.com/
264 B
578 B
Image
General
Full URL
https://i.imgur.com/0xPEf.gif
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0fc81861dd6c1129cc5ba0fe92ca94cb7206488ba28fe406b664e2d936d863a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 17:03:16 GMT
x-content-type-options
nosniff
age
4694708
x-cache
HIT, HIT
status
200
content-length
264
x-served-by
cache-bwi5126-BWI, cache-hhn4054-HHN
last-modified
Fri, 28 Dec 2012 09:57:33 GMT
server
cat factory 1.0
x-timer
S1603213396.293642,VS0,VE1
etag
"6e028740319effcc8a57fecba7c74241"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
5BIp9d0.gif
i.imgur.com/
Redirect Chain
  • https://imgur.com/5BIp9d0.gif
  • https://i.imgur.com/5BIp9d0.gif
276 B
423 B
Image
General
Full URL
https://i.imgur.com/5BIp9d0.gif
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d7760b2be37be6edfa530a95ad3c1b14a8f8324016fbd2edb81f2485db2d263d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 17:03:16 GMT
x-content-type-options
nosniff
age
31477368
x-cache
HIT, HIT
status
200
content-length
276
x-served-by
cache-bwi5128-BWI, cache-hhn4054-HHN
last-modified
Fri, 02 May 2014 11:05:42 GMT
server
cat factory 1.0
x-timer
S1603213396.326510,VS0,VE1
etag
"ecc5a9d879bd1bc2a805ca852ec2d68e"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

date
Tue, 20 Oct 2020 17:03:16 GMT
server
cat factory 1.0
x-timer
S1603213396.297733,VS0,VE0
status
301
x-frame-options
DENY
x-cache
HIT
location
https://i.imgur.com/5BIp9d0.gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
false
x-cache-hits
0
accept-ranges
bytes
access-control-allow-origin
https://imgur.com
content-length
0
retry-after
0
x-served-by
cache-lcy19253-LCY
clZqdfM.gif
i.imgur.com/
Redirect Chain
  • https://imgur.com/clZqdfM.gif
  • https://i.imgur.com/clZqdfM.gif
550 B
697 B
Image
General
Full URL
https://i.imgur.com/clZqdfM.gif
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c611cf73921a56b6d0c2da4ce0b070d6f41322c4ab8aeecea7b4a5cdbaec02c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 17:03:16 GMT
x-content-type-options
nosniff
age
4089118
x-cache
HIT, HIT
status
200
content-length
550
x-served-by
cache-bwi5151-BWI, cache-hhn4054-HHN
last-modified
Fri, 02 May 2014 11:03:02 GMT
server
cat factory 1.0
x-timer
S1603213396.326625,VS0,VE1
etag
"96dae8b06e957425fea5e74f84b3eb91"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

date
Tue, 20 Oct 2020 17:03:16 GMT
server
cat factory 1.0
x-timer
S1603213396.297781,VS0,VE0
status
301
x-frame-options
DENY
x-cache
HIT
location
https://i.imgur.com/clZqdfM.gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
false
x-cache-hits
0
accept-ranges
bytes
access-control-allow-origin
https://imgur.com
content-length
0
retry-after
0
x-served-by
cache-lcy19253-LCY
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4186) /
Resource Hash
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 20 Oct 2020 17:03:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
481
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28698
x-tw-cdn
VZ
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
Server
ECS (fcn/4186)
Etag
"a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
analytics.js
www.google-analytics.com/
45 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
6447
date
Tue, 20 Oct 2020 15:15:49 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Tue, 20 Oct 2020 17:15:49 GMT
collect?v=1&_v=j86&a=1512600093&t=pageview&_s=1&dl=https%3A%2F%2Fbuttons.cm%2F&ul=en-us&de=UTF-8&dt=Bulletproof%20email%20buttons%20%7C%20Campaign%20Monitor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0...
www.google-analytics.com/j/
2 B
424 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1512600093&t=pageview&_s=1&dl=https%3A%2F%2Fbuttons.cm%2F&ul=en-us&de=UTF-8&dt=Bulletproof%20email%20buttons%20%7C%20Campaign%20Monitor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1013884119&gjid=466099451&cid=1455712448.1603213396&tid=UA-30586-17&_gid=66607882.1603213396&_r=1&_slc=1&z=784082752
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 17:03:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://buttons.cm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fbuttons.cm
platform.twitter.com/widgets/ Frame 5CD7
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fbuttons.cm
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://buttons.cm/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://buttons.cm/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
502393
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Oct 2020 17:03:16 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 01 Oct 2020 21:50:01 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40B4)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
button.63c51c903061d0dbd843c41e8a00aa5a.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4186) /
Resource Hash
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 20 Oct 2020 17:03:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:51 GMT
Server
ECS (fcn/4186)
Age
502393
Etag
"62d4b0301f07768d13f3ee5de8633739+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
platform.twitter.com/widgets/ Frame D830
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4186) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://buttons.cm/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://buttons.cm/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
502393
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Oct 2020 17:03:16 GMT
Etag
"076dccdedb34f3771be52190b917884e+gzip"
Last-Modified
Thu, 01 Oct 2020 21:49:58 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4186)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12263
jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fbuttons.cm%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22campaignmonitor%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%...
syndication.twitter.com/i/
43 B
337 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fbuttons.cm%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22campaignmonitor%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1603213396521%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22ed20a2b%3A1601588405575%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 17:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
117
pragma
no-cache
last-modified
Tue, 20 Oct 2020 17:03:16 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
1c15be879ce7b06aaaf1cbe9229629a9
x-transaction
0020032400ff226c
expires
Tue, 31 Mar 1981 05:00:00 GMT
p
api.segment.io/v1/
21 B
138 B
XHR
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/neBaWsPgqsqKfswlVYdVATRFqiVrB4LD/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.92.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-92-51.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Tue, 20 Oct 2020 17:03:17 GMT
access-control-allow-origin
https://buttons.cm
content-length
21
vary
Origin
content-type
application/json
roundtrip.js
s.adroll.com/j/
39 KB
13 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: buttons.cm
URL: https://buttons.cm/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c248f8404721d961fff789b4916e8b2f3ac975ffde32bb370374814712055d59

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
j1Ukz68kZImBJrgt6DlzhQICmRxkgWbz
Content-Encoding
gzip
ETag
"505601f096ee8dbb7ca2aafa3009e00c"
x-amz-request-id
4A30A1DF02B82D40
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
12342
x-amz-id-2
YGWnZLWp3a5Q/+XhlpjWllAZJKOHJKWeLtsAnTJqNwJQeVBUyMtnDCL6xRU42ao8VNLkNHGVEhY=
Last-Modified
Wed, 14 Oct 2020 20:21:11 GMT
Server
AmazonS3
Date
Tue, 20 Oct 2020 17:03:17 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/UA2TOKRMTRCEFE3R6VYNQ2/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
2U8XMvdFINXJNFsilaXONuSvqmREKV3.
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
0A9DFB41B15EF3A2
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
9wtYzl8isf76a+KTcCc0hWCh/ZKrxXSL0KsmsoDDvS1VGgWl/GxdSe7DtPnOmbh4BH+84jF1nEY=
Last-Modified
Fri, 31 Jul 2020 16:11:15 GMT
Server
AmazonS3
Date
Tue, 20 Oct 2020 17:03:17 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Tue, 20 Oct 2020 17:03:17 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI/
0
773 B
Script
General
Full URL
https://s.adroll.com/j/pre/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
u94cVtNKjjzQhi0yGbjSmoxghZy2B51v
Content-Encoding
gzip
ETag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id
B858085168B921C5
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
20
x-amz-id-2
kstsYEKnYVcvRaXUKi2kgC4KTRg4OgVUC1RA5fVHJRBhVroCZKn6n1C9HNknT0u9Br8aEbisHPk=
Last-Modified
Tue, 20 Oct 2020 02:06:06 GMT
Server
AmazonS3
Date
Tue, 20 Oct 2020 17:03:17 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
?_s=11ce879441d56d8779843d795e704829&_b=2
d.adroll.com/consent/check/UA2TOKRMTRCEFE3R6VYNQ2/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/UA2TOKRMTRCEFE3R6VYNQ2?_s=11ce879441d56d8779843d795e704829&_b=2
  • https://d.adroll.com/consent/check/UA2TOKRMTRCEFE3R6VYNQ2/?_s=11ce879441d56d8779843d795e704829&_b=2
394 B
862 B
Script
General
Full URL
https://d.adroll.com/consent/check/UA2TOKRMTRCEFE3R6VYNQ2/?_s=11ce879441d56d8779843d795e704829&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.63.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3ce0cf875ad07666a5fd4096e94b95e9231393d41537471aa247bf00146b3610

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 17:03:17 GMT
server
nginx/1.18.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
application/javascript
content-length
394

Redirect headers

status
302
date
Tue, 20 Oct 2020 17:03:17 GMT
server
nginx/1.18.0
content-length
105
location
https://d.adroll.com/consent/check/UA2TOKRMTRCEFE3R6VYNQ2/?_s=11ce879441d56d8779843d795e704829&_b=2
SAVM7U4YFBBWBPSQLCKNBU.js
s.adroll.com/pixel/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI/
Redirect Chain
  • https://d.adroll.com/pixel/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&pv=86804163396.90431&c...
  • https://s.adroll.com/pixel/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI/SAVM7U4YFBBWBPSQLCKNBU.js
14 KB
5 KB
Script
General
Full URL
https://s.adroll.com/pixel/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI/SAVM7U4YFBBWBPSQLCKNBU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6ecd6502f19facfd4d76f69e8105f7703689ac80a7d9c7c262bd91e8319fb39

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
avpVLQJeUy4aFNPm.x6Vjo9SZ3f3M4sC
Content-Encoding
gzip
ETag
"8f70092ab5a82fbd52387dca39046a0a"
x-amz-request-id
BD2176D6B5D02612
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
4084
x-amz-id-2
/lJibvyrxzqakDLpthhwj64n1bKc1vSTRmGOQ+q5I8ARF7ApMfUdRg+pgFziuI75LoTgRJfx1MA=
Last-Modified
Wed, 29 Jul 2020 14:57:05 GMT
Server
AmazonS3
Date
Tue, 20 Oct 2020 17:03:17 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

date
Tue, 20 Oct 2020 17:03:17 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
content-length
0
pragma
no-cache
x-conversion-value
0.00
server
nginx/1.18.0
x-rule
*
x-segment-eid
SAVM7U4YFBBWBPSQLCKNBU
location
https://s.adroll.com/pixel/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI/SAVM7U4YFBBWBPSQLCKNBU.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
R3QAWUXLXVB33JN43PP6BI
x-segment-name
*
x-advertisable-eid
UA2TOKRMTRCEFE3R6VYNQ2
x-conversion-currency
fbevents.js
connect.facebook.net/en_US/
88 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d.adroll.com
URL: https://d.adroll.com/pixel/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&pv=86804163396.90431&cookie=&adroll_s_ref=&keyw=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23070
x-xss-protection
0
pragma
public
x-fb-debug
8hL7A4I7Mhnwu5E0eZIl1vIwhDH5JcUTbR9Vc8idEJSVM5zJQKI2DjG439NK+sg1jH46Ef7BdMznZA7LZQgleA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 20 Oct 2020 17:03:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires
Sat, 01 Jan 2000 00:00:00 GMT
R3QAWUXLXVB33JN43PP6BI?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&pv=86804163396.90431&ev=t%3Dtop%26f%3D0
d.adroll.com/onp/UA2TOKRMTRCEFE3R6VYNQ2/
42 B
534 B
Image
General
Full URL
https://d.adroll.com/onp/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&pv=86804163396.90431&ev=t%3Dtop%26f%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.63.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 17:03:17 GMT
server
nginx/1.18.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
x-advertisable-eid
UA2TOKRMTRCEFE3R6VYNQ2
content-length
42
sync?uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pixel.advertising.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2
  • https://pixel.advertising.com/ups/55980/sync?uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
125 B
Image
General
Full URL
https://pixel.advertising.com/ups/55980/sync?uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.119.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Tue, 20 Oct 2020 17:03:17 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Tue, 20 Oct 2020 17:03:17 GMT
server
nginx/1.18.0
status
302
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.advertising.com/ups/55980/sync?uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
cache-control
no-store, no-cache, must-revalidate
content-length
167
cookie-sync?p=adroll&uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&rdrctExp=true
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&rdrctExp=true
0
477 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&rdrctExp=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 20 Oct 2020 17:03:18 GMT
Cache-Control
no-cache
X-TraceId
5a503334963314c0aee9b57c30204ad5
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&rdrctExp=true
Date
Tue, 20 Oct 2020 17:03:17 GMT
X-TraceId
b4de12a7b483ce76a1f515be2cbb590f
Content-Length
0
xuid?ld=1&mid=4714&xuid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.180.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-180-177.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 20 Oct 2020 17:03:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status
302
date
Tue, 20 Oct 2020 17:03:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
/xuid?ld=1&mid=4714&xuid=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
d.adroll.com/cm/r/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
42 B
499 B
Image
General
Full URL
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.63.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 17:03:17 GMT
server
nginx/1.18.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42

Redirect headers

date
Tue, 20 Oct 2020 17:03:17 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
status
302
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync?dsp_id=44&user_id=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
43 B
411 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.168.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-168-25.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 20 Oct 2020 17:03:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Tue, 20 Oct 2020 17:03:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2
  • https://ib.adnxs.com/setuid?entity=172&code=NjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Oct 2020 17:03:17 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.75:80
AN-X-Request-Uuid
c905f44c-38e1-4f63-9b43-998d3eb258c1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 20 Oct 2020 17:03:17 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.167:80
AN-X-Request-Uuid
523d8b2e-a19d-4e30-8d66-e8ff0e023f6a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjI5MThiMmU4MjI2ODJjMDlmNGE3OTAyMTdkZjkzOTI
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2
d.adroll.com/cm/l/
42 B
180 B
Image
General
Full URL
https://d.adroll.com/cm/l/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.63.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 20 Oct 2020 17:03:17 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.18.0
content-length
42
vary
Cookie
content-type
image/gif
sd?cc=1&id=537103138&val=62918b2e822682c09f4a790217df9392
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=62918b2e822682c09f4a790217df9392
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=62918b2e822682c09f4a790217df9392
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=62918b2e822682c09f4a790217df9392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.195.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 17:03:17 GMT
via
1.1 google
server
OXGW/16.195.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 20 Oct 2020 17:03:17 GMT
via
1.1 google
server
OXGW/16.195.1
status
302
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=62918b2e822682c09f4a790217df9392
alt-svc
clear
content-length
0
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=3e67954ceefe525fb7eb6aaabfc9e655-1603213397344&arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&advertisable=UA2TOKRMTRCEFE3R6VYNQ2&google_nid=adroll5
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=YpGLLoImgsCfSnkCF9-Tkg
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=YpGLLoImgsCfSnkCF9-Tkg&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
536 B
Image
General
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.63.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 17:03:17 GMT
server
nginx/1.18.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Tue, 20 Oct 2020 17:03:17 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
472951256176366?v=2.9.27&r=stable
connect.facebook.net/signals/config/
234 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/472951256176366?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a0ebf7ecbae2da11ce8455878e49030bf50a7af0de5902f00b0622d72030f82
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
unxyVzEV893besYbRMrj1sqMIZwaf3PLkugV60C3Xcp6vFdkQKMvkMPpDhxyyODzF5rf5xuZ3CsZyAu743ASYA==
x-fb-trip-id
664085054
date
Tue, 20 Oct 2020 17:03:17 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires
Sat, 01 Jan 2000 00:00:00 GMT
?id=472951256176366&ev=PageView&dl=https%3A%2F%2Fbuttons.cm%2F&rl=&if=false&ts=1603213397915&cd[segment_eid]=SAVM7U4YFBBWBPSQLCKNBU&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=29&fbp=fb.1.160321339791...
www.facebook.com/tr/
44 B
219 B
Image
General
Full URL
https://www.facebook.com/tr/?id=472951256176366&ev=PageView&dl=https%3A%2F%2Fbuttons.cm%2F&rl=&if=false&ts=1603213397915&cd[segment_eid]=SAVM7U4YFBBWBPSQLCKNBU&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=29&fbp=fb.1.1603213397914.1010082427&it=1603213397625&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 17:03:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 20 Oct 2020 17:03:17 GMT
R3QAWUXLXVB33JN43PP6BI?arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&pv=86804163396.90431&ev=t%3Dtop%26f%3D10
d.adroll.com/onp/UA2TOKRMTRCEFE3R6VYNQ2/
42 B
536 B
Image
General
Full URL
https://d.adroll.com/onp/UA2TOKRMTRCEFE3R6VYNQ2/R3QAWUXLXVB33JN43PP6BI?arrfrr=https%3A%2F%2Fbuttons.cm%2F&xid_ch=f&pv=86804163396.90431&ev=t%3Dtop%26f%3D10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.170.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://buttons.cm/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 17:03:27 GMT
server
nginx/1.18.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
x-advertisable-eid
UA2TOKRMTRCEFE3R6VYNQ2
content-length
42

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i1.campaignmonitor.com
URL
https://i1.campaignmonitor.com/assets/style/dotcm.css?ver=240
Domain
i3.campaignmonitor.com
URL
https://i3.campaignmonitor.com/assets/js/_jquery/1.7.1.min.js?ver=240
Domain
i3.campaignmonitor.com
URL
https://i3.campaignmonitor.com/assets/js/header.js?ver=240
Domain
i3.campaignmonitor.com
URL
https://i3.campaignmonitor.com/assets/js/global.js?ver=240
Domain
i3.campaignmonitor.com
URL
https://i3.campaignmonitor.com/assets/js/_pages/emailbtn.js?ver=240
Domain
i3.campaignmonitor.com
URL
https://i3.campaignmonitor.com/assets/js/_plugins/farbtastic.js?ver=240

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| analytics object| dataLayer object| _gaq string| GoogleAnalyticsObject function| ga string| adroll_adv_id string| adroll_pix_id object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr function| waitUntilLoad function| listAdd function| campaignParams function| addIfUnique function| listAddLogic function| campaignParamsLogic function| getQueryParam function| ensureLoaded object| _wq function| normalize boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| adroll_exp_list function| fbq function| _fbq

4 Cookies

Domain/Path Name / Value
.buttons.cm/ Name: ajs_anonymous_id
Value: %22b3d1ca2b-60d1-4356-bfa4-dcf734091474%22
.buttons.cm/ Name: _gid
Value: GA1.2.66607882.1603213396
.buttons.cm/ Name: _gat
Value: 1
.buttons.cm/ Name: _ga
Value: GA1.2.1455712448.1603213396

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
api.segment.io
buttons.cm
cdn.segment.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
eb2.3lift.com
fonts.googleapis.com
i.imgur.com
i1.campaignmonitor.com
i3.campaignmonitor.com
ib.adnxs.com
imgur.com
pixel.advertising.com
platform.twitter.com
s.adroll.com
sync.outbrain.com
syndication.twitter.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
x.bidswitch.net
i1.campaignmonitor.com
i3.campaignmonitor.com
103.28.41.100
104.244.42.72
151.101.112.193
151.101.16.193
185.33.221.91
216.58.207.66
23.210.248.216
2606:2800:234:59:254c:406:2366:268c
2a00:1288:f03d:1fa::4000
2a00:1450:4001:802::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.119.192
34.251.170.149
34.98.64.218
35.157.168.25
35.158.180.177
52.41.92.51
54.239.186.139
63.32.63.32
64.202.112.191
99.80.195.146
99.86.2.93
0a0ebf7ecbae2da11ce8455878e49030bf50a7af0de5902f00b0622d72030f82
0fc81861dd6c1129cc5ba0fe92ca94cb7206488ba28fe406b664e2d936d863a0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
3ce0cf875ad07666a5fd4096e94b95e9231393d41537471aa247bf00146b3610
48caa3eace2543c76668e272ecaecefb2f53329c108836df2c0ea72b70ae33b5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
7c0d5a004c05661da38f3dc1c7746eb622edd482dfb0f74b6d67bc9d5210de53
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c248f8404721d961fff789b4916e8b2f3ac975ffde32bb370374814712055d59
c611cf73921a56b6d0c2da4ce0b070d6f41322c4ab8aeecea7b4a5cdbaec02c5
d7760b2be37be6edfa530a95ad3c1b14a8f8324016fbd2edb81f2485db2d263d
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ecd6502f19facfd4d76f69e8105f7703689ac80a7d9c7c262bd91e8319fb39
ea1a16ea3384ccd26a183eb06fc12d48dc0eea24dc01cb4474afdd1ffe4121fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f757efd04e8c2cce29ddad0e81f16b4cae0990f3a2e31be25d634db34df018ed