pagedemo.co Open in urlscan Pro
2606:4700:4400::6812:25e5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pagedemo.co/
Effective URL:
https://pagedemo.co/
Submission: On July 08 via api (July 8th 2024, 10:34:44 am UTC) from US — Scanned from DE

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 3 countries across 28 domains to perform 65 HTTP transactions. The main IP is 2606:4700:4400::6812:25e5, located in United States and belongs to CLOUDFLARENET, US. The main domain is pagedemo.co.
TLS certificate: Issued by GTS CA 1P5 on May 20th 2024. Valid for: 3 months.

This is the only time pagedemo.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	2606:4700:440... 2606:4700:4400::6812:25e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:440... 2606:4700:4400::6812:2084	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:96fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	34.36.17.181 34.36.17.181	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.238.130.122 104.238.130.122	20473 (AS-CHOOPA) (AS-CHOOPA)
1	172.67.136.110 172.67.136.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:235... 2600:9000:235a:ee00:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.58 13.32.121.58	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1 4	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4b8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:ad4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1e85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.185.227 172.67.185.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::201b	15169 (GOOGLE) (GOOGLE)
65	36

5 2606:4700:4400::6812:25e5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

pagedemo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::6812:2084 (United States)

ASN13335 (CLOUDFLARENET, US)

g.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:96fb (United States)

ASN13335 (CLOUDFLARENET, US)

heatmap-events-collector.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.17.181 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 181.17.36.34.bc.googleusercontent.com

cdn.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.238.130.122 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 104.238.130.122.vultrusercontent.com

alphatargeting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.136.110 (United States)

ASN13335 (CLOUDFLARENET, US)

openserf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:246 (United States)

ASN13335 (CLOUDFLARENET, US)

snippet.growsumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:235a:ee00:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-58.fra60.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bd4 (United States)

ASN13335 (CLOUDFLARENET, US)

grsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4b8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ad4 (United States)

ASN13335 (CLOUDFLARENET, US)

get.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e85 (United States)

ASN13335 (CLOUDFLARENET, US)

partnerlinks.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.185.227 (United States)

ASN13335 (CLOUDFLARENET, US)

ec.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	fastcdn.co g.fastcdn.co — Cisco Umbrella Rank: 83940 v.fastcdn.co — Cisco Umbrella Rank: 64877	181 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3576 www.google.com — Cisco Umbrella Rank: 10	216 B
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 208	4 KB
5	pagedemo.co 2 redirects pagedemo.co	10 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 671 px4.ads.linkedin.com — Cisco Umbrella Rank: 7218	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6500	255 B
3	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 10228 track.hubspot.com — Cisco Umbrella Rank: 5397	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 530	14 KB
3	instapagemetrics.com cdn.instapagemetrics.com — Cisco Umbrella Rank: 87791 ec.instapagemetrics.com — Cisco Umbrella Rank: 62484	55 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	359 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	72 KB
2	alphatargeting.com alphatargeting.com — Cisco Umbrella Rank: 686332	4 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5046	2 KB
2	instapage.com heatmap-events-collector.instapage.com — Cisco Umbrella Rank: 80553 get.instapage.com	9 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108 storage.googleapis.com — Cisco Umbrella Rank: 525	8 KB
1	partnerlinks.io partnerlinks.io — Cisco Umbrella Rank: 37431	230 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5116	26 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 10882	24 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5142	24 KB
1	grsm.io grsm.io — Cisco Umbrella Rank: 35539	290 B
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 25293	9 KB
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 21462	43 KB
1	growsumo.com snippet.growsumo.com — Cisco Umbrella Rank: 138462	3 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1900	14 KB
1	openserf.com openserf.com — Cisco Umbrella Rank: 578340	480 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5457	1 KB
65	28

	Domain	Requested by
5	g.fastcdn.co	pagedemo.co
5	pagedemo.co	2 redirects pagedemo.co
4	www.google.com	1 redirects pagedemo.co
4	www.google.de	pagedemo.co
4	googleads.g.doubleclick.net	www.googletagmanager.com pagedemo.co
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com pagedemo.co
3	www.googletagmanager.com	pagedemo.co www.googletagmanager.com
2	ec.instapagemetrics.com	cdn.instapagemetrics.com
2	api.hubspot.com	js.usemessages.com
2	www.facebook.com	pagedemo.co
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	pagedemo.co connect.facebook.net
2	alphatargeting.com	pagedemo.co alphatargeting.com
2	fonts.gstatic.com	fonts.googleapis.com
2	dev.visualwebsiteoptimizer.com	pagedemo.co
2	v.fastcdn.co	pagedemo.co
1	storage.googleapis.com
1	track.hubspot.com
1	partnerlinks.io	snippet.growsumo.com
1	get.instapage.com	snippet.growsumo.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	px4.ads.linkedin.com	pagedemo.co
1	grsm.io	snippet.growsumo.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	public.profitwell.com	pagedemo.co
1	www.clickcease.com	pagedemo.co
1	snippet.growsumo.com	pagedemo.co
1	snap.licdn.com	www.googletagmanager.com
1	openserf.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	cdn.instapagemetrics.com	pagedemo.co
1	heatmap-events-collector.instapage.com	pagedemo.co
1	fonts.googleapis.com	pagedemo.co
65	36

This site contains no links.

Subject Issuer	Validity	Valid
pagedemo.co GTS CA 1P5	`2024-05-20` - `2024-08-18`	3 months	crt.sh
fastcdn.co E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
instapage.com E1	`2024-06-01` - `2024-08-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cdn.instapagemetrics.com WR3	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2024-06-29` - `2025-07-31`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
alphatargeting.com E6	`2024-06-20` - `2024-09-18`	3 months	crt.sh
openserf.com GTS CA 1P5	`2024-05-27` - `2024-08-25`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
growsumo.com WE1	`2024-07-03` - `2024-10-01`	3 months	crt.sh
clickcease.com Amazon RSA 2048 M02	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.profitwell.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-16` - `2024-07-15`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.de WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
grsm.io GTS CA 1P5	`2024-05-22` - `2024-08-20`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
usemessages.com E5	`2024-06-10` - `2024-09-08`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
get.instapage.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
partnerlinks.io Cloudflare Inc ECC CA-3	`2023-10-07` - `2024-10-06`	a year	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
instapagemetrics.com WE1	`2024-06-30` - `2024-09-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://pagedemo.co/
Frame ID: 5EF97A8881D843FDC66883B612505C9B
Requests: 61 HTTP requests in this frame

Frame: https://pagedemo.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Frame ID: 3FFF04BCB45660AF3D9A06DA506B8F72
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

pagedemo.co placeholder

Page URL History Show full URLs

http://pagedemo.co/ HTTP 307
https://pagedemo.co/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

Page Statistics

65
Requests

92 %
HTTPS

71 %
IPv6

28
Domains

36
Subdomains

36
IPs

3
Countries

903 kB
Transfer

2374 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pagedemo.co/ HTTP 307
https://pagedemo.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://pagedemo.co/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://pagedemo.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

Request Chain 32

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=0&rnd=2031209408.1720434878&url=https%3A%2F%2Fpagedemo.co%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4730v876712219z8863660453za200&auid=28078376.1720434878&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=0&rnd=2031209408.1720434878&url=https%3A%2F%2Fpagedemo.co%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4730v876712219z8863660453za200&auid=28078376.1720434878&frm=0

Request Chain 39

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=14400&time=1720434877988&url=https%3A%2F%2Fpagedemo.co%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=14400&time=1720434877988&url=https%3A%2F%2Fpagedemo.co%2F&e_ipv6=AQKh08soEQrSnQAAAZCR6Oauyah9M_lbW9RlzPmf3AcPYYLCyQ5E3QY8Mh2AVR4hZz7AGqfdErBolw

Request Chain 62

https://pagedemo.co/favicon.ico HTTP 302
https://storage.googleapis.com/instapage-assets/favicon/favicon-64x64.ico

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pagedemo.co/
Redirect Chain

http://pagedemo.co/
https://pagedemo.co/

14 KB
5 KB

339ms
279ms

Document
text/html

2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7feb6f80b51b1641cd817548e9acf78285d76e48283c457a2a4d5717d3d42575

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 89ff6c39ef726903-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 08 Jul 2024 10:34:36 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

Redirect headers

Location: https://pagedemo.co/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 utils.c997ba789ee31fe61b1e.js Show response
g.fastcdn.co/js/ 56 KB
19 KB 452ms
60ms Script
application/javascript 2606:4700:4400::6812:2084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/utils.c997ba789ee31fe61b1e.js
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3f78cb0b847eb9b33ee21c6e92fbf4bf4d9fd9cc992963d5491149242d6d1b6

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 10011577
x-guploader-uploadid: ABPtcPpPEePI2McUsS4HoN469IILuewbALbwyUNgmAI9UBpRTdyVJoZrmzWTvOCxAJF7pKGmnaw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 19572
last-modified: Thu, 20 Jul 2023 11:47:19 GMT
server: cloudflare
etag: "74f81313b7a17b8a4ce59361908d4e0f"
vary: Accept-Encoding
x-goog-generation: 1689853639060047
content-type: application/javascript
x-goog-hash: crc32c=YL8LTw==, md5=dPgTE7ehe4pM5ZNhkI1ODw==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 19572
accept-ranges: bytes
cf-ray: 89ff6c3e39ec19ab-FRA
expires: Tue, 08 Jul 2025 10:34:37 GMT

GET
H2 200 Cradle.c9144221d5b5d6147353.js Show response
g.fastcdn.co/js/ 15 KB
4 KB 453ms
61ms Script
application/javascript 2606:4700:4400::6812:2084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Cradle.c9144221d5b5d6147353.js
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 10012166
x-guploader-uploadid: ABPtcPoMDwdeaVW5zBdDIWAPtlhtF59qMqTqjUIGbIOcI3Vh3YtHb0FpWbfzFnc-L32O0Trw5RY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 4001
last-modified: Mon, 05 Feb 2024 07:55:51 GMT
server: cloudflare
etag: "83131494fd187537d0742a06ac0791a9"
vary: Accept-Encoding
x-goog-generation: 1707119750961559
content-type: application/javascript
x-goog-hash: crc32c=Tt9fJA==, md5=gxMUlP0YdTfQdCoGrAeRqQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4001
accept-ranges: bytes
cf-ray: 89ff6c3e39f019ab-FRA
expires: Tue, 08 Jul 2025 10:34:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 434ms
44ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 10:25:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jul 2024 10:34:37 GMT

GET
H2 200 22221681-0-404-closed-door3x.png
v.fastcdn.co/u/7c330f31/ 114 KB
115 KB 451ms
59ms Image
image/webp 2606:4700:4400::6812:2084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/7c330f31/22221681-0-404-closed-door3x.png
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 821af22c4807e3ceab1ca12b4ab60314a6ba1901111330c64f998f75c8558485

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
cf-cache-status: HIT
age: 424325
cf-polished: origFmt=png, origSize=236677
x-guploader-uploadid: ACJd0NqxaS98oZFVhdU2gbwl2kkAf2ndv3o32-stsmca6tpBAJjOwi_x3H2JQLj7HepicUMnow
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="22221681-0-404-closed-door3x.webp"
x-goog-meta-expires: Sat, 10 Nov 2018 11:00:02 GMT
content-length: 116512
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Sep 2017 19:00:02 GMT
server: cloudflare
etag: "a47b536b4e90b700033d92ca2d0e56bd"
vary: Accept
x-goog-generation: 1505847602647748
content-type: image/webp
x-goog-hash: crc32c=13lG3Q==, md5=pHtTa06QtwADPZLKLQ5WvQ==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 236677
accept-ranges: bytes
cf-ray: 89ff6c3e3ad94db9-FRA
expires: Thu, 06 Jul 2034 10:34:37 GMT

GET
H2 200 62507134-0-Group-9816-1.png
v.fastcdn.co/u/e6c956c2/ 4 KB
4 KB 486ms
94ms Image
image/webp 2606:4700:4400::6812:2084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/e6c956c2/62507134-0-Group-9816-1.png
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff62d3afe2760d376162236d3ecffb521e85e829d294c38baa1f1c2c7ccb1ef7

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
cf-cache-status: HIT
age: 34654
cf-polished: origFmt=png, origSize=8909
x-guploader-uploadid: ACJd0NpX9RjVEaA19BX6rm-EH_DrNnIYa0v5gdDN5r92XvHIEzUiU4loD0PO2zoekLtvFn3ywYg
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="62507134-0-Group-9816-1.webp"
x-goog-meta-expires: Tue, 31 Oct 2023 00:58:40 GMT
content-length: 3880
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Sep 2022 08:58:40 GMT
server: cloudflare
etag: "ce67da6319185bda722d59da86527d27"
vary: Accept
x-goog-generation: 1662713920625453
content-type: image/webp
x-goog-hash: crc32c=Jja6pA==, md5=zmfaYxkYW9pyLVnahlJ9Jw==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 8909
accept-ranges: bytes
cf-ray: 89ff6c3e3ad74db9-FRA
expires: Thu, 06 Jul 2034 10:34:37 GMT

GET
H2 200 LazyImage.59626ef3f961b8927cb6.js Show response
g.fastcdn.co/js/ 2 KB
1 KB 71ms
69ms Script
application/javascript 2606:4700:4400::6812:2084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/LazyImage.59626ef3f961b8927cb6.js
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 10012166
x-guploader-uploadid: ABPtcPo-VjbsC8UFspgFKvP42IcDqWpbKkkn7vA-XFwjvs1Xg1EPJfd_H4_aiTCd21smg_4TRQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 1022
last-modified: Mon, 05 Feb 2024 07:55:51 GMT
server: cloudflare
etag: "b0ae2275f5d011ac64917080661e4956"
vary: Accept-Encoding
x-goog-generation: 1707119751575943
content-type: application/javascript
x-goog-hash: crc32c=ZP0ifA==, md5=sK4idfXQEaxkkXCAZh5JVg==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1022
accept-ranges: bytes
cf-ray: 89ff6c3ecaca19ab-FRA
expires: Tue, 08 Jul 2025 10:34:37 GMT

GET
H2 200 lib.js Show response
heatmap-events-collector.instapage.com/static/ 24 KB
9 KB 721ms
389ms Script
application/javascript 2606:4700:4400::ac40:96fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap-events-collector.instapage.com/static/lib.js

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:96fb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6faaa9000001abfaa88dcdb7e1e06e4c656d596928b59793271eb01852558

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: REVALIDATED
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 Jul 2024 08:40:35 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, must-revalidate, public
access-control-allow-credentials: true
cf-ray: 89ff6c40d8af9a0b-FRA
expires: Mon, 08 Jul 2024 10:39:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 354 KB
117 KB 167ms
57ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2RZCLQ

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8dd9b8e0488bde28195d626ebfe5cd08a3204740b54985b6b4c74ee042b0d281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119189
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Jul 2024 10:34:37 GMT

GET
H2 200 it.js Show response
cdn.instapagemetrics.com/t/js/3/ 54 KB
54 KB 351ms
33ms Script
text/javascript 34.36.17.181
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.instapagemetrics.com/t/js/3/it.js
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.17.181 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 181.17.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 09:39:12 GMT
age: 3325
x-guploader-uploadid: ACJd0NohcGR-0p-g1l0KaVANssN9SItumu92fT18dBqT-BYKXzst-4anqOGH1lskcYG0mnaChRo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55266
last-modified: Tue, 13 Jun 2023 11:21:34 GMT
server: UploadServer
etag: "eee931187060719ab17a352de2424e0c"
x-goog-generation: 1686655294888925
x-goog-hash: crc32c=JVvUKA==, md5=7ukxGHBgcZqxejUt4kJODA==
content-type: text/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 55266
accept-ranges: bytes

GET
H2 200 sptw.f58afe926be16f9087f6.js Show response
g.fastcdn.co/js/ 60 KB
20 KB 52ms
51ms Script
application/javascript 2606:4700:4400::6812:2084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/sptw.f58afe926be16f9087f6.js
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f501a1f108450d30ba92757a996b5220f3619d86629a664bd72715676928b6f

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 10011577
x-guploader-uploadid: ABPtcPoP3bik6l5JD-VZm7opQPVuBi4eV0b6mJQuPsK-1xm2VspRbpnvYA9pUEjCAMhzgLzoVcI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20077
last-modified: Thu, 20 Jul 2023 11:47:18 GMT
server: cloudflare
etag: "5b2e1d5f5d3cfffdc24272bc9d23ee12"
vary: Accept-Encoding
x-goog-generation: 1689853638841632
content-type: application/javascript
x-goog-hash: crc32c=cAighg==, md5=Wy4dX108//3CQnK8nSPuEg==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 20077
accept-ranges: bytes
cf-ray: 89ff6c3ecacd19ab-FRA
expires: Tue, 08 Jul 2025 10:34:37 GMT

GET
H2 200 cm.js Show response
g.fastcdn.co/js/ 51 KB
18 KB 52ms
51ms Script
application/javascript 2606:4700:4400::6812:2084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/cm.js
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7006414
x-guploader-uploadid: ABPtcPpvRCuksssTYKW_3j-ud5VnmRw3aCXk_ckpxETWfuL8FF6838moqt6-uwnXHXdd5wUVboJGzEUWHg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 17906
last-modified: Thu, 30 Jun 2022 02:12:17 GMT
server: cloudflare
etag: "8e466d98fa1f746c74b1b409d20a0cf3"
vary: Accept-Encoding
x-goog-generation: 1656555137097208
content-type: application/javascript
x-goog-hash: crc32c=ZpZBfw==, md5=jkZtmPofdGx0sbQJ0goM8w==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 17906
accept-ranges: bytes
cf-ray: 89ff6c3ecace19ab-FRA
expires: Tue, 08 Jul 2025 10:34:37 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 4 KB
2 KB 355ms
34ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=574286&u=https%3A%2F%2Fpagedemo.co%2F&f=1&r=0.5443546565413153
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: ac0d09a679884a178d55c15cd12a37af377c909d97b980b93f3717ddb859af45

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 249ms
30ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagedemo.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jul 2024 20:58:55 GMT
x-content-type-options: nosniff
age: 308142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jul 2025 20:58:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 248ms
32ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagedemo.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jul 2024 17:31:01 GMT
x-content-type-options: nosniff
age: 320616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jul 2025 17:31:01 GMT

GET
H2

200

main.js Show response
pagedemo.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame 3FFF
Redirect Chain

https://pagedemo.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://pagedemo.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?

8 KB
4 KB

42ms
22ms

Script
application/javascript

2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pagedemo.co/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Server

2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2263c80c8cdb22d595c85178e7c37906c93e794737bc3da50146a145de9d5628

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 89ff6c3fde746903-FRA

Redirect headers

date: Mon, 08 Jul 2024 10:34:37 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 89ff6c3f6e016903-FRA
content-length: 0

POST
H2 200 89ff6c39ef726903 Show response
pagedemo.co/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3FFF 0
348 B 72ms
64ms XHR
text/plain 2606:4700:4400::6812:25e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pagedemo.co/cdn-cgi/challenge-platform/h/g/jsd/r/89ff6c39ef726903
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:25e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
server: cloudflare
cf-ray: 89ff6c40ff816903-FRA
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 381 KB
121 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VSNF9B2VVM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RZCLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f97e7c799a681a364dd49817fb1b3599b62386024f0a91afbb3294455cdf3478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 124094
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jul 2024 10:34:37 GMT

GET
H2 200 7533492.js Show response
js.hs-scripts.com/ 1 KB
1 KB 403ms
354ms Script
application/javascript 2606:4700::6810:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/7533492.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RZCLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

531621b97713f24dcd39c937cc7814268ea97362bb71ef375e5f48247a324e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7753075d-19b5-4e01-95da-a4b6f7e0b509
x-envoy-upstream-service-time: 5
content-length: 589
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7753075d-19b5-4e01-95da-a4b6f7e0b509
last-modified: Mon, 08 Jul 2024 10:11:34 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://pagedemo.co
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-b8w5v
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 89ff6c41a9e43810-FRA
expires: Mon, 08 Jul 2024 10:36:08 GMT

GET
H/1.1 200
OK target.js Show response
alphatargeting.com/ 3 KB
4 KB 381ms
122ms Script
application/javascript 104.238.130.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://alphatargeting.com/target.js
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.130.122 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.238.130.122.vultrusercontent.com
Software: nginx/1.24.0 /
Resource Hash: 462d5d66c186b0ca177fc6a7a8a2d0c1805564014a7b59a672d90810d23dfa90

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 08 Jul 2024 10:34:37 GMT
Last-Modified: Mon, 24 Jun 2024 05:28:53 GMT
Server: nginx/1.24.0
ETag: "66790415-cc2"
Content-Type: application/javascript
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3266
Expires: Thu, 18 Jul 2024 10:34:37 GMT

GET
H3 200 rea Show response
openserf.com/ 0
480 B 99ms
51ms Script
text/javascript 172.67.136.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://openserf.com/rea
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RZCLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.136.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTGTqQpZQiR%2F3KdIni3oETGOSSCgQqDpQPmUFYfr4QHJDh5P3b1LHCZYN6daqiuw%2FgT5cn2j1%2F3t7ANUljRVp9hQaE163IUzIPPrf10Ci4aseS4jhkkBJtGBT8zgtUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, private
cf-ray: 89ff6c41afc69746-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 274ms
41ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RZCLQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:46:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=27571
accept-ranges: bytes
content-length: 14004

GET
H2 200 bat.js Show response
bat.bing.com/ 47 KB
14 KB 284ms
52ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RZCLQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

10993d070b23b0ee951ff5014da51af500556a9c5ba4e4cd2d98510e841cf324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 08 Jul 2024 10:34:37 GMT
last-modified: Sat, 06 Jul 2024 02:56:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B99958473F834915824623E9897AB101 Ref B: FRAEDGE1414 Ref C: 2024-07-08T10:34:37Z
etag: "80c1c2450cfda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13825

GET
H2 200 growsumo.min.js Show response
snippet.growsumo.com/ 9 KB
3 KB 148ms
59ms Script
application/javascript 2606:4700::6812:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.growsumo.com/growsumo.min.js
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25e981af19a91c1003cc882c1d86232cd65017739ffa8573990dd0ce2022e3e7

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 Jul 2024 00:29:20 GMT
server: cloudflare
age: 3
etag: W/"66888fe0-22f7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89ff6c41da489001-FRA
expires: Mon, 08 Jul 2024 14:34:37 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 142 KB
43 KB 113ms
25ms Script
application/javascript 2600:9000:235a:ee00:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:235a:ee00:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding: gzip
via: 1.1 6ee264f4aa2ef518b13a5a8305e8080e.cloudfront.net (CloudFront)
date: Mon, 08 Jul 2024 10:34:36 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop: FRA60-P9
age: 2
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Sep 2023 09:05:15 GMT
server: AmazonS3
etag: W/"e112b8bf96f23bc2970347a3c98e37fc"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: zRwqUZSwNpPpToJn0Y_LKoR8ZpRh9snECIJU2SeU-s6JtfZOdKeezA==

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 114ms
27ms Script
application/javascript 13.32.121.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=null
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 00:57:04 GMT
x-amz-version-id: uxIt1SCydrYnaOCuzhsDaHENAdMuSyNO
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 14:58:22 GMT
server: AmazonS3
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40097cdf413c1f1f303c66489742cb44"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 34654
x-amz-cf-id: YfBUhzzFU3RQR3XQlj5jIdKAVOLzzfyKwaMrtj-YcGp5VK4RpEIpQA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 104ms
19ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jul 2024 10:34:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=12, mss=1297, tbw=2805, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: Pu3Po6sLsTSNqrkoGqySLkehRerD1h2MrbERdt9kbmvxcXkikjca/NCkJ2uocympCZ7lL0+HVTIZPQj5sbOURA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 381 KB
121 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11359533181&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2RZCLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30fe90600dd86403e0843dd4b6f7c54f154130e06f25f3e8c7c03983db048ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 124083
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jul 2024 10:34:37 GMT

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
143 B 110ms
109ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=574286&d=pagedemo.co&u=D1DC26E07D5C215DC11BBDEE55979D08F&h=eedec0812e5444dc9e1c909532cb6fd3&t=false

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:37 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv2c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11359533181/ 3 KB
1 KB 237ms
71ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11359533181/?random=1720434877780&cv=11&fst=1720434877780&bg=ffffff&guid=ON&async=1&gtm=45je4730v876712219z8863660453za201&gcd=13t3tPt2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpagedemo.co%2F&hn=www.googleadservices.com&frm=0&tiba=pagedemo.co%20placeholder&npa=0&pscdl=noapi&auid=28078376.1720434878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSNF9B2VVM&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

fae801be5639b72cf7421b53210edc3054c4e9235606244c257cfd0123d2826c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1383
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 125ms
29ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VSNF9B2VVM&gtm=45je4730v876712219za201&_p=1720434876778&_gaz=1&gcs=G111&gcd=13t3tPt2t5&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=446351334.1720434878&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1720434877&sct=1&seg=0&dl=https%3A%2F%2Fpagedemo.co%2F&dt=pagedemo.co%20placeholder&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=1453&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSNF9B2VVM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pagedemo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 129ms
27ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VSNF9B2VVM&cid=446351334.1720434878&gtm=45je4730v876712219za201&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13t3tPt2t5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSNF9B2VVM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pagedemo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 205ms
52ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VSNF9B2VVM&cid=446351334.1720434878&gtm=45je4730v876712219za201&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13t3tPt2t5&npa=0&frm=0&z=1335632200

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=0&rnd=2031209408.1720434878&url=https%3A%2F%2Fpagedemo.co%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4730v876712219z8863660453za200&...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=0&rnd=2031209408.1720434878&url=https%3A%2F%2Fpagedemo.co%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4730v876712219z886...

42 B
65 B

70ms
70ms

Ping
image/gif

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=0&rnd=2031209408.1720434878&url=https%3A%2F%2Fpagedemo.co%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4730v876712219z8863660453za200&auid=28078376.1720434878&frm=0

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3tPt2t5&tag_exp=0&rnd=2031209408.1720434878&url=https%3A%2F%2Fpagedemo.co%2F&dma_cps=sypham&dma=1&npa=0&gtm=45be4730v876712219z8863660453za200&auid=28078376.1720434878&frm=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950405448/ 3 KB
1 KB 143ms
71ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950405448/?random=1720434877829&cv=11&fst=1720434877829&bg=ffffff&guid=ON&async=1&gtm=45be4730v876712219z8863660453za200&gcd=13t3tPt2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpagedemo.co%2F&hn=www.googleadservices.com&frm=0&tiba=pagedemo.co%20placeholder&npa=0&pscdl=noapi&auid=28078376.1720434878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11359533181&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

12434231be21581faa44ca39db2cab6d2689c28a0686e28b0af607d21ddbeccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1373
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11359533181/ 3 KB
1 KB 103ms
71ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11359533181/?random=1720434877883&cv=11&fst=1720434877883&bg=ffffff&guid=ON&async=1&gtm=45be4730v876712219z8863660453za200&gcd=13t3tPt2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpagedemo.co%2F&hn=www.googleadservices.com&frm=0&tiba=pagedemo.co%20placeholder&npa=0&pscdl=noapi&auid=28078376.1720434878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11359533181&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

79067086e8fb1c9c53d9a82ebec0ddb57a70037038b39a87acffe9dddeb105a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1377
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 26ms
26ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VSNF9B2VVM&gtm=45be4730v876712219z8863660453za200&_p=1720434876778&gcs=G111&gcd=13t3tPt2t5&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=446351334.1720434878&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fpagedemo.co%2F&sid=1720434877&sct=1&seg=1&dt=pagedemo.co%20placeholder&en=page_view&tfd=1574&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11359533181&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pagedemo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pk_Cu92v9NTGbeHutetw0opO9t9s6Facbxn Show response
grsm.io/pr/grc/ 68 B
290 B 133ms
63ms XHR
application/json 2606:4700::6812:bd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://grsm.io/pr/grc/pk_Cu92v9NTGbeHutetw0opO9t9s6Facbxn?get_pscd=true
Requested by: Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ed3e0faa65d914be88001fa319c2e45111f5c9c25e1a10d3aa944c7c28a1f2

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://pagedemo.co
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 89ff6c439add8f27-FRA

GET
H2 200 859508457409735 Show response
connect.facebook.net/signals/config/ 61 KB
12 KB 95ms
95ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/859508457409735?v=2.9.160&r=stable&domain=pagedemo.co&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e3136003e0435ccf65c7355410defafb7899f485b083a23379878d89889969a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 08 Jul 2024 10:34:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=6, c=38, mss=1297, tbw=63853, tp=-1, tpl=-1, uplat=75, ullat=0
pragma: public
x-fb-debug: RUNZe/VT5qYkjVQDmLb+i8L/UKzaGn72c1+ltgxK1IIYR2+13mnEwCxaUF8UApMjx8+sLabHrzkji4NBc65wgw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 273ms
195ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=14400&time=1720434877988&url=https%3A%2F%2Fpagedemo.co%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C789FE66C8214775B04E1BD973C2F154 Ref B: FRAEDGE1121 Ref C: 2024-07-08T10:34:38Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYcufXFVPvHxyvctoGsyA==
x-fs-uuid: 00061cb9f5c554fbc7c72bdcb681acc8

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=14400&time=1720434877988&url=https%3A%2F%2Fpagedemo.co%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=14400&time=1720434877988&url=https%3A%2F%2Fpagedemo.co%2F&e_ipv6=AQKh08soEQrSnQAAAZCR6Oauyah9M_lbW9RlzPmf3AcPYYLCyQ5E3QY8Mh2AVR4hZz7AGqfdErBolw

0
265 B

292ms
162ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=14400&time=1720434877988&url=https%3A%2F%2Fpagedemo.co%2F&e_ipv6=AQKh08soEQrSnQAAAZCR6Oauyah9M_lbW9RlzPmf3AcPYYLCyQ5E3QY8Mh2AVR4hZz7AGqfdErBolw
Requested by: Host: pagedemo.co
URL: https://pagedemo.co/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 07FC46C5FECF48128D2966E591949D39 Ref B: FRAEDGE1518 Ref C: 2024-07-08T10:34:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcufXJYfYPGP8flX0WLw==

Redirect headers

date: Mon, 08 Jul 2024 10:34:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 48C810507814471094DAF15AFB424398 Ref B: DUS30EDGE0813 Ref C: 2024-07-08T10:34:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=14400&time=1720434877988&url=https%3A%2F%2Fpagedemo.co%2F&e_ipv6=AQKh08soEQrSnQAAAZCR6Oauyah9M_lbW9RlzPmf3AcPYYLCyQ5E3QY8Mh2AVR4hZz7AGqfdErBolw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcufXE+zSh6GWIWvKjvw==

GET
H2 204 199007121.js Show response
bat.bing.com/p/action/ 0
117 B 125ms
121ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/199007121.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 08 Jul 2024 10:34:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 435F62A258B54D35989678B94961C2B0 Ref B: FRAEDGE1414 Ref C: 2024-07-08T10:34:38Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 53ms
51ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=199007121&tm=gtm002&Ver=2&mid=08ada473-44a5-428a-87e5-738cd0cd89b5&sid=ad1fcd103d1511efa035a5b3b055b81a&vid=ad21dae03d1511efb4537d84fd0b1c0c&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=pagedemo.co%20placeholder&p=https%3A%2F%2Fpagedemo.co%2F&r=&lt=962&evt=pageLoad&sv=1&cdb=AQAA&rn=19454

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 Jul 2024 10:34:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 477B371816144316B1AB28AE3FCC5E4C Ref B: FRAEDGE1414 Ref C: 2024-07-08T10:34:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11359533181/ 42 B
64 B 41ms
39ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11359533181/?random=1720434877780&cv=11&fst=1720432800000&bg=ffffff&guid=ON&async=1&gtm=45je4730v876712219z8863660453za201&gcd=13t3tPt2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpagedemo.co%2F&hn=www.googleadservices.com&frm=0&tiba=pagedemo.co%20placeholder&npa=0&pscdl=noapi&auid=28078376.1720434878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLGLPBvmRTvL_oNIWeoWAB0nALUmg9_Q&random=282938048&rmt_tld=0&ipr=y

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11359533181/ 42 B
64 B 37ms
35ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11359533181/?random=1720434877780&cv=11&fst=1720432800000&bg=ffffff&guid=ON&async=1&gtm=45je4730v876712219z8863660453za201&gcd=13t3tPt2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpagedemo.co%2F&hn=www.googleadservices.com&frm=0&tiba=pagedemo.co%20placeholder&npa=0&pscdl=noapi&auid=28078376.1720434878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLGLPBvmRTvL_oNIWeoWAB0nALUmg9_Q&random=282938048&rmt_tld=1&ipr=y

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/950405448/ 42 B
64 B 51ms
39ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950405448/?random=1720434877829&cv=11&fst=1720432800000&bg=ffffff&guid=ON&async=1&gtm=45be4730v876712219z8863660453za200&gcd=13t3tPt2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpagedemo.co%2F&hn=www.googleadservices.com&frm=0&tiba=pagedemo.co%20placeholder&npa=0&pscdl=noapi&auid=28078376.1720434878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL2YNCeUzBoFJo1aZ_Cx3_eA9ro-kWqg&random=192481868&rmt_tld=0&ipr=y

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/950405448/ 42 B
64 B 49ms
37ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/950405448/?random=1720434877829&cv=11&fst=1720432800000&bg=ffffff&guid=ON&async=1&gtm=45be4730v876712219z8863660453za200&gcd=13t3tPt2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpagedemo.co%2F&hn=www.googleadservices.com&frm=0&tiba=pagedemo.co%20placeholder&npa=0&pscdl=noapi&auid=28078376.1720434878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL2YNCeUzBoFJo1aZ_Cx3_eA9ro-kWqg&random=192481868&rmt_tld=1&ipr=y

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11359533181/ 42 B
64 B 42ms
37ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11359533181/?random=1720434877883&cv=11&fst=1720432800000&bg=ffffff&guid=ON&async=1&gtm=45be4730v876712219z8863660453za200&gcd=13t3tPt2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpagedemo.co%2F&hn=www.googleadservices.com&frm=0&tiba=pagedemo.co%20placeholder&npa=0&pscdl=noapi&auid=28078376.1720434878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLCUwDpVD9Z3-wSTi3aqNdE8xYHCa3uQ&random=3413232854&rmt_tld=0&ipr=y

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11359533181/ 42 B
64 B 37ms
32ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11359533181/?random=1720434877883&cv=11&fst=1720432800000&bg=ffffff&guid=ON&async=1&gtm=45be4730v876712219z8863660453za200&gcd=13t3tPt2t5&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpagedemo.co%2F&hn=www.googleadservices.com&frm=0&tiba=pagedemo.co%20placeholder&npa=0&pscdl=noapi&auid=28078376.1720434878&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLCUwDpVD9Z3-wSTi3aqNdE8xYHCa3uQ&random=3413232854&rmt_tld=1&ipr=y

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Jul 2024 10:34:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
alphatargeting.com/target/new/ 0
389 B 409ms
167ms Fetch
application/json 104.238.130.122
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://alphatargeting.com/target/new/
Requested by: Host: alphatargeting.com
URL: https://alphatargeting.com/target.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.130.122 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.238.130.122.vultrusercontent.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date: Mon, 08 Jul 2024 10:34:38 GMT
Server: nginx/1.24.0
Transfer-Encoding: chunked
Access-Control-Allow-Methods: DELETE, POST, GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With

GET
H2 200 7533492.js Show response
js.hs-analytics.net/analytics/1720434600000/ 68 KB
24 KB 272ms
60ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1720434600000/7533492.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7533492.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab02a5731a771437bd977bf85e6f8db8280623dd166963df741ed2304baa1ee

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: T09H6D7EDYSD5PSG
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 41a32f3f-7774-4b7e-8cd1-067bd0ad392d
age: 213
x-envoy-upstream-service-time: 23
x-amz-id-2: GYsbrDbroBGoav/Sav72ZKuN6LE+EWPECfVF0ancsOWOcv5gTlRzZXW2wDimYWNNNDLRP6uV8mM=
x-evy-trace-listener: listener_https
x-request-id: 41a32f3f-7774-4b7e-8cd1-067bd0ad392d
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 21 Jun 2024 21:12:57 GMT
server: cloudflare
etag: W/"eb24f5f5cb4887941be584f350bf4a89"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-rslzw
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 89ff6c453b7b9b3d-FRA
expires: Mon, 08 Jul 2024 10:36:05 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 250ms
38ms Script
application/javascript 2606:4700::6810:4b8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7533492.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4b8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

753b5d77684b20581dddd43b3a944bca93a44da9e6dee0c8232ca6ed8a40ead5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
x-amz-version-id: yFTRQFC1g6ZpuTIoktepwBCyrzt6F_8h
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 543
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16706/bundles/project.js&cfRay=89ff5f01fb5b4dba-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 9bd57d74-e5c8-4036-8fef-30565e56caf2
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9bd57d74-e5c8-4036-8fef-30565e56caf2
last-modified: Fri, 21 Jun 2024 14:34:54 UTC
server: cloudflare
etag: W/"d5ed42fdc505d7812288ee600abec355"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-wf75s
cf-ray: 89ff6c453eae9073-FRA
x-amz-cf-id: xMEsZ2chOKE9ltjvU_vuTR5_MfbbaZEoL0hgnj3FYdFQLCjHIjFDWw==
x-hs-target-asset: conversations-embed/static-1.16706/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/7533492/ 71 KB
26 KB 550ms
339ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/7533492/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7533492.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85fc49949a7808275ed07c52ec59b597512f44e3ee8343c484428052f009f91

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
x-amz-version-id: fL.bADSYdPwfVVzqjyRrb.jgFrCDgoOz
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: HCWAH09T8SASW745
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 7d781bb2-fa95-45c0-97d7-a8acdaf13312
x-envoy-upstream-service-time: 39
x-amz-id-2: xh7JiWpX38Q2Q5qxMMnYpabI1nsiK/pOiSV9kDZOdVZI/4RxMeKGnq2zhZDxePHazS/pnd9CPr5T2SaUN2weFxEeedct7TUao4VSYrOaVY0=
x-evy-trace-listener: listener_https
x-request-id: 7d781bb2-fa95-45c0-97d7-a8acdaf13312
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 15:01:09 GMT
server: cloudflare
etag: W/"c2e7d83f62bb576fe20be817d88fe868"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://instapage.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-jg42k
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 89ff6c45382837ce-FRA
expires: Mon, 08 Jul 2024 10:39:38 GMT

GET
H2 200 pk_Cu92v9NTGbeHutetw0opO9t9s6Facbxn Show response
get.instapage.com/pr/grc/ 0
230 B 523ms
347ms XHR
text/plain 2606:4700::6812:ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.instapage.com/pr/grc/pk_Cu92v9NTGbeHutetw0opO9t9s6Facbxn
Requested by: Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://pagedemo.co
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 89ff6c453913bb44-FRA
content-length: 0

GET
H2 200 pk_Cu92v9NTGbeHutetw0opO9t9s6Facbxn Show response
partnerlinks.io/pr/grc/ 0
230 B 320ms
146ms XHR
text/plain 2606:4700::6812:1e85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partnerlinks.io/pr/grc/pk_Cu92v9NTGbeHutetw0opO9t9s6Facbxn
Requested by: Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://pagedemo.co
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 89ff6c453e419261-FRA
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 125ms
37ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=859508457409735&ev=PageView&dl=https%3A%2F%2Fpagedemo.co%2F&rl=&if=false&ts=1720434878177&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720434878173.32050393826553112&ler=empty&cdl=API_unavailable&it=1720434877983&coo=false&rqm=GET

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 08 Jul 2024 10:34:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 281ms
193ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=859508457409735&ev=PageView&dl=https%3A%2F%2Fpagedemo.co%2F&rl=&if=false&ts=1720434878177&sw=1600&sh=1200&v=2.9.160&r=stable&ec=0&o=4126&fbp=fb.1.1720434878173.32050393826553112&ler=empty&cdl=API_unavailable&it=1720434877983&coo=false&rqm=FGET

Requested by

Host: pagedemo.co
URL: https://pagedemo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc2e68b556545d3b6","source_keys":["1","2"]},{"key_piece":"0x2dc40c9b1d0d8086","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 08 Jul 2024 10:34:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7389211536995439527", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=13, mss=1297, tbw=3127, tp=-1, tpl=-1, uplat=170, ullat=0
pragma: no-cache
x-fb-debug: HMb1AK+zMH6D0Sq0xHxiVAZFVyu0HRqgFmTJ89W6uvB1Q3OhW/8hnppEJx69SLOlMemelEG8f+31kw7e/J/9LQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7389211536995439527"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 216ms
153ms Preflight
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7533492&conversations-embed=static-1.16706&mobile=false&messagesUtk=fd12fec10d6b44c4892e8e3680ab6bf3&traceId=fd12fec10d6b44c4892e8e3680ab6bf3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://pagedemo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://pagedemo.co
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 89ff6c4609361d8a-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 08 Jul 2024 10:34:38 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSNyLrBKqYmfGHKKk6f2hJSa%2FL1sNmDoMbvMU78H6Awf2gUrqXRmjy5Tdk0Wlnv9e501EVUSnnANvsahlxr6mBVjyZq%2FEV10CPiODX50SlW18C%2BMjCBfoMM6AZnWjHvwNnS4xksqgHd6MOxYsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-vh5w8
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: b977f0b6-fa4a-42dc-a806-797db6812613
x-request-id: b977f0b6-fa4a-42dc-a806-797db6812613

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 254 B
985 B 157ms
156ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c09ac41c4eeca14a241eeef0830a77e8c288068b4f98117ba9f7ef57a46f7326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pagedemo.co/
X-HubSpot-Messages-Uri: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 18e7758f-37f5-4f79-a08f-35ea64d6920e
x-envoy-upstream-service-time: 14
content-length: 254
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 18e7758f-37f5-4f79-a08f-35ea64d6920e
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pagedemo.co
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-vh5w8
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbDbaJLiINiwP4ZcrQkva2KBtekyxHRJw6mnC1tsDlKxArmIdG0NodV6u2F3y2P2oEhlShj%2BtCFqnsMpvJ12CALdNnu6QUXH0h4gDwZ0l2eeOxNfjL9xnMhstEAalG5LkFMayBziZUcgZPw7tw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89ff6c470a851d8a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
193 B 129ms
129ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B685BA8A1C2F46AE859A74E1DCE1325D Ref B: DUS30EDGE0813 Ref C: 2024-07-08T10:34:38Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://pagedemo.co
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYcufXLgiu89bdSEPAdwQ==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 307ms
146ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=321484724&v=1.1&a=7533492&rcu=https%3A%2F%2Fwww.pagedemo.co%2F&pu=https%3A%2F%2Fpagedemo.co%2F&t=pagedemo.co+placeholder&cts=1720434878615&vi=3159d35ee826cf8de0b23308218a2eb9&nc=true&u=185967158.3159d35ee826cf8de0b23308218a2eb9.1720434878613.1720434878613.1720434878613.1&b=185967158.1.1720434878613&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 274a2702-11f1-40ec-a2bc-ea120cbd018f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 274a2702-11f1-40ec-a2bc-ea120cbd018f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0gXL0R59pauN4%2FdiLRPnnys25JvejLq5qAm3%2FVpGw3UHRBVgohlqdkIPq6nGkISixy%2FRaKcIGJPJlFBI2YB3Lw3NProS8FZTzB8j2iB8JuraxjmF9TBcfhB63Nw14DpnRsEEfEgQdeiuKrIG5a7a"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-5gwdl
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 89ff6c486f83364e-FRA
x-robots-tag: none

POST
H3 200 two Show response
ec.instapagemetrics.com/t/ 2 B
608 B 199ms
168ms XHR
text/plain 172.67.185.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Requested by

Host: cdn.instapagemetrics.com
URL: https://cdn.instapagemetrics.com/t/js/3/it.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 08 Jul 2024 10:34:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
alt-svc: h3=":443"; ma=86400
content-length: 2
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lN636eH%2FUCGbY%2F6wAnRj97y%2FovcbkAfRq3gzITK9HOUtNMFiMS7nzO%2BaVFyiFld5w8b8uUJhJib58JyhzGzOviicXbLJmt6%2BHZggCDYJsruoOvwcI7oJkdogIuTKz2mabkEOuOFNygI9mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pagedemo.co
access-control-allow-credentials: true
cf-ray: 89ff6c4988c55d7a-FRA

OPTIONS
H3 200 two
ec.instapagemetrics.com/t/ Frame 0
0 297ms
148ms Preflight 172.67.185.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pagedemo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://pagedemo.co
access-control-max-age: 5
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89ff6c486d851e14-FRA
content-length: 0
date: Mon, 08 Jul 2024 10:34:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxpCC8%2BtI%2FJ%2FgF8Ll20Mtv1LZlH3%2FYoVNqvQgmrs%2F1X11ZoFFVakxP%2BpT2TEKc9YwNPCNmPZgDP8kqkE6yvxxTqVsfUvhrQbqYJR5nFWwMt1aO26S%2FmoNWo1GsV17FwUCrsjHj3igqh%2B9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: sameorigin

GET
H2

200

favicon-64x64.ico
storage.googleapis.com/instapage-assets/favicon/
Redirect Chain

https://pagedemo.co/favicon.ico
https://storage.googleapis.com/instapage-assets/favicon/favicon-64x64.ico

6 KB
6 KB

215ms
133ms

Other
image/x-icon

2a00:1450:4001:808::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/instapage-assets/favicon/favicon-64x64.ico
Protocol: H2
Server: 2a00:1450:4001:808::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 45081fda9c0a99c2c4d82ed4914f53f265517ae082352e334035635ae8b46d4d

Request headers

Referer: https://pagedemo.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 10:34:39 GMT
age: 0
x-guploader-uploadid: ACJd0Nqw-w1OexIBkX20BxvxZxnTTOZlY1GXtWLDbZLgJ9sCIMEHh5940cTHoEWxI_UNe21zsRY
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5694
last-modified: Tue, 07 Mar 2023 10:55:53 GMT
server: UploadServer
etag: "645f04909379b62edda16f5f5206672b"
x-goog-hash: crc32c=tq74/g==, md5=ZF8EkJN5ti7doW9fUgZnKw==
x-goog-generation: 1678186553210949
content-language: en
content-type: image/x-icon
cache-control: public, max-age=3600
x-goog-stored-content-length: 5694
accept-ranges: bytes
expires: Mon, 08 Jul 2024 11:34:39 GMT

Redirect headers

date: Mon, 08 Jul 2024 10:34:38 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://storage.googleapis.com/instapage-assets/favicon/favicon-64x64.ico
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 89ff6c486f9f6903-FRA
content-length: 95
expires: Mon, 08 Jul 2024 14:34:38 GMT

POST collect
region1.analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VSNF9B2VVM&gtm=45be4730v876712219za200&_p=1720434876778&gcs=G111&gcd=13t3tPt2t5&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=446351334.1720434878&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dl=https%3A%2F%2Fpagedemo.co%2F&sid=1720434877&sct=1&seg=1&dt=pagedemo.co%20placeholder&en=scroll&epn.percent_scrolled=90&_et=33&tfd=6574&_z=fetch

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pagedemo.co/	1970-01-20 21:53:56	Name: __cf_bm Value: AFGkd9jhL.RqCsna6mP5_kdhT_ckHw0jgveLw4IEaVY-1720434876-1.0.1.1-95Vm9WupWe1dkrkD83bKOgnLDJFviChFKH2ZousibBcab3EcgqNS3SkSMYWCU28EF2S4ZvCGwQhBYyJYPqYvmg
.pagedemo.co/	1970-01-21 00:03:30	Name: _gcl_au Value: 1.1.28078376.1720434878
.pagedemo.co/	1970-01-21 06:40:57	Name: _vwo_uuid_v2 Value: D1DC26E07D5C215DC11BBDEE55979D08F\|eedec0812e5444dc9e1c909532cb6fd3
.pagedemo.co/	1970-01-21 06:39:30	Name: cf_clearance Value: Rb0T2cdgSFNyobuAOz6wTqBsebBA2xCHcg1I5antR18-1720434877-1.0.1.1-IBqLY7ejh8dmE7SKJfFglga320q_IzKaQcAPxLuUpV4veck67kssBUf3R19RV4SADSwPbltwcTDR_pGPMHT1WQ
.pagedemo.co/	1970-01-21 07:29:54	Name: _ga Value: GA1.1.446351334.1720434878
.pagedemo.co/	1970-01-21 07:29:54	Name: _ga_VSNF9B2VVM Value: GS1.1.1720434877.1.1.1720434877.60.0.0
.instapage.com/	1970-01-20 21:53:56	Name: __cf_bm Value: hkLQTBeDc13JF1VOBpld6nSZhNqGzb0KJUvt5kWgsNw-1720434877-1.0.1.1-S0EGkyIVY2X.6hd.RfRbhdkDcVXoKcSbIwU0xHRVy6VCMhjV.0sZ_g5EP5yu2yZrBdJwpoUmaWfvJBef0Wlq8Q
.pagedemo.co/	1970-01-20 21:55:21	Name: _uetsid Value: ad1fcd103d1511efa035a5b3b055b81a
.pagedemo.co/	1970-01-21 07:15:30	Name: _uetvid Value: ad21dae03d1511efb4537d84fd0b1c0c
.doubleclick.net/	1970-01-20 21:53:55	Name: test_cookie Value: CheckForPermission
pagedemo.co/	1970-01-20 22:37:06	Name: alphausr Value: d1af130d-b29c-439f-a4af-a092551e1eed
.bing.com/	1970-01-21 07:15:30	Name: MUID Value: 205E4A775C30616B1C3D5EC15D5B6006
.pagedemo.co/	1970-01-21 00:03:30	Name: _fbp Value: fb.1.1720434878173.32050393826553112
.linkedin.com/	1970-01-21 06:39:30	Name: bcookie Value: "v=2&7954e561-0755-44c5-8431-596365a23196"
.linkedin.com/	1970-01-21 02:13:06	Name: li_gc Value: MTswOzE3MjA0MzQ4Nzg7MjswMjGtNnyGzFAad2/CIX4U7dO8jgau6Cc534UcX8Zu3Ik6TQ==
.linkedin.com/	1970-01-20 21:55:21	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3290:u=1:x=1:i=1720434878:t=1720521278:v=2:sig=AQGw9tDELLOIkrsi-qG8w-Qp92pb2cs-"
pagedemo.co/	1970-01-21 02:13:06	Name: __hstc Value: 185967158.3159d35ee826cf8de0b23308218a2eb9.1720434878613.1720434878613.1720434878613.1
pagedemo.co/	1970-01-21 02:13:06	Name: hubspotutk Value: 3159d35ee826cf8de0b23308218a2eb9
pagedemo.co/	1969-12-31 23:59:59	Name: __hssrc Value: 1
pagedemo.co/	1970-01-20 21:53:56	Name: __hssc Value: 185967158.1.1720434878613
pagedemo.co/	1970-01-20 21:53:56	Name: instap-spses.bd0d Value: *
pagedemo.co/	1970-01-21 07:29:54	Name: instap-spid.bd0d Value: dfd52939-2366-44f4-ab23-1b93cea8767a.1720434879.1.1720434879.1720434879.818fa311-1d85-46f6-84fa-3e49d26d3db5
.hubspot.com/	1970-01-20 21:53:56	Name: __cf_bm Value: cgHlM5j.d0BsVSRGzFun8L4xspg8le7wT17RMQgS4Yo-1720434878-1.0.1.1-vBzmCzeJ3bFiPWDTz8j1g3AiLw7KmNFABlw8GBXALODVMWxQ0_l.Pq.HbwUGjbY99OwI.Od7aZO6Xk0tN.AosA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: xXBxphq02zx8dvFVm3kj0oF.zLi8lPHkauBZb7TuvdY-1720434878911-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alphatargeting.com
api.hubspot.com
bat.bing.com
cdn.instapagemetrics.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
ec.instapagemetrics.com
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
get.instapage.com
googleads.g.doubleclick.net
grsm.io
heatmap-events-collector.instapage.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
openserf.com
pagedemo.co
partnerlinks.io
public.profitwell.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
snippet.growsumo.com
stats.g.doubleclick.net
storage.googleapis.com
track.hubspot.com
v.fastcdn.co
www.clickcease.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
region1.analytics.google.com
104.238.130.122
13.107.42.14
13.32.121.58
142.250.185.99
142.250.186.100
142.250.186.66
172.67.136.110
172.67.185.227
2001:4860:4802:32::36
2600:9000:235a:ee00:15:a0d3:77c0:93a1
2606:4700:4400::6812:2084
2606:4700:4400::6812:25e5
2606:4700:4400::ac40:96fb
2606:4700:4400::ac40:991b
2606:4700::6810:4b8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8bd1
2606:4700::6810:a0a8
2606:4700::6812:1e85
2606:4700::6812:246
2606:4700::6812:ad4
2606:4700::6812:bd4
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:808::201b
2a00:1450:4001:80b::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::2008
2a00:1450:400c:c00::9d
2a02:26f0:3500:10::210:a9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.36.17.181
34.96.102.137
047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3
10993d070b23b0ee951ff5014da51af500556a9c5ba4e4cd2d98510e841cf324
12434231be21581faa44ca39db2cab6d2689c28a0686e28b0af607d21ddbeccf
2263c80c8cdb22d595c85178e7c37906c93e794737bc3da50146a145de9d5628
24ed3e0faa65d914be88001fa319c2e45111f5c9c25e1a10d3aa944c7c28a1f2
25e981af19a91c1003cc882c1d86232cd65017739ffa8573990dd0ce2022e3e7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f501a1f108450d30ba92757a996b5220f3619d86629a664bd72715676928b6f
30fe90600dd86403e0843dd4b6f7c54f154130e06f25f3e8c7c03983db048ce0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45081fda9c0a99c2c4d82ed4914f53f265517ae082352e334035635ae8b46d4d
462d5d66c186b0ca177fc6a7a8a2d0c1805564014a7b59a672d90810d23dfa90
531621b97713f24dcd39c937cc7814268ea97362bb71ef375e5f48247a324e8b
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
753b5d77684b20581dddd43b3a944bca93a44da9e6dee0c8232ca6ed8a40ead5
79067086e8fb1c9c53d9a82ebec0ddb57a70037038b39a87acffe9dddeb105a2
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
7fe6faaa9000001abfaa88dcdb7e1e06e4c656d596928b59793271eb01852558
7feb6f80b51b1641cd817548e9acf78285d76e48283c457a2a4d5717d3d42575
821af22c4807e3ceab1ca12b4ab60314a6ba1901111330c64f998f75c8558485
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
8dd9b8e0488bde28195d626ebfe5cd08a3204740b54985b6b4c74ee042b0d281
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
9ab02a5731a771437bd977bf85e6f8db8280623dd166963df741ed2304baa1ee
9e3136003e0435ccf65c7355410defafb7899f485b083a23379878d89889969a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac0d09a679884a178d55c15cd12a37af377c909d97b980b93f3717ddb859af45
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c09ac41c4eeca14a241eeef0830a77e8c288068b4f98117ba9f7ef57a46f7326
d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2
d3f78cb0b847eb9b33ee21c6e92fbf4bf4d9fd9cc992963d5491149242d6d1b6
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f85fc49949a7808275ed07c52ec59b597512f44e3ee8343c484428052f009f91
f97e7c799a681a364dd49817fb1b3599b62386024f0a91afbb3294455cdf3478
fae801be5639b72cf7421b53210edc3054c4e9235606244c257cfd0123d2826c
ff62d3afe2760d376162236d3ecffb521e85e829d294c38baa1f1c2c7ccb1ef7

pagedemo.co Open in urlscan Pro 2606:4700:4400::6812:25e5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

92 %HTTPS

71 %IPv6

28 Domains

36 Subdomains

36 IPs

3 Countries

903 kBTransfer

2374 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pagedemo.co Open in urlscan Pro
2606:4700:4400::6812:25e5 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

92 %
HTTPS

71 %
IPv6

28
Domains

36
Subdomains

36
IPs

3
Countries

903 kB
Transfer

2374 kB
Size

24
Cookies

65 HTTP transactions
0 data transactions