lawnvapor.click Open in urlscan Pro
172.67.180.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lawnvapor.click/
Submission: On June 08 via api (June 8th 2024, 12:46:28 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 9 domains to perform 64 HTTP transactions. The main IP is 172.67.180.68, located in United States and belongs to CLOUDFLARENET, US. The main domain is lawnvapor.click.
TLS certificate: Issued by E6 on June 7th 2024. Valid for: 3 months.

This is the only time lawnvapor.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	172.67.180.68 172.67.180.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	151.101.129.170 151.101.129.170	54113 (FASTLY) (FASTLY)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:237... 2600:9000:237d:5000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
5	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	() ()
2	2a00:1450:400... 2a00:1450:4001:831::2001	() ()
5	2a00:1450:400... 2a00:1450:4001:82f::2001	() ()
1	2a00:1450:400... 2a00:1450:4001:82b::2001	() ()
64	15

5 172.67.180.68 (United States)

ASN13335 (CLOUDFLARENET, US)

lawnvapor.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 151.101.129.170 (San Francisco, United States)

ASN54113 (FASTLY, US)

c.tadst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:5000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (None, )

ASN- ()

0a17d60ab651d86e689a4784aa629598.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (None, )

ASN- ()

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	tadst.com c.tadst.com — Cisco Umbrella Rank: 26931	79 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 0a17d60ab651d86e689a4784aa629598.safeframe.googlesyndication.com tpc.googlesyndication.com	77 KB
5	ampproject.org cdn.ampproject.org	104 KB
5	lawnvapor.click lawnvapor.click	398 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236 ad.doubleclick.net — Cisco Umbrella Rank: 165	175 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1095	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1631 pixel.quantserve.com — Cisco Umbrella Rank: 1142	10 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1084 api.btloader.com — Cisco Umbrella Rank: 1180	19 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1587	2 KB
64	9

	Domain	Requested by
32	c.tadst.com	lawnvapor.click c.tadst.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net lawnvapor.click
5	lawnvapor.click	lawnvapor.click
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net lawnvapor.click tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	lawnvapor.click securepubads.g.doubleclick.net
2	ad-delivery.net	lawnvapor.click
1	0a17d60ab651d86e689a4784aa629598.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	lawnvapor.click
1	ad.doubleclick.net	lawnvapor.click
1	api.btloader.com	btloader.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	lawnvapor.click
1	btloader.com	lawnvapor.click
64	14

This site contains no links.

Subject Issuer	Validity	Valid
lawnvapor.click E6	`2024-06-07` - `2024-09-05`	3 months	crt.sh
c.tadst.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-03` - `2025-05-05`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
btloader.com GTS CA 1P5	`2024-04-14` - `2024-07-13`	3 months	crt.sh
quantserve.com R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
misc-sni.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://lawnvapor.click/
Frame ID: 38DC71BD0648AB689EA62344870F4E3B
Requests: 52 HTTP requests in this frame

Frame: https://0a17d60ab651d86e689a4784aa629598.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 07341FC6E03ED31E0E36C1D05ECAD8E1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs
Frame ID: 899E76269BD171089DC48932C88FAA29
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 722BC96B6D8B9202F7F3DA031C81BEF1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Current Local Time in Denizli, Turkey

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

64
Requests

97 %
HTTPS

57 %
IPv6

9
Domains

14
Subdomains

15
IPs

1
Countries

864 kB
Transfer

1797 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
lawnvapor.click/ 87 KB
18 KB 395ms
188ms Document
text/html 172.67.180.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lawnvapor.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfd6b7faea18715c35ccc9e6dee5c18778bc3f231e86e4ec82a020024e5a24a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8904dd4d5cac1907-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 08 Jun 2024 00:46:22 GMT
expires: Sat, 08 Jun 2024 00:46:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obkYW0IjYeFOkUaKcmrrlFqAVV%2F%2FdhYDVrTFs3BT6aqg50qIOiZ4rk4R92%2B2MYmmDZMVea%2BRDg19jGjZwcMrKQvmyMY4TxQZeZEzFfGu7BIZnZv8RgjQLw6Fb%2BcvwB9Micc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 iconfont.woff2@v8
lawnvapor.click/lander/white-tr-mesmero2/ 5 KB
6 KB 59ms
59ms Font
application/octet-stream 172.67.180.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lawnvapor.click/lander/white-tr-mesmero2/iconfont.woff2@v8

Requested by

Host: lawnvapor.click
URL: https://lawnvapor.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef4479b867b50cb063a81ff5d78c68ca95b732ef59591375cdecc79d1a57a958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Origin: https://lawnvapor.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:22 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628eba1-15a0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bhuIJT8D%2Bun3u9v0o4qtOG2xqq0HjDHUDcOlHZtGxnv9xEv0iLx1ZPpeIcSoievU%2BEtTZ6MD3SPkHuw%2FQNwCJ2cc%2FgifFLf0sGv%2BM8KXwRFO2tjYvGM%2B0liRjR36cCF%2BsBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8904dd4e7d701907-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5536

GET
H2 200 global_31.css.br
c.tadst.com/com/common/ 80 KB
18 KB 185ms
45ms Stylesheet
text/css 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/global_31.css.br
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 85c10f32ac3cf1d4e831179577e732883d99e9215405c0f3506847ebc5687351

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 07 Jun 2024 13:09:18 GMT
last-modified: Tue, 30 Apr 2024 10:15:45 GMT
age: 128225
x-timer: S1717807583.609778,VS0,VE1
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 17967
x-served-by: cache-fra-etou8220148-FRA

GET
H3 200 prebidtad.reg.desk_3.js.br Show response
lawnvapor.click/lander/white-tr-mesmero2/ 371 KB
371 KB 74ms
74ms Script
application/octet-stream 172.67.180.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lawnvapor.click/lander/white-tr-mesmero2/prebidtad.reg.desk_3.js.br

Requested by

Host: lawnvapor.click
URL: https://lawnvapor.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04f51db40dc1ecb0d0661e836432a08de8e5c2556e24c20d179c547c5d6a30f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:22 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628eba1-5cb6e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yIaW7u%2FprxdWW2gBbhWULQgYC9x9U%2F5aDadg%2Bt6OLiDGinxhAUok2%2F0zs9En2QfTGyN0dkxw5wf6C5pnKuBInCtbz38a6iwzBGP5ZmM13bQ%2B2qsWeQ1uv2Z8%2BMdE%2B7JOjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8904dd4e7d721907-FRA
alt-svc: h3=":443"; ma=86400
content-length: 379758

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 201ms
93ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lawnvapor.click
URL: https://lawnvapor.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c877903a94684f04987fe84aacb5972624d0dc036f1715d2d1e0b101bbc5aac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30707
x-xss-protection: 0
server: cafe
etag: 137 / 19882 / m202406040101 / config-hash: 14353985682650205947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jun 2024 00:46:22 GMT

GET
H2 200 tag Show response
btloader.com/ 55 KB
19 KB 165ms
47ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5174239513018368&upapi=true
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3625ba34ab87b77cc250437b2951bc6cc0fb47a8684f09b99adb36a0ab6e82e2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 07 Jun 2024 23:48:50 GMT
server: cloudflare
age: 3230
etag: "9ed779e961269c77a96fb05ea617c1c4"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8904dd4f4e314dc4-FRA
content-length: 18683

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 147ms
28ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 15 Jun 2024 00:46:22 GMT

GET
H2 200 tpl_banner_22.css.br
c.tadst.com/com/common/ 9 KB
2 KB 176ms
36ms Stylesheet
text/css 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/tpl_banner_22.css.br
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 09db698e1c40227a81ec4886e65dcc230b544324c7981cd203b5455058a7476f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 167
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 07 Jun 2024 12:17:57 GMT
last-modified: Tue, 23 Jan 2024 10:09:18 GMT
age: 131304
x-timer: S1717807583.608782,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 1536
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 citypages_53.css.br
c.tadst.com/com/common/ 10 KB
3 KB 178ms
38ms Stylesheet
text/css 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/citypages_53.css.br
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3140d841459c7dc7b848d1ddc37c07120d8b2558decb24450b0c4aa9d1d2d866

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 120
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 07 Jun 2024 12:17:57 GMT
last-modified: Tue, 23 Jan 2024 10:09:22 GMT
age: 131304
x-timer: S1717807583.609031,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 2738
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 city_overview_26.css.br
c.tadst.com/com/common/ 12 KB
3 KB 179ms
39ms Stylesheet
text/css 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/city_overview_26.css.br
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9d17e6d55bf3d47e1932a1bafbe4f9a6737e79e982c38dfc2981cad4918d59e2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 07 Jun 2024 12:17:58 GMT
last-modified: Tue, 23 Jan 2024 10:09:15 GMT
age: 131305
x-timer: S1717807583.609011,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 2921
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 tr.png
c.tadst.com/gfx/n/fl/48/ 861 B
1 KB 80ms
54ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/fl/48/tr.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5571293335b57878844fbad3aea3f8af9e9909f90f00249b6f0b676e86a01333

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:08:14 GMT
last-modified: Sat, 05 Sep 2015 22:17:25 GMT
age: 131088
x-timer: S1717807583.697201,VS0,VE1
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 861
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 tr-10.png
c.tadst.com/gfx/citymap/ 7 KB
7 KB 183ms
43ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/citymap/tr-10.png?9
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2f7f8f2d1ccc10a6e92fc58f6818f26ab3385765b92f46b84678f739c5cc31a6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:08:14 GMT
last-modified: Thu, 21 Jul 2016 13:41:05 GMT
age: 131088
x-timer: S1717807583.609288,VS0,VE1
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 6939
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 icon-map-pin.png
c.tadst.com/gfx/n/icon/ 441 B
532 B 64ms
38ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/icon/icon-map-pin.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fa052601ef12ee9562dfc62b446d1a8a3ebad33ed9e9108bf0675f3a09ef7b65

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 6
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:33 GMT
age: 131304
x-timer: S1717807583.697175,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 441
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wt-7.svg
c.tadst.com/gfx/w/svg/ 2 KB
680 B 64ms
37ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/w/svg/wt-7.svg
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee3e3c9a4c1c88c2490b22a3c2811657ca2ba50e38426ae5bbc985e8bf19f33c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Tue, 25 Feb 2020 15:57:01 GMT
age: 131304
x-timer: S1717807583.697166,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 581
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wt-2.svg
c.tadst.com/gfx/w/svg/ 2 KB
731 B 64ms
38ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/w/svg/wt-2.svg
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7d160e1776e304d37c9c2b636563d7dfce97d3a4db4ed05025c7c9df951ae058

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 51
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Mon, 30 Mar 2020 11:44:13 GMT
age: 131304
x-timer: S1717807583.697133,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 568
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wc-tmz.png
c.tadst.com/gfx/n/i/ 987 B
1 KB 181ms
42ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-tmz.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8a0dddcb62bcc681f8cda02134c3216e93ec701bfcb19adbf311935600eacb8f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
age: 131305
x-timer: S1717807583.609546,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 987
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wc-nodst.png
c.tadst.com/gfx/n/i/ 717 B
831 B 80ms
53ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-nodst.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c00280650f672626c573272512b1ccb326c2a8bc16ee87b1c41ca88f7f80da94

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:42 GMT
last-modified: Sun, 11 Jan 2015 02:07:09 GMT
age: 131300
x-timer: S1717807583.697099,VS0,VE1
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 717
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wc-dff.png
c.tadst.com/gfx/n/i/ 716 B
808 B 66ms
35ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-dff.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b5aa51ea20ae2ea52cd995c3dd0002e1bf9d8d014a72f8d7b519a1adf673522a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:06 GMT
age: 131305
x-timer: S1717807583.696556,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 716
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wc-snr.png
c.tadst.com/gfx/n/i/ 469 B
657 B 63ms
37ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-snr.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d8138b7a7a9081c3cfe1a7c96f85f4d92b6e66f55700356dec892b8e28509b44

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
age: 131304
x-timer: S1717807583.697256,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 469
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wc-sns.png
c.tadst.com/gfx/n/i/ 466 B
525 B 64ms
37ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-sns.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a9aa1e94039ec3e2d657e3dc598c5ba7f67fb68a48e330fd9832b3cb50f949f0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
age: 131305
x-timer: S1717807583.697232,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 466
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wc-dln.png
c.tadst.com/gfx/n/i/ 607 B
690 B 64ms
38ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-dln.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7690fe188596a70bfd1cf255a78a79947dcba2e9cc46481cef75db835ee38fa3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:08 GMT
age: 131305
x-timer: S1717807583.697076,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 607
x-served-by: cache-fra-etou8220148-FRA

GET
H3 200 moon.php@m=1&i=0.998&p=3.845&r=0.266
lawnvapor.click/lander/white-tr-mesmero2/ 1 KB
2 KB 56ms
56ms Image
application/octet-stream 172.67.180.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lawnvapor.click/lander/white-tr-mesmero2/moon.php@m=1&i=0.998&p=3.845&r=0.266

Requested by

Host: lawnvapor.click
URL: https://lawnvapor.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541a25ed4f2a16dbfae243dd9885cc998b09649e06d37b318e732f92c637fe01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:22 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628eba1-4e7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zvPi99a0JaxWOE%2FAPbSv4NjDPCH4M194q12PRWX0tQqW5EMm7tBVB9gf8Ieq1TQKZ6i2zfJ6auO%2BmrEkFeC9uyqqmVrmExBJ18BRnVLOkVJQ2iF1e6mlgsuKBtERYg0DoVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8904dd4ead891907-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1255

GET
H2 200 wc-clc.png
c.tadst.com/gfx/n/i/ 457 B
540 B 79ms
52ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-clc.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b342157b6e91ecd217341928d5fe8b2b723aabfd9a9cadbbb8c1094b250ef12d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:04 GMT
age: 131304
x-timer: S1717807583.697495,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 457
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wc-cal.png
c.tadst.com/gfx/n/i/ 423 B
583 B 93ms
67ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-cal.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2f0fd4c6fc5db5f1ea9fe9eba9ad25901cd6c38964915f235ebbf02332a0128e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:02 GMT
age: 131305
x-timer: S1717807583.698080,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 423
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wc-nrb.png
c.tadst.com/gfx/n/i/ 426 B
541 B 82ms
55ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/wc-nrb.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a2a5fc560c5b46a79385b2c425fccfdb13808281bc2fa3ab7f4960ea597561ce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Sun, 11 Jan 2015 02:07:10 GMT
age: 131304
x-timer: S1717807583.698065,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 426
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 logo-2021--horizontal-inverted-darkbg.svg
c.tadst.com/gfx/n/logo/ 3 KB
1 KB 82ms
56ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/logo/logo-2021--horizontal-inverted-darkbg.svg
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 297cd8b0fe160762ae89400620fd42a099b16af38aeceae08e7c48b681313e0e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 218
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:34 GMT
last-modified: Fri, 26 May 2023 07:30:21 GMT
age: 131308
x-timer: S1717807583.698039,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 1112
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 tr.png
c.tadst.com/gfx/n/fl/128/ 2 KB
2 KB 96ms
70ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/fl/128/tr.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 876dc1a0b2578479bb9c086e503dd0ea5bb9d5fabef5302419ceadde930d2727

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:08:14 GMT
last-modified: Sat, 04 Jul 2015 22:20:13 GMT
age: 91894
x-timer: S1717807583.698011,VS0,VE1
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 2366
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 wcommon_27.js.br Show response
c.tadst.com/com/common/ 51 KB
21 KB 59ms
33ms Script
application/javascript 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/wcommon_27.js.br
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b282ea707eafd10b4423fc234ebd05d507dc6510cb9dcef9cfc2a6332051c92d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 261
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 07 Jun 2024 12:17:57 GMT
last-modified: Tue, 19 Mar 2024 09:32:34 GMT
age: 131305
x-timer: S1717807583.696590,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 20910
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 togglefullscreen_11.js.br Show response
c.tadst.com/com/common/ 2 KB
1 KB 63ms
37ms Script
application/javascript 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/com/common/togglefullscreen_11.js.br
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1d6c1eb6129a6eda2d6622390def01b906dba2a1fafc75beed913ea76b0813b2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 07 Jun 2024 12:17:58 GMT
last-modified: Tue, 19 Mar 2024 09:32:34 GMT
age: 131304
x-timer: S1717807583.697217,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 1012
x-served-by: cache-fra-etou8220148-FRA

GET
H3 200 classonhover.js Show response
lawnvapor.click/lander/white-tr-mesmero2/ 1 KB
1 KB 223ms
222ms Script
application/javascript 172.67.180.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lawnvapor.click/lander/white-tr-mesmero2/classonhover.js
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11477603ff1a8a307c02a1463df2d4a3da182b85a15bedd5e0e557733de17401

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 24 Apr 2024 11:23:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6628eba1-5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXHGkzRf60avyP33la9VAhHsxQHxLF%2BES1xGH6WpP8ZhK74RUZJoT8WuRbLIuJfcgupbNlCABba8HxxMdrbvjDfpwB2qAxnNuNTvxwuH%2F8tYzxVMBI7JDPTU1hryR%2FuxSnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8904dd4ead8b1907-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Jun 2024 00:46:22 GMT

GET
H2 200 rules-p-8QLn8vj66GL9W.js Show response
rules.quantcount.com/ 4 KB
2 KB 158ms
37ms Script
application/javascript 2600:9000:237d:5000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8QLn8vj66GL9W.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:5000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae04a82151b0dbf40cb7c3853cb4e75761e22973b9d0d0bfe3dd8da5fee5b69

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:29:23 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 1174
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 02 Nov 2022 13:45:25 GMT
server: AmazonS3
etag: W/"413808edb2d8489603e145cf44d200ee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: FrBpkotZrZHLmVZKILuJ2526yHjZ_VxzQTr2X5R0eZnpHl_e2kOQ-w==

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 263ms
148ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5174239513018368&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
918 B 152ms
38ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2530156
x-guploader-uploadid: ABPtcPomypDADkjt-Ijr59JbP9-YGVWcWEJrwcB_EmdF-FOWQ6wJVj06GQph4DWBjVqA6tq9UQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XaccHQ%2B72AAPu%2BM8YXKLuJ0IJyY17Xs%2F5K8Jxkr3faQbRkRveiRBzbq9wKXElIwn34iMCAQmhhKMZ606kHsMJcZkrl%2F7JbEvyKzEZ9cR8waR0FLyZo%2FSLbSZ8hgoGYTX%2FoTdANHe9dmgo65DKw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8904dd507c792c1a-FRA
expires: Thu, 09 May 2024 18:52:06 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 146ms
35ms Image
image/x-icon 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: lawnvapor.click
URL: https://lawnvapor.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 14:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Jun 2024 14:07:08 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 170ms
56ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.0068409999884038175
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2530156
x-guploader-uploadid: ABPtcPomypDADkjt-Ijr59JbP9-YGVWcWEJrwcB_EmdF-FOWQ6wJVj06GQph4DWBjVqA6tq9UQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cvePfIbPw32l9emWC4OAUHsl8e1k8KGcezG%2B6E3UOM2Wv%2FyUewPS6rxD5565c6iOwq8Ydxr39nC6eBJmNZMJH39%2FQ%2FMv0MQ%2BdQKZEkpjJ7tw0wYeOW8vmDaduG480FEisqzKp93H6UDCqxAjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8904dd507c7b2c1a-FRA
expires: Thu, 09 May 2024 18:52:06 GMT

GET
H2 200 wt-7.svg
c.tadst.com/gfx/w/svg/ 2 KB
0 95ms
95ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/w/svg/wt-7.svg
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee3e3c9a4c1c88c2490b22a3c2811657ca2ba50e38426ae5bbc985e8bf19f33c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Tue, 25 Feb 2020 15:57:01 GMT
age: 131304
x-timer: S1717807583.697166,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 581
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 logo-2021--horizontal-inverted-darkbg.svg
c.tadst.com/gfx/n/logo/ 3 KB
0 96ms
96ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/logo/logo-2021--horizontal-inverted-darkbg.svg
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 297cd8b0fe160762ae89400620fd42a099b16af38aeceae08e7c48b681313e0e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 218
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:34 GMT
last-modified: Fri, 26 May 2023 07:30:21 GMT
age: 131308
x-timer: S1717807583.698039,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 1112
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 banner--2023.svg
c.tadst.com/gfx/n/ 2 KB
958 B 62ms
61ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/banner--2023.svg
Requested by: Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a03058e53c7d4a03d7348a052995ff28c6577433179cbfd930d4d6bb6efa406

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://c.tadst.com/com/common/global_31.css.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 158
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Wed, 20 Sep 2023 13:28:14 GMT
age: 131304
x-timer: S1717807583.706992,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 865
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 logo-2021--vertical-color-whitebg.svg
c.tadst.com/gfx/n/logo/ 8 KB
4 KB 79ms
78ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/logo/logo-2021--vertical-color-whitebg.svg
Requested by: Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f33acb319f8f8a4cf1d577a5723a232ceb2739d041eb363eb61b357b907ba69a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://c.tadst.com/com/common/global_31.css.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 214
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:38 GMT
last-modified: Fri, 24 Sep 2021 10:22:46 GMT
age: 131304
x-timer: S1717807583.726435,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 3481
x-served-by: cache-fra-etou8220148-FRA

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/ 463 KB
144 KB 35ms
34ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b1ff229d7cf6c2eb168c41b99ce4081f4ed5d4cbbfbd94a3450066f89c9d54b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 11:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49419
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147735
x-xss-protection: 0
server: cafe
etag: 15837355652058665441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Jun 2025 11:02:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 63 B
72 B 131ms
56ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lawnvapor.click

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d8dd8e65db0e75a011ca9d0263dfabaf9b806220c639e9a93a1826c363aa4e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
x-xss-protection: 0
expires: Sat, 08 Jun 2024 00:46:22 GMT

GET
H2 200 tr.png
c.tadst.com/gfx/n/fl/128/ 2 KB
0 0ms
0ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/fl/128/tr.png
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 876dc1a0b2578479bb9c086e503dd0ea5bb9d5fabef5302419ceadde930d2727

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:08:14 GMT
last-modified: Sat, 04 Jul 2015 22:20:13 GMT
age: 91894
x-timer: S1717807583.698011,VS0,VE1
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 2366
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 spr-footer-social.png
c.tadst.com/gfx/n/i/ 2 KB
2 KB 37ms
35ms Image
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/spr-footer-social.png
Requested by: Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 10c56d84fe8a6c731b232b702f3ad71e643adc1fc118892b9834697d218aa1a0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://c.tadst.com/com/common/global_31.css.br
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 329
date: Sat, 08 Jun 2024 00:46:22 GMT
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:34 GMT
last-modified: Mon, 30 Oct 2023 09:22:39 GMT
age: 131308
x-timer: S1717807583.885209,VS0,VE0
vary: Origin
x-cache: HIT
content-type: image/png
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 2451
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 pixel;r=2034018049;rf=0;a=p-8QLn8vj66GL9W;url=https%3A%2F%2Flawnvapor.click%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1113466647-1717807582652;pbc=;...
pixel.quantserve.com/ 35 B
455 B 51ms
33ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2034018049;rf=0;a=p-8QLn8vj66GL9W;url=https%3A%2F%2Flawnvapor.click%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1113466647-1717807582652;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=lawnvapor.click;dst=1;et=1717807582876;tzo=-120;ogl=image.https%3A%2F%2Fwww%252Etimeanddate%252Ecom%2Fscripts%2Fcityog%252Ephp%3Ftitle%3DCurrent%2520Local%2520Time%2520in%2Cimage%3Awidth.1366%2Cimage%3Aheight.738%2Ctype.website;ses=11104d75-c1f5-479a-a626-4b8d4c8c216f;mdl=

Requested by

Host: lawnvapor.click
URL: https://lawnvapor.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 00:46:22 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 service__supporter.svg
c.tadst.com/gfx/n/i/ 964 B
620 B 38ms
37ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/i/service__supporter.svg
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9de07b9af64229d0697f40ad1a422f3ef7ac84cbb1e89ed8116a2a6d5f3e3d94

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 188
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:36 GMT
last-modified: Fri, 15 Jun 2018 08:21:10 GMT
age: 131307
x-timer: S1717807583.895804,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 497
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 logo-2021--horizontal-color-whitebg.svg
c.tadst.com/gfx/n/logo/ 8 KB
4 KB 36ms
36ms Image
image/svg+xml 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.tadst.com/gfx/n/logo/logo-2021--horizontal-color-whitebg.svg
Requested by: Host: lawnvapor.click
URL: https://lawnvapor.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 61b74e87662c8856f5d3bf3f8ae9f6f3405d76a6ba5df3815f548dd0f0f3f36d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 183
date: Sat, 08 Jun 2024 00:46:22 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Mon, 30 Sep 2024 06:04:36 GMT
last-modified: Thu, 23 Sep 2021 08:12:11 GMT
age: 131307
x-timer: S1717807583.895737,VS0,VE0
vary: Accept-Encoding,Origin
x-cache: HIT
content-type: image/svg+xml
cache-control: public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges: bytes
content-length: 3515
x-served-by: cache-fra-etou8220148-FRA

GET
H2 200 favicon-32x32.png
c.tadst.com/ 741 B
916 B 38ms
38ms Other
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/favicon-32x32.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3323913991aeb916043c96187df36e4e4b6d59ef4349f7efbc5465089a04009b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220148-FRA
date: Sat, 08 Jun 2024 00:46:23 GMT
via: 1.1 varnish
last-modified: Mon, 11 Sep 2023 18:39:47 GMT
age: 3632
x-timer: S1717807583.024044,VS0,VE4
etag: "2e5-60519a69bf3c6"
x-cache: HIT
content-type: image/png
accept-ranges: bytes
content-length: 741
x-cache-hits: 1

GET
H2 200 favicon-16x16.png
c.tadst.com/ 456 B
539 B 32ms
32ms Other
image/png 151.101.129.170
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tadst.com/favicon-16x16.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5164076595a480f57d530a850655617e7f1cfa896856492efdc28f52c8a42627

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220148-FRA
date: Sat, 08 Jun 2024 00:46:23 GMT
via: 1.1 varnish
last-modified: Mon, 11 Sep 2023 18:39:47 GMT
age: 44908
x-timer: S1717807583.078774,VS0,VE0
etag: "1c8-60519a69b76ad"
x-cache: HIT
content-type: image/png
accept-ranges: bytes
content-length: 456
x-cache-hits: 44

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 415ms
208ms XHR
application/json 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7b91a980ecb28cd7a7bafab3c36dca8ef5867a7cb334a9c2bd520aaa86ff8734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12787
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 44 KB
11 KB 573ms
379ms Fetch
text/plain 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1563430856353475&correlator=3264915026175222&eid=31079957%2C31084075%2C31078668&output=ldjh&gdfp_req=1&vrg=202406040101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1004254%2Ctadcom_300x600%2Ctadcom_970&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%7C300x250%7C160x600%7C120x600%2C970x90%7C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1717807585839&lmt=1717807585&adxs=1284%2C430&adys=338%2C10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Flawnvapor.click%2F&vis=1&psz=300x11%7C970x-1&msz=300x0%7C970x-1&fws=512%2C512&ohw=0%2C0&ga_vid=2006266245.1717807586&ga_sid=1717807586&ga_hid=1646200174&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717807582454&idt=517&cust_params=ab%3Db%26hr%3D10%26ut%3Ds%26art%3D3712%26si%3D1&adks=686471698%2C2541254599&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

cf899fae48d5aaee65077a3fddb73779ee9cd080e96de7b0627b0b03e19f611d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11293
x-xss-protection: 0
google-lineitem-id: -2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lawnvapor.click
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0a17d60ab651d86e689a4784aa629598.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0734 0
0 477ms
22ms Document
text/html 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://0a17d60ab651d86e689a4784aa629598.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://lawnvapor.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jun 2024 00:46:26 GMT
expires: Sat, 08 Jun 2024 00:46:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 415ms
82ms Script
text/javascript 2a00:1450:4001:831::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 00:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jun 2024 00:46:26 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012405231944000/ Frame 899E 196 KB
56 KB 215ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jun 2024 16:09:01 GMT
age: 31045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56221
x-xss-protection: 0
server: sffe
etag: "4f8c718905502572"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Jun 2025 16:09:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 899E 15 KB
5 KB 274ms
89ms Script
text/javascript 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jun 2024 19:02:58 GMT
age: 20608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5215
x-xss-protection: 0
server: sffe
etag: "520f632e10627ab5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Jun 2025 19:02:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 899E 95 KB
28 KB 276ms
92ms Script
text/javascript 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jun 2024 21:09:04 GMT
age: 13042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29049
x-xss-protection: 0
server: sffe
etag: "d2ee33e5ff8fd311"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Jun 2025 21:09:04 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 899E 5 KB
2 KB 303ms
119ms Script
text/javascript 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jun 2024 09:52:45 GMT
age: 53621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1909
x-xss-protection: 0
server: sffe
etag: "bfb34e064e92ea30"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Jun 2025 09:52:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 899E 40 KB
13 KB 304ms
120ms Script
text/javascript 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jun 2024 05:10:19 GMT
age: 70567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "35ded0b44597563f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Jun 2025 05:10:19 GMT

GET
DATA 200
OK truncated
/ Frame 899E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab9f5d663db337cf0aa714d1156e690594ac56b8ba73cb3df1d1610fb35b25e1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15608145926454690406
tpc.googlesyndication.com/daca_images/simgad/ Frame 899E 43 KB
44 KB 189ms
33ms Image
image/png 2a00:1450:4001:831::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15608145926454690406

Requested by

Host: lawnvapor.click
URL: https://lawnvapor.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1087dcacb487081899b31297746b3866dfbaf5faa8a6d517e7a0e2b0d72cb8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 07 Jun 2025 06:47:51 GMT
date: Fri, 07 Jun 2024 06:47:51 GMT
x-content-type-options: nosniff
age: 64715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44100
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:51:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 899E 2 KB
2 KB 180ms
49ms Image
image/png 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: lawnvapor.click
URL: https://lawnvapor.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 14:21:40 GMT
x-content-type-options: nosniff
server: cafe
age: 37486
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 08 Jun 2024 14:21:40 GMT

GET
H3 200 icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 899E 295 B
319 B 177ms
47ms Image
image/png 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: lawnvapor.click
URL: https://lawnvapor.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 14:19:37 GMT
x-content-type-options: nosniff
server: cafe
age: 37609
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 08 Jun 2024 14:19:37 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 722B 0
0 121ms
36ms Document
text/html 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://lawnvapor.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 10172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jun 2024 21:56:55 GMT
expires: Sat, 07 Jun 2025 21:56:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET adview
pagead2.googlesyndication.com/pagead/ Frame 899E 0
0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 899E 42 B
65 B 70ms
70ms Image
image/gif 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2vwN_V1NIk5O1AyRFuA-jFJ-_5VpP0DToqCOkzeWCfshC-sfdLrDwWTTi1heK3PqXjUL6ekHxcuy7hSlWvN9cGEcOhwW18REb-7YeFkiTPg5XNliyiPNyw0DCwzAYKFrHKzYi_NZScqdLc4nN4ps6lM7S4O_gnS1o6c5J-5k&sig=Cg0ArKJSzOyneZYHhfudEAE&id=ampim&o=672,10&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=394&tls=1395&g=100&h=100&tt=1395&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=125.0.6422.141&uab=64&uafvl=%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.141%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lawnvapor.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 00:46:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/adview?ai=CebaB4qljZr21B9HH1PIPuObo-AGq9Ybdd9G62uTgEmQQASDIsfwbYJWCgICgB6AB4_z63ijIAQKpAtlSPK9xHrI-4AIAqAMByAMIqgSGAk_QMJAkwXYy8vJlNbb11qQXPRY4-cUrrTIAC2uE0GE-kWJZ4AbXakKcVMhxF1tztTl4xk03XAG3RAqReR-2NJF2UJzRshtOR5bqxgZoBQs-kiSt6vpvduDh3yw-BLEIYxLHx8NWH_bVohajdF8klO9mglfmVCZsFZ5H4OmS1T3O3cLXninDa3CmYWytM88EGnms9fRHya53FpNEJYUgt1jw1FCgZyV09kfPKUl75WZh-xQcBLU43UC8eO-HIzOtZry__dmQup0gTSNp3L7LfNWsZFur6fR6iTrmerZpRdyV-lbVlScGfDtTIPF8EJ9nDhy2mOoQNjWZY92n0VeLcaKJ3u6H2I_ABNqkq4-ZBOAEAYgF6s-1t0WSBQQIBBgBkgUECAUYBKAGAoAH47TLvgOoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBBDJ9AnSCCoIkeGAcBABGB0yB-uLgOC_gA06CACAgICAgJQoSL39wTpYhIHZ9-PKhgOaCaABaHR0cDovL3d3dy5qYWNrcG90LmRlL2xwL3Nsb3RnYW1lczlnYm9udXMtZGU_YWlkPWdvb2dsZTEtZGlzcGxheSZ1dG1fc291cmNlPXNlYSZ1dG1fbWVkaXVtPTEwMjImdXRtX2NvbnRlbnQ9JnV0bV9jYW1wYWlnbj1sYXdudmFwb3IuY2xpY2smdXRtX3Rlcm09Z2NsaWRfe2djbGlkfYAKA8gLAeINEwiss9n348qGAxXRI1UIHTgzGh_YEw3QFQGAFwGyFx4KHAgAEhRwdWItNDAzNDI2NzY5MjA5MTQ0OBiu4AWyGAkSArBTGAIiAQA&sigh=8zcdyovcgvM&uach_m=%5B%5D&ase=2&nis=6&cbvp=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406040101&jk=1563430856353475&bg=!xMelx4jNAAb64txl2uI7ADQBe5WfOM8tb0IiTukOJ1FAeAPXxjTHrAnItGo1ESZl3iUxBvpbuKpsw1Kg9LOR3sxpQfQSAgAAAI5SAAAAA2gBB34ANfQ29lepnZ8-8c5LyefR2-h2mEFsYgPFP4qArLfgRgV-FSk4BJOIjv9bF4WKJkR0pgSdZQahCgBZCS-S-W0g8h-gHMgLMhAZ2eLlStZ1XY7jpCiwMJqz_sJiRsIby7-4FaRNe7Arb81EXB6lNaBj9Be3dQ3jItTPmRHCfekJBWD2OGS44RohjUINzUc3v5uOOpeZAqzxKgW8IrpafIuKVTDgIYyHp4TTh2_UcpZeLjtHgR_r9snmURwlY40eGexVnHjXhXy9dH7KBngQ9CuuDV84Hphf9Jeb3Bh9HOI3YbewlcadOrqNNIcmDaL4rmD5wbI_mDakBJbgg89wGymrKU0JgyS29O1JOyvpiiqQaVLmTisiCQx3SOx1Z8-GQ-yDDhiSERVHr4jqmu4nxgvTsjZmiLrtBjPr_BP59JiUrG3JbHiRlDJSQFGD2BEjzo-q2bvl77rVfSOc4pdleAPc0Q6g2whpGDjIoYVv1Zct4EJhtTx0huZRsmExMBmZiV5_htn2Bx_Q0F9BJ8PeVnOlvv7EUYRr74WIAb3F89_CHhO-UgUhO3D2id4F3O-chnYq6aVSFsvil_6fW2sie2y2erj-s33qIVF4iKK4zJI_DGeS7EWaNsGRLh8tPTUsK8wgfMF3FELUGuXlLSmsTLBIN-6uhRH8iPhVAsBc3yvyEa11Y5YH-BQ6tBxCmKmvSf72Wl1hB5FGnfurC0E_Q5W1bKkwCOwvQzwhlyF0csU1LRQhHpBNXhxzHaCZw3L8-sVPQcdarblDQPEI5zWqkSnd85ls8hHIXY65X52IxK7XqMpIbYGScH-9pMnEaBGK7951F_34PTJmTgQASstteVCZlFH9m-V5mNVFjx77hM2bh_93b5xG09T4xiJQzJOzwNpeu1MSJmR9z32mvDdPeLFxxCpvzNlPlbjmdB1uGdBaAtBAVjj_sxNCsaaHfWyJ5sBwHyMOhoOkLGGAj1vg62QhMtBYuGQpLSknU6Ngg7v4rAuTvklTsUOG_WeaFePzEJx8Uc-8LzpsGXS66s6pOb7ho04cZt57hVE6PRUjNdobD6X1kU_Wp-MKBMnwGsdYhpZqIUOCIdKyXKDmNiKjxG5LmFI

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.quantserve.com/	1970-01-21 06:40:21	Name: mc Value: 6663a9de-df0cf-aa62e-d5247
			.lawnvapor.click/	1970-01-21 06:34:36	Name: __qca Value: P0-1113466647-1717807582652

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://lawnvapor.click/ Message: Refused to execute script from 'https://lawnvapor.click/lander/white-tr-mesmero2/prebidtad.reg.desk_3.js.br' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://lawnvapor.click/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a17d60ab651d86e689a4784aa629598.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
c.tadst.com
cdn.ampproject.org
lawnvapor.click
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
130.211.23.194
142.250.184.194
142.250.185.134
151.101.129.170
172.67.180.68
216.58.206.66
2600:9000:237d:5000:6:44e3:f8c0:93a1
2606:4700:10::ac43:293c
2606:4700:20::681a:346
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:813::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2001
04f51db40dc1ecb0d0661e836432a08de8e5c2556e24c20d179c547c5d6a30f8
09db698e1c40227a81ec4886e65dcc230b544324c7981cd203b5455058a7476f
1087dcacb487081899b31297746b3866dfbaf5faa8a6d517e7a0e2b0d72cb8dd
10c56d84fe8a6c731b232b702f3ad71e643adc1fc118892b9834697d218aa1a0
11477603ff1a8a307c02a1463df2d4a3da182b85a15bedd5e0e557733de17401
1d6c1eb6129a6eda2d6622390def01b906dba2a1fafc75beed913ea76b0813b2
297cd8b0fe160762ae89400620fd42a099b16af38aeceae08e7c48b681313e0e
2f0fd4c6fc5db5f1ea9fe9eba9ad25901cd6c38964915f235ebbf02332a0128e
2f7f8f2d1ccc10a6e92fc58f6818f26ab3385765b92f46b84678f739c5cc31a6
3140d841459c7dc7b848d1ddc37c07120d8b2558decb24450b0c4aa9d1d2d866
3323913991aeb916043c96187df36e4e4b6d59ef4349f7efbc5465089a04009b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3625ba34ab87b77cc250437b2951bc6cc0fb47a8684f09b99adb36a0ab6e82e2
3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
5164076595a480f57d530a850655617e7f1cfa896856492efdc28f52c8a42627
541a25ed4f2a16dbfae243dd9885cc998b09649e06d37b318e732f92c637fe01
5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22
5571293335b57878844fbad3aea3f8af9e9909f90f00249b6f0b676e86a01333
5a03058e53c7d4a03d7348a052995ff28c6577433179cbfd930d4d6bb6efa406
61b74e87662c8856f5d3bf3f8ae9f6f3405d76a6ba5df3815f548dd0f0f3f36d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7690fe188596a70bfd1cf255a78a79947dcba2e9cc46481cef75db835ee38fa3
7b91a980ecb28cd7a7bafab3c36dca8ef5867a7cb334a9c2bd520aaa86ff8734
7bfd6b7faea18715c35ccc9e6dee5c18778bc3f231e86e4ec82a020024e5a24a
7d160e1776e304d37c9c2b636563d7dfce97d3a4db4ed05025c7c9df951ae058
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
85c10f32ac3cf1d4e831179577e732883d99e9215405c0f3506847ebc5687351
876dc1a0b2578479bb9c086e503dd0ea5bb9d5fabef5302419ceadde930d2727
8a0dddcb62bcc681f8cda02134c3216e93ec701bfcb19adbf311935600eacb8f
9d17e6d55bf3d47e1932a1bafbe4f9a6737e79e982c38dfc2981cad4918d59e2
9de07b9af64229d0697f40ad1a422f3ef7ac84cbb1e89ed8116a2a6d5f3e3d94
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2a5fc560c5b46a79385b2c425fccfdb13808281bc2fa3ab7f4960ea597561ce
a9aa1e94039ec3e2d657e3dc598c5ba7f67fb68a48e330fd9832b3cb50f949f0
ab9f5d663db337cf0aa714d1156e690594ac56b8ba73cb3df1d1610fb35b25e1
b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6
b1ff229d7cf6c2eb168c41b99ce4081f4ed5d4cbbfbd94a3450066f89c9d54b2
b282ea707eafd10b4423fc234ebd05d507dc6510cb9dcef9cfc2a6332051c92d
b342157b6e91ecd217341928d5fe8b2b723aabfd9a9cadbbb8c1094b250ef12d
b5aa51ea20ae2ea52cd995c3dd0002e1bf9d8d014a72f8d7b519a1adf673522a
c00280650f672626c573272512b1ccb326c2a8bc16ee87b1c41ca88f7f80da94
c877903a94684f04987fe84aacb5972624d0dc036f1715d2d1e0b101bbc5aac9
cae04a82151b0dbf40cb7c3853cb4e75761e22973b9d0d0bfe3dd8da5fee5b69
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf899fae48d5aaee65077a3fddb73779ee9cd080e96de7b0627b0b03e19f611d
d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70
d8138b7a7a9081c3cfe1a7c96f85f4d92b6e66f55700356dec892b8e28509b44
d8dd8e65db0e75a011ca9d0263dfabaf9b806220c639e9a93a1826c363aa4e38
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3e3c9a4c1c88c2490b22a3c2811657ca2ba50e38426ae5bbc985e8bf19f33c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4479b867b50cb063a81ff5d78c68ca95b732ef59591375cdecc79d1a57a958
f33acb319f8f8a4cf1d577a5723a232ceb2739d041eb363eb61b357b907ba69a
f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33
fa052601ef12ee9562dfc62b446d1a8a3ebad33ed9e9108bf0675f3a09ef7b65

lawnvapor.click Open in urlscan Pro 172.67.180.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

57 %IPv6

9 Domains

14 Subdomains

15 IPs

1 Countries

864 kBTransfer

1797 kBSize

2 Cookies

0 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lawnvapor.click Open in urlscan Pro
172.67.180.68 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

57 %
IPv6

9
Domains

14
Subdomains

15
IPs

1
Countries

864 kB
Transfer

1797 kB
Size

2
Cookies

64 HTTP transactions
1 data transactions