ganhardinheiro-vtxwsp.shop Open in urlscan Pro
2606:4700:3037::6815:390f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ganhardinheiro-vtxwsp.shop/
Submission: On August 28 via automatic, source certstream-suspicious (August 28th 2022, 4:01:16 pm UTC) — Scanned from DE

Summary HTTP 204 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 11 countries across 48 domains to perform 204 HTTP transactions. The main IP is 2606:4700:3037::6815:390f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ganhardinheiro-vtxwsp.shop.
TLS certificate: Issued by E1 on August 28th 2022. Valid for: 3 months.

This is the only time ganhardinheiro-vtxwsp.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
88	2606:4700:303... 2606:4700:3037::6815:390f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.122.44 18.66.122.44	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4 8	104.196.252.36 104.196.252.36	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	3.99.99.158 3.99.99.158	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	18.66.112.77 18.66.112.77	16509 (AMAZON-02) (AMAZON-02)
1	3.133.237.167 3.133.237.167	16509 (AMAZON-02) (AMAZON-02)
5	3.220.159.159 3.220.159.159	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.205.197.33 52.205.197.33	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	3.20.146.98 3.20.146.98	16509 (AMAZON-02) (AMAZON-02)
2 55	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
4 4	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	52.17.63.11 52.17.63.11	16509 (AMAZON-02) (AMAZON-02)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	3.122.47.104 3.122.47.104	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 3	3.127.124.165 3.127.124.165	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:612... 2600:1f18:612b:4232:b349:7e6b:417:1a78	14618 (AMAZON-AES) (AMAZON-AES)
2	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2.23.154.122 2.23.154.122	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	52.222.237.72 52.222.237.72	16509 (AMAZON-02) (AMAZON-02)
1	34.254.11.145 34.254.11.145	16509 (AMAZON-02) (AMAZON-02)
2	54.237.50.216 54.237.50.216	14618 (AMAZON-AES) (AMAZON-AES)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2 2	3.209.91.249 3.209.91.249	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	54.76.210.146 54.76.210.146	16509 (AMAZON-02) (AMAZON-02)
2 2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3 3	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
3 3	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	52.29.252.234 52.29.252.234	16509 (AMAZON-02) (AMAZON-02)
2 2	3.73.240.107 3.73.240.107	16509 (AMAZON-02) (AMAZON-02)
3 3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	54.85.225.242 54.85.225.242	14618 (AMAZON-AES) (AMAZON-AES)
4 4	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
2 2	45.79.156.231 45.79.156.231	63949 (LINODE-AP...) (LINODE-AP Linode)
2 2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
204	34

88 2606:4700:3037::6815:390f (United States)

ASN13335 (CLOUDFLARENET, US)

ganhardinheiro-vtxwsp.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-44.fra60.r.cloudfront.net

cdn.funnelytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.196.252.36 (The Dalles, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.252.196.104.bc.googleusercontent.com

woodbridgehomesolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.woodbridgehomesolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.99.99.158 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-99-99-158.ca-central-1.compute.amazonaws.com

track-v2.funnelytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

11643113.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.112.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-77.fra56.r.cloudfront.net

cdn.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.133.237.167 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-133-237-167.us-east-2.compute.amazonaws.com

ftlaunchpad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.220.159.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-159-159.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.205.197.33 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-197-33.compute-1.amazonaws.com

rdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.20.146.98 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-146-98.us-east-2.compute.amazonaws.com

app.livemarketshoppers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.84 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.63.11 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-63-11.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.122.47.104 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-104.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.124.165 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-124-165.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4232:b349:7e6b:417:1a78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1957 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.154.122 (Vienna, Austria) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-154-122.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.237.72 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-237-72.fra56.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.11.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-11-145.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.237.50.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-50-216.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.209.91.249 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-91-249.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.210.146 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-210-146.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.236 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.252.234 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-252-234.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.240.107 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-240-107.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.225.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-225-242.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.37 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.79.156.231 (Cedar Knolls, United States) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-10.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (United States) 2 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	ganhardinheiro-vtxwsp.shop ganhardinheiro-vtxwsp.shop	308 KB
55	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 282	43 KB
9	doubleclick.net 5 redirects 11643113.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	5 KB
8	woodbridgehomesolutions.com 4 redirects woodbridgehomesolutions.com www.woodbridgehomesolutions.com	255 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	506 B
5	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3440	8 KB
4	semasio.net 4 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1070	2 KB
4	scorecardresearch.com 4 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 146	1 KB
4	serving-sys.com 4 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1174 lm.serving-sys.com — Cisco Umbrella Rank: 1840	2 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 278 cms.analytics.yahoo.com — Cisco Umbrella Rank: 796	698 B
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	3 KB
4	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456	3 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	4 KB
4	calltrk.com cdn.calltrk.com — Cisco Umbrella Rank: 17746 js.calltrk.com — Cisco Umbrella Rank: 27059	21 KB
4	funnelytics.io cdn.funnelytics.io — Cisco Umbrella Rank: 62203 track-v2.funnelytics.io — Cisco Umbrella Rank: 49202	4 KB
3	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 877 image6.pubmatic.com — Cisco Umbrella Rank: 634	432 B
3	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 521	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 612	1 KB
3	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	3 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 327 token.rubiconproject.com — Cisco Umbrella Rank: 711	1006 B
3	myvisualiq.net 3 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1641	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6076 adservice.google.de — Cisco Umbrella Rank: 8811	2 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
3	rdcdn.com 2 redirects rdcdn.com — Cisco Umbrella Rank: 72633	774 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 346	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	195 KB
2	taboola.com 2 redirects sync.taboola.com — Cisco Umbrella Rank: 984	335 B
2	ispot.tv 2 redirects pi.ispot.tv — Cisco Umbrella Rank: 2184	368 B
2	ninthdecimal.com 2 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 2810	1 KB
2	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1163	648 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 399	379 B
2	mookie1.com 2 redirects odr.mookie1.com — Cisco Umbrella Rank: 929	654 B
2	samba.tv 2 redirects ads.samba.tv — Cisco Umbrella Rank: 5166	835 B
2	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2288	526 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 515 usermatch.krxd.net — Cisco Umbrella Rank: 1240	357 B
2	imdb.com 2 redirects www.imdb.com — Cisco Umbrella Rank: 2164	2 KB
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 652	1 KB
2	zeotap.com 2 redirects mwzeom.zeotap.com — Cisco Umbrella Rank: 1478	572 B
2	tremorhub.com amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5125	365 B
2	bluekai.com 2 redirects tags.bluekai.com — Cisco Umbrella Rank: 486	918 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 461	966 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 1819	122 B
1	livemarketshoppers.com app.livemarketshoppers.com — Cisco Umbrella Rank: 23274	149 B
1	ftlaunchpad.ai ftlaunchpad.ai — Cisco Umbrella Rank: 97796	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 130	16 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	76 KB
0	survata.com Failed px.surveywall-api.survata.com Failed
204	48

	Domain	Requested by
88	ganhardinheiro-vtxwsp.shop	ganhardinheiro-vtxwsp.shop
55	s.amazon-adsystem.com	2 redirects ganhardinheiro-vtxwsp.shop s.amazon-adsystem.com
5	www.facebook.com	ganhardinheiro-vtxwsp.shop
5	tags.srv.stackadapt.com	ganhardinheiro-vtxwsp.shop tags.srv.stackadapt.com
4	uipglob.semasio.net	4 redirects
4	sb.scorecardresearch.com	4 redirects
4	x.bidswitch.net	4 redirects
4	ib.adnxs.com	4 redirects
4	11643113.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.woodbridgehomesolutions.com	ganhardinheiro-vtxwsp.shop
4	woodbridgehomesolutions.com	4 redirects
3	cm.g.doubleclick.net	3 redirects
3	sync.search.spotxchange.com	3 redirects
3	c1.adform.net	3 redirects
3	dpm.demdex.net	3 redirects
3	t.myvisualiq.net	3 redirects
3	js.calltrk.com	cdn.calltrk.com
3	rdcdn.com	2 redirects ganhardinheiro-vtxwsp.shop
3	bat.bing.com	www.googletagmanager.com bat.bing.com ganhardinheiro-vtxwsp.shop
3	track-v2.funnelytics.io	cdn.funnelytics.io
3	connect.facebook.net	ganhardinheiro-vtxwsp.shop connect.facebook.net
2	sync.taboola.com	2 redirects
2	image6.pubmatic.com	s.amazon-adsystem.com
2	pi.ispot.tv	2 redirects
2	lciapi.ninthdecimal.com	2 redirects
2	loadus.exelator.com	s.amazon-adsystem.com
2	token.rubiconproject.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	us-u.openx.net	s.amazon-adsystem.com
2	lm.serving-sys.com	2 redirects
2	bs.serving-sys.com	2 redirects
2	odr.mookie1.com	2 redirects
2	ads.samba.tv	2 redirects
2	usersync.samplicio.us	s.amazon-adsystem.com
2	www.imdb.com	2 redirects
2	ads.stickyadstv.com	2 redirects
2	mwzeom.zeotap.com	2 redirects
2	cms.analytics.yahoo.com	s.amazon-adsystem.com
2	amazon.partners.tremorhub.com	s.amazon-adsystem.com
2	ups.analytics.yahoo.com	2 redirects
2	tags.bluekai.com	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	aa.agkn.com	2 redirects
2	adservice.google.de	adservice.google.com
2	adservice.google.com	11643113.fls.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	image2.pubmatic.com	s.amazon-adsystem.com
1	usermatch.krxd.net	s.amazon-adsystem.com
1	pixel.rubiconproject.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	app.livemarketshoppers.com	ftlaunchpad.ai
1	www.google.de	ganhardinheiro-vtxwsp.shop
1	www.google.com	ganhardinheiro-vtxwsp.shop
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ftlaunchpad.ai	www.googletagmanager.com
1	cdn.calltrk.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	ganhardinheiro-vtxwsp.shop
1	cdn.funnelytics.io	ganhardinheiro-vtxwsp.shop
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
204	62

This site contains no links.

Subject Issuer	Validity	Valid
*.ganhardinheiro-vtxwsp.shop E1	`2022-08-28` - `2022-11-26`	3 months	crt.sh
*.funnelytics.io Amazon	`2021-12-06` - `2023-01-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-09-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
swappy.callrail.com Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh
ftlaunchpad.ai Amazon	`2022-05-16` - `2023-06-14`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
livemarketshoppers.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.samplicio.us Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2022-07-26` - `2022-10-24`	3 months	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://ganhardinheiro-vtxwsp.shop/
Frame ID: 9CC9130C24FB4A4F2843334ED6247AC2
Requests: 129 HTTP requests in this frame

Frame: https://ganhardinheiro-vtxwsp.shop/1_files/anchor.htm
Frame ID: C9783914B996A4845D8F0955F29AF197
Requests: 1 HTTP requests in this frame

Frame: https://ganhardinheiro-vtxwsp.shop/1_files/a.htm
Frame ID: BE0B81A068FDA53B2AC2C6CE9AFA004B
Requests: 1 HTTP requests in this frame

Frame: https://11643113.fls.doubleclick.net/activityi;dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F
Frame ID: C7C134666B211E36D082EFDD7F4C49EA
Requests: 1 HTTP requests in this frame

Frame: https://11643113.fls.doubleclick.net/activityi;dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F
Frame ID: 95F08D3DDFC193F19BFCF66C168A13F8
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F
Frame ID: 50187FAC607C4478937F50794E329658
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F
Frame ID: 1D9A0F68FEEFA49F2EE343C2F7667517
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F
Frame ID: 63EDE0BD7C413B6F77CB97439BF594F9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F
Frame ID: D68EEC2112492432E1A3D537F1522DE7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=399097605129761200&dcc=t
Frame ID: 5379CD6BA34E722A9C21DA1ED4772C88
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D25C3C924CC11628F7797BE56703A21B
Requests: 1 HTTP requests in this frame

Frame: https://ganhardinheiro-vtxwsp.shop/1_files/activityi.htm
Frame ID: B01DC24E9684FEEB360E6CDE281B3CBE
Requests: 1 HTTP requests in this frame

Frame: https://ganhardinheiro-vtxwsp.shop/1_files/activityi_002.htm
Frame ID: 5600EE7A0C7619FC002C9CDD20CCC369
Requests: 1 HTTP requests in this frame

Frame: https://ganhardinheiro-vtxwsp.shop/1_files/bframe.htm
Frame ID: 26456572AECD78E4BB0723CFEF3C3B0C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=621818418191788700&dcc=t
Frame ID: 3058C1A0FEF6F4293D000D97BFD8CEC3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A755A58899A4CCB0B31B59D63FE3B660
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s
Frame ID: 29F23EAB1487BAA6444662C20B3BB49F
Requests: 39 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=yzjAPCbLzdgFAg9tvkkanzMpZFkr_PTFy-mYa7sPfehdQFKOGLaQjWxi8kLyNINw894fc7vDIps0gGV6JPmc-yXmASnTMWdD8phZQWj7tqQ
Frame ID: 0EBBD16B652B1CD44AFECD4FDA736459
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Woodbridge Home Solutions: Replacement Windows, Vinyl Siding & Doors

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

204
Requests

73 %
HTTPS

24 %
IPv6

48
Domains

62
Subdomains

34
IPs

11
Countries

967 kB
Transfer

3859 kB
Size

58
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://woodbridgehomesolutions.com/wp-content/uploads/2020/11/home_hero_tj_1200.jpg HTTP 301
https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/home_hero_tj_1200.jpg

Request Chain 93

https://woodbridgehomesolutions.com/wp-content/uploads/2020/11/contact-us-form-bkgrnd.png HTTP 301
https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/contact-us-form-bkgrnd.png

Request Chain 99

https://11643113.fls.doubleclick.net/activityi;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F HTTP 302
https://11643113.fls.doubleclick.net/activityi;dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F

Request Chain 100

https://11643113.fls.doubleclick.net/activityi;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F HTTP 302
https://11643113.fls.doubleclick.net/activityi;dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F

Request Chain 105

https://rdcdn.com/rt?aid=18772&e=1&img=1 HTTP 302
https://rdcdn.com/eow HTTP 302
https://rdcdn.com/images/blank.gif

Request Chain 122

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=399097605129761200 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=399097605129761200&dcc=t

Request Chain 130

https://woodbridgehomesolutions.com/wp-content/uploads/2020/10/family_60_tj.jpg HTTP 301
https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/10/family_60_tj.jpg

Request Chain 131

https://woodbridgehomesolutions.com/wp-content/uploads/2020/11/bg_footer.jpg HTTP 301
https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/bg_footer.jpg

Request Chain 134

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=621818418191788700 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=621818418191788700&dcc=t

Request Chain 145

https://ib.adnxs.com/setuid/a9?entity=188&code=TaLoO2TSQGqciW54t3eH5w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DTaLoO2TSQGqciW54t3eH5w%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=TaLoO2TSQGqciW54t3eH5w

Request Chain 146

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=219333204257002509402&ex=neustar.biz

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=PHQt8PDVTVWXnMN6gpvRBA&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=PHQt8PDVTVWXnMN6gpvRBA&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YwuRR63qoHY90VDKWCDzgQAA

Request Chain 148

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=877f222eb7f5c03e551492034a9204d2

Request Chain 149

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 150

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Nuo4M2xNS4q_iruNFoVkIQ HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Nuo4M2xNS4q_iruNFoVkIQ&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Nuo4M2xNS4q_iruNFoVkIQ

Request Chain 151

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=d26bc06d-41e9-46e8-93e2-e49f24e66fbb

Request Chain 154

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=a9b1b17c-9c89-43a7-656f-8ea6f05b2167

Request Chain 155

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=f28860675314d29e63d9aa9c79353&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 156

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 160

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe6857f16029edb2

Request Chain 161

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nlP_PEQyThKUumwGuqmkyg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nlP_PEQyThKUumwGuqmkyg

Request Chain 162

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=h2oy0WA8TA61hW6WiUPSuw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=42861391711458597590802334923768946017

Request Chain 163

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=IKwKGgzgQZ6pGOUMrs8YIw HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814057500938271562&gdpr=&gdpr_consent=

Request Chain 165

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5342351800892741913

Request Chain 166

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a2fe554b-26ea-11ed-a8fb-1a7cb9e30206

Request Chain 167

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2294b703ea-903a-47a7-bbb4-fbd0a5847820%22,%22Time%22:%2220220828T160111.875322%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=94b703ea-903a-47a7-bbb4-fbd0a5847820

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECWK58nFZnQJ-t779WK07sU&google_cver=1

Request Chain 170

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fa289aa3cea272c871d77ce425861fbf

Request Chain 172

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=Klmmd_3e6g5NgxP-IUWdtDc4dAc4ZgAC

Request Chain 173

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DF52663AA54B8204

Request Chain 174

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=2765703662372067994&ex=appnexus.com

Request Chain 176

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=Df_LKwfwLkxY5sqYFYreuA&ex=rubiconproject.com&status=ok

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=awL9p6PbR3iuNjwTqrKdQw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 179

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2D48910B632B7C9E1902C3E21A

Request Chain 180

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3be4facefc1e363124c33e9e6e1823079f060e1d7708e976d5fe4f0816f50c73

Request Chain 182

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=8627aabf-4273-4768-bb2a-557abc94e084-tucta0516c8

Request Chain 183

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=219443204257002507322&ex=neustar.biz

Request Chain 184

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=722a84740f13da0792d843830a309c8b

Request Chain 185

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 186

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0-5b7a9510-a46e-40fa-abdb-efa1d5cb3065

Request Chain 189

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=c08bfde0-63c7-4779-5fa3-5ae6f03ced21

Request Chain 190

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=f28860675314d29e63d9aa9c79353&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 191

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 193

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe6857f160abec65

Request Chain 194

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=h2oy0WA8TA61hW6WiUPSuw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=h2oy0WA8TA61hW6WiUPSuw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=42861391711458597590802334923768946017

Request Chain 195

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=IKwKGgzgQZ6pGOUMrs8YIw HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814057500938271562&gdpr=&gdpr_consent=

Request Chain 197

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5342351800892741913

Request Chain 198

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=a2fe55b2-26ea-11ed-a8fb-1a7cb9e30206 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a2fe554b-26ea-11ed-a8fb-1a7cb9e30206

Request Chain 199

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22a6c67d09-b004-4d2d-be02-527fb7565a9e%22,%22Time%22:%2220220828T160111.866145%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=94b703ea-903a-47a7-bbb4-fbd0a5847820

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECWK58nFZnQJ-t779WK07sU&google_cver=1

Request Chain 201

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fdae2b531ef99d3baddf944af058f3bf

Request Chain 203

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=Klmmd_3e6g5NgxP-IUWdtDc4dAc4ZgAC

Request Chain 204

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DF52663AA54B8204

Request Chain 205

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=2765703662372067994&ex=appnexus.com

Request Chain 206

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=i-jfe6rrs6owbfe5nGC_s8WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 208

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2D48910B63287C890C020CC406

Request Chain 209

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3be4facefc1e363124c33e9e6e1823079f060e1d7708e976d5fe4f0816f50c73

Request Chain 211

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=ff93ac2a-b2b4-480b-a4a5-0a6818c9e293-tucta0516c8

204 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ganhardinheiro-vtxwsp.shop/ 488 KB
47 KB 428ms
387ms Document
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e6b6f3f53960505909f47d1b621e262db8546a835bed953316e0afcd840a807

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 741e438c0fa78fd1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Aug 2022 16:01:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igWdwIcoQ%2BMvm6dqNWpSRIrzpaauH6E%2B7j3N6FfGpqtXlCBwxuakcwXJ6Mfy1fGRyFvcgVPeWyWqZyFJt9IedNhgbikaCCn7V0MytuzP03%2FJ%2BM2EeCvnn446229YR%2FA%2FY%2ByA6lxgKuuOrYw1YXq16P866n6UM7nsuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 404 events.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 344ms
335ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/events.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xx90JzUvF0xwsRIOGtM5PKqx5N0wLHlqezBSm7YzftDd91nTssk3Z4DuxqRQLOvW7WCnD05WiGCXPq2aynERprBw8MOCM7vSVw%2FTfSoevdQfXSBg%2Bh04qS7Wd60XdQeNSKfxepq5C1vphakOKG%2Fq7P15D2lVasUNLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e438eba308fd1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 bat.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 342ms
334ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/bat.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnCh78RLHgah8dcgJx6tR5lsUpk8jJuRiKn21xouwvK7uV9AGALuY4nAeJiS%2FeqeourgJZzxFMiKEk00SRRUIrA9VN%2B4XKHFNy9DS6%2FKGVmbhtEdnJdZFo2FmBTZlVnubqEJYm9j4LNSJRBrtB2thZ%2BmcbGyekI1qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e438eba318fd1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 282008447331376.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 346ms
334ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/282008447331376.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVs0T5LHB9MmAQEtnjxM%2BXH0RWkiZqHB2o39EVClJj2rnMN0jPNlzynf%2Fz5rlHSO6qZqNSQ2rZV9a9BscGKpssEQNhfUDDTDFIL%2FagghaIGVirsZIThRc2Xi5bQBMz03hPecmRJ9Zp1WdGugcoX98MT2JSwyQtaeNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1190e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 941788543232640.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 433ms
421ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/941788543232640.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNptif3poSJ1yJWNzATAnKVRGg9jAs7hUaoz0xOnX8Qv3X%2FF8FYQS6k3XbOxTqZbtH30QWBAA4Lc9J0BzFn08o57xZkkQOAcvKenG2TMR5uGUlnND%2FhA6j7RyAZ5iiRrhVYQ9t1LEZH0Fu9EJJmKFL1A5oA134ILdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1290e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 identity.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 376ms
364ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/identity.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AffMwFSjhZbSdm5rK1ZngX8A8pU6T5iOGq1T9c901vdU18kCIaDkY3Jbt3Ry6zlE7oveem%2FotBDxBMxzl3Dhr9333PBBTkFkqJ5ZLh5DiHpdGBtkHoxtPp%2BvQdAPU0shSPWmSTgWPzO3wcRCkb%2FiYx1b0%2FJ77SgaPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1390e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 fbevents.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 479ms
468ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/fbevents.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9Mb9jpMpKuAY%2FgU2e4DelsYjPxFUXMLKAEwHDYK%2FH2hN46r0p3JCWQ%2Bj6WkyIhpcgWzH4UjOVB7OrVX9OGRdFLOYyHgozVJlXX8PujAs9hclMmlNwrk9pYRURGyx8SYC69xuophDclvEya%2Fd2k3dfQ46rQhyiUSBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1590e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 f.txt
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 434ms
422ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/f.txt
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duCRT5JBVpun%2FIPVXCBJMo6QhVZW6UdIwT0bBYjEV8HcBmeIfXl9uMDX9qbz7nvuO6tVd7c5vGy5J2TwFjRbi7IMXUzscXGI7A4EjHEJN8SrNWeshin3u3ue74mmdGBYBHcRHPGm5Xqf%2BiqasHTi8%2BiEXuDFZDtylA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 741e43931c1790e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 analytics.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 500ms
488ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/analytics.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilyzRKIAiw2WNQjBxKIn4pne%2BGjQR52t2wsdlucIpua%2B09M8i9402p1TAVCFMU33dhc%2F6c%2FwuAbGzhhIQAxi4q9ajN4v8yhYchq60p0dXeRtWUEweS4UjwIMA0saHqyjzsrFHTciO8g4Ivhd%2FGNftlEPfjqP1nQvSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1990e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 recaptcha__en.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 438ms
427ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/recaptcha__en.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
Origin: https://ganhardinheiro-vtxwsp.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1eXPiNXr29tgZu4HDZ%2BuM391hwe9Cpe0P4YQ%2FlFhymhHDZmHkoiS78rn1sI3TNls%2BNej8BFl8MG%2BHZmcBaDcDWSKPfmiCtpP%2F%2Baj%2Bn2L750%2FWz0Y9Hy3gZ%2FMSqaVTSBiMQKCY5OiuRAx3XpxrJsNvIXTyEGCMVo8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1a90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 gtm.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 347ms
336ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/gtm.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmV%2FwaCfvyS2HkKDzO%2BT3qbdtiPRVfeS4rA%2FYfBe4ycWeGWI1SDUvVdOktIPBB9L9aDqH0DM6fkh88BJIA5mtX3tket2hm192Vs%2BZK%2Fn%2Bb%2FvPUIwqSpy6YmyDyL%2BG4XKWxf%2FYpqer2PsSFlBQXxDjqvfaEQAy7JIRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1b90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 track.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 354ms
343ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/track.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4m%2F0hpKVTm9XMXm%2FiebsZr3w856v1Q0L74%2BUYExQIU8TlX9IezKBcD8Q8Wjdz6G1b%2BWTY3iBntqGNx59PTS60MgejI0n7W64P7%2FvcqwcMOb2X1NqGS51v1dLU%2BD0Ke0qzATlu%2FTnfGGLhbDCRgEp01fcu8wCHihvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1c90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 jquery.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 344ms
336ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/jquery.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ3uKE4A4dUd9k1AdxcgjXH0LOztlC11A33klcSld4VLgpapOlnTGij1Me3PcuZ204HHO13klBY%2BxkQHfQGyA3bMieV1uizTQm4wO4kDWAla9L6rw822NLEkAyiNIiVa38ZMhlcPOAeFjixa8bOOjw3xJLGOKGhvEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e438eba2f8fd1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 jquery.json.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 350ms
339ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/jquery.json.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucnBeuw9dzAx%2Bp%2BUjFrWB%2FESaB5kYPLcXVaiCw6RGTo86gY4ObHPT%2Bi9hMP0w7Omi%2B5f15BSxkdkIsBUzKtkQk%2BxjSLxB6q2tmdyW0OUpuJgErple5mS4fo%2FHe7OwpY72tw52DBZNQuGzZJrwyxjLS8fVexN7OmP1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1d90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 gravityforms.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 393ms
382ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/gravityforms.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkIBODdNC1cekiTMZzKfSI%2BfgKJ1VrTfFIX1A2YQkpvBhM%2Bq4pqwUObz6lfb0RidaklRExTkyr7XKiVB61rBRTi97xJ3VyA8JoeyUNznoeTvYUI9cvKurwlD%2FOa0DLeP5fZR0nqTEG09CXP2HHscTyjxTYXOBKF%2F%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1e90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 api.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 425ms
414ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/api.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mf4GgCDPl3nWm0ahk4zYD27JcRxBRbZZ1ySYVBjZa6nmZrQH4B1LzPC0lUde%2F0Hch%2FE7jhRa8ooBsGRKtoun6CIWWlosQsKcw7go5HUXfKFU%2FK0rgyQ7ZbzdHls41J%2F7A4GCDfdqXskBSly2ZFIOvshR2R%2FOml6rpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c1f90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 f_002.txt
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 343ms
332ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/f_002.txt
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSzG7HzW8ozY6eOt1grnSjkXpDaFdLj2ieWuW43A3U4a%2BNVA2b6qd6TtAxZ5aX9%2FMilWqjF1uDvFKKvXMwIoNBj%2FAd7vySK2VLuFvO8kv3vVNdz6XZ9edREbElMaeTIBRAGELONuUDE6wd2jr2wIqAuXQDqMamNGgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 741e43931c2090e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 4049230.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 452ms
441ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/4049230.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PMDjnZgCHdQaoxv3ekf203UjH1M9s%2FY4httww8lKPhrDeS3D0ZMsGXp7WLv%2FsKCRXVWOJjjEjwYQyQIZ2EeK82t7hm8i9ClZjfBZkwFNAfrio4WOVKrq1cilAtCwYTY53xIijtpn%2BWrWwmpYFvnL2cfbZj79GiIlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c2190e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 fullthrottlelims.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 454ms
443ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/fullthrottlelims.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwkrL8U9S118gDicWdEmCKvhY9XPhLwYG0HOgVJltKdqe9wywJPxYh1DDobPB%2FyRsL49kGpQFlTnAcr%2BE9UdJueaii2eLCGlePK7DsuY62ksgAj0WKR095HCtFFscWnaIjOwvde4tZsywMaiaY%2F%2FF6khy%2BG7Y%2FtLQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c2490e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
ganhardinheiro-vtxwsp.shop/ 488 KB
47 KB 349ms
345ms Stylesheet
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e6b6f3f53960505909f47d1b621e262db8546a835bed953316e0afcd840a807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfkiR%2Bj%2BuuWjvwCZf0otPnRxUVriHUuKXgeUox%2FawY5WY6LvDt8qo9IpvIwpSGQDDz28NPYWNIa7AGZI%2BKatYRdChuX1HB%2B%2FVHB8vev3mxR5e%2FSyPcxKtEW1cCcKaqgQbSJKLtO2fXvZpOKn6OWt5GdnsqfNPT7BNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 741e438eba2e8fd1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 logo-white-new.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 425ms
414ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/logo-white-new.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crIEzjiaPbkBY9ki1mdOJEst6ym2fgjP2gtow1oOay08tQm6F%2BjxJirU6WIUL8Z2aJ1TRqVViJMBUyJme2Lay59CwK1fOCPlXhwlFxNCE6JDpZjMgSZcUjE8TOIWvSJkufxFIoGjcZm7s8RBZsqHlBT%2Fnk4cRZrAxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c2690e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 logo-dark-new.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 462ms
452ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/logo-dark-new.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10au7Z2wzZiEldDeNOFUmOua5oq9ex3wNQx8UWvWyTEe%2F3IW9FUShJgoKXTcnn88z28TnX6xWAxxeuMkYKvFuz9Ce4HS9W6HU%2FQ%2Bh27FKjFhzwTnQNysMoRhOOGb7aaZYAAIg2zTdMfpplrNwDcrinqUbDa1ZRTp0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c2790e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 header-phone-icon.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 391ms
380ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/header-phone-icon.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3%2FqPihu4VHvPEOhz7bAUlkVJV92RhRbmJgiRA5vql7Jy1NwNitsAKLR3pZNeVDkAc9QlPA4QkCrLjUYjdD42SNqkY5TsRXGPfleNjGLOFt6wSYWLPcJ8fZ%2BH5N9kKUwdSmGSk95FhU7qwA2MctlYKDlLPOAnJa5uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c2890e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 sticky-phone-icon-blue.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 438ms
427ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/sticky-phone-icon-blue.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMm%2FUKB3264ZQZReSJpIUCs2XCFEcDhExqZgNouwBPlyZfHOmCrHnMYOyKPeohFQOv3i2ksv6hys70emIucZHzGpC0vAky1zPuMOZfomAIJh8aq9uHEdpoaWIGYphFQ3NcQpY2RgSgb3PHHYCmlUJrbuVDbtDofCJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c2990e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 logo_img_sep.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 471ms
461ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/logo_img_sep.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2PIR29nd0HWor1Ntq6YjQm0MS%2FMxtAM48nfCVRmj4nYuhZZ5uizPZRY5gD%2F4F%2BGnRMgZTpIOi7GSKyEd3G9agjLswnek76sKWdwEnsFs2tmNCuQXn%2FteMxf2LnqA6ngazo8lMcuBLbjHkLtRM3khWNU7%2BqDYG0sYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c2a90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 mitchell-ceo-woodbridge-600x770.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 455ms
445ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/mitchell-ceo-woodbridge-600x770.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIrXdEv3yUdLYWNPqjWlhomxC0OudRRuHmXOODSGNeRMcdm4Qk2UiCfMB7gw2bjTuUMW0%2FsyMrB7Oziw15ut0VVDU85wKuZVbFVa57%2BOj321rxBblftyQhg2%2BS58xJNOOgmfYoIPmZ%2FbABJgnzVpB5Ywjb39cl2Omg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c2b90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 testimonial-couple.jpeg
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 440ms
430ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/testimonial-couple.jpeg
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMHKIppwGd7kIpSKhOEMiLNXG6gRvYL7xvAi%2FSslokFLz4TStaHCWVc2FNx9b6o2BtSs8XyNx%2FAj0eV%2F9WgOSWM%2BzPDwM4NJ0g4pJBoeL%2FOuMv%2F83I7uqxR9968nRBBoq8grtPeF4avmKh%2B4om1BDtSEQnuMxjGMfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c2c90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 five-star-image.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 472ms
462ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/five-star-image.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbCTkZuospso9WptxFNN%2FFl3%2BCa4DwBZVUNkEGNG1JXz301T%2FKk5sEACRJxeVip%2Bg2mqEPXhYFbBCB5NmzEH%2F6kdRak%2B4lWZ0zaMyGHC0KpRuFXBNFkyZjoCA%2B%2BjA7nKzYgsR5ykIBNFkOVsthvrZO9QXeXGVG%2FClA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c2d90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 icon_windows.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 478ms
467ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_windows.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opy8Zcm7AEHUy7yLxrZ7EB7P6RNIgTBNqZhvfH9KCoHNLD8C3%2Fp%2BVXb9gff2NVmCrR9DNHX0RzJjqbMMy0uiKPBN5nWtBfl5LAr4Vp0CVEl8JuUup0HC9K5H9KdUgzH29k3FdJFw0tP30RkuEBgcnu3XnqanWLTgMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c3190e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 homepage-orange-right-arrow.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 463ms
452ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/homepage-orange-right-arrow.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s51OuNIiNljXBn%2BkcMJjZSDGMbGcAm25vsOwDA4WF8nxjpU5akNBZ3SiOuoePS0gIEK6jenbu93d%2BW86CzLWR4ozsGoGVynnYIwaprZ6vtfuWgOpS7N0irXDhBHup7xtn87dlQTyZ97lkd0BSiI8B94Eh%2B5okx5ddQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c3290e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 New-Project-16-compressed.jpg
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 415ms
405ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-16-compressed.jpg
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6xvG5KrsA%2FGueGhWf1qn82dfsQRdBBY%2FeDQap5uVZgTQP8bUPGGjSc75ILakTgQGZE0G7sNR3levkPXZ1HAPdcxDYF2SDHoAWWOiyLNgmwk%2BPsN0x6lqpUPBWEiAARMaa3sej3Tx3jwWxtGXj58FMBVkLIQhP77Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c3390e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 siding-project.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 418ms
408ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/siding-project.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scv7bPWKIGaQFE9Oj1AWUuEODMhOr5i4FnHmYRXB006Qoda4Iwm7eLbAERZV3ihnJJKDEsigWZrglmcCgk8TpiY6I8gtdBU4SJWsEDH%2Fh4vR18GD1PsQda1jVQpgLWubKzpqrB2ZE%2FGjpxLRyh2a%2Bh5u2GK5aLmUDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c3490e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 icon_siding.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 504ms
494ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_siding.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHpGFPu0MBaWEOfOWp0WnWA72Y%2BM7vG7fTXNXaJr7dPy1uptx7eyYHSmNlgdVZjvO5Y81xMnY2FKNqYMSkuUKOi3Z%2B8sdILM8dFtcUNlX3m0FJswY8D%2B6ae7qYqGePTFCyrQO0dXFZRLeMtZQ8jwGoLj5eoxv2nycQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c3690e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 line-logo-short.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 488ms
478ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/line-logo-short.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LUjv%2BSgCo8rMBwWvKR8xleesYiRrueqkhpv%2BpDYzHvqd2m%2B0PCLPn6sGbuYyCPC9SJR6Jke7FDBZzcMCWEC8MMOHaWeAFAgnnYY9tvxpARi5700e8xylPZOemtm9xFYX7mlBs2XtE7qqABc4XNnomQe100N9%2FwO1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c3a90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 icon_soffit.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 443ms
433ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_soffit.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWoi%2FN8ni5IaEz79R7RuXeRoO6qxEZByzOeNIKRK81TVTPjvY9KHb9%2Fr%2B0XoCcBDe58xkifz4AprCMkSdzkx%2FHhhYQbXr1cn8Kl3zHBY5bWQUGaauoU2OKHhIOE8eX3C2PTi6XEhLImfZWWQylTAzcG1zBm0vtHKmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c3c90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 New-Project-28.jpg
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 464ms
455ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-28.jpg
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vJEHo0pEKEG%2FsSzxpjttHY%2B%2FdD6OURzw4iVPH2KXJ9YJysyGysqFjcex%2FPBM5ujEyMu8Y8R%2BO3i9LoLneG2XaIGIJk0WXuNeXplL4%2F1DMpTb81%2FfLn7oSk0yBb7pgSnI01%2BnNCvfvRK1RvSjigkv2BDvQsL9K21cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c3e90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 New-Project-30-1-compressed.jpg
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 444ms
434ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-30-1-compressed.jpg
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYZcv6ygBjiNssT03PZXaP2Lm7VUJz%2FfesUm%2FG4nSooOHvSDhDdKsfiYiAttQsQAdAlPkBfKrO2RJQrbbaLSTDO64UXuRQWeCD9kDzkGPuY1l5iroPgpkOxG5SJEt8nJux22Mxs2uRbNaNCeFW2xjJ%2FBiQohz%2BBY%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4090e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 icon_doors.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 504ms
495ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_doors.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byDDFkw%2FyCpSEce805N%2FJa5xYRA5pirCZCRxIEUfOimarWgH9nFgtWuTICZMspMUi7cIa0VlA8VeIEtJq0PByAFu91SFQKJZwwHVlNz3OrzhIT73zsbC0is4FHYof3oEYaScVl5%2FXUJAA6BgwQ7IVngXgmoAsSp8xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4190e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 kitchens.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 411ms
401ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/kitchens.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKGfPULMipx0DvtcaDcufrABqXjapfYSkvaIXMGeytVJlvp%2BVb2Ey%2BnHqHfXEAd112NpHFxtXvhGuQ7t4keAbeucouEEvT3kZTctKBTvZQ3yJDRaByYsiZ8rFmACX5mMZMEgbFtkPP0pRy%2BqSwBotUVm2Q%2F8g3Fzfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4290e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 kitchen-homepage-block.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 383ms
374ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/kitchen-homepage-block.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Czp6hVdO6VhaUv%2B72JOHen7RWAiAWvIruO%2BCJV1nlRqCYAEeYXo2y%2FKLffK7580B8TPQFtiW8Riiwbze34W%2FEa0IxONRQjX2K8dOuZpXnSf%2Bnw4DKm%2FwDunOUk5t5GqMnWeVFtZ%2BoaFSjXhmqG2ujDAYVg3SkAYLaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4490e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 shower-bath-background-block.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 454ms
445ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/shower-bath-background-block.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubmZhe9Lkigr21OndBWuFj2ejg%2BjmtUn7157Bc29OmWE5n32aZWJc8emdBwz8CO9KAVoEpgHqeTB8HSdtFMrXMp2Eo0HopEQ%2FOcbS0jGErb7l58XIfTQ%2F9vhyNMJ6Hut1VkCqgfFMIc%2F0QZrkcmNCGQJf7k2sbtXvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4590e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 bathtubs.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 380ms
370ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/bathtubs.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwOQ3kPuinVsW55V4cRSDKI%2BF%2F3AvkPjBX7qpBRTUKT2ezaQGoqIX9qRgdabupAEwbo2R%2BPfzugQIrRmOh5V88rWe7WPLVsbf0KrrdLw4nQ3O6ClC4utwWUIIyirDD%2F3Jlfs1%2B0m7bF8%2BLOE%2F9OQSOG5nY9cNW7KPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4690e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 30years.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 455ms
446ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/30years.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnN6VST7alYivvRZoUSiRfKJ5ctfSMZ%2FIQzMjEyB7U%2FxBHGPVF1LYN7%2Bm15rwBnhLc1PshAU0pN6M1mHHNMQ0CH6nGAQAL4w3NYu2dcjHQ%2FmJdV5cx%2BYes9sCg37lNM4XwJTlNIygdiMjti4MwqpUoV9kujTxItJhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4790e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 bestvalue.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 412ms
403ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/bestvalue.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g91Ivtojp2C6x31zTUQ52jdIPpa9E64JkDGtAPBOwKizU3gX%2F9OwwNOJxOTKZkoxWdvqFl2W3cjxXvM5UpCjLYzOXsVgO9doli3D%2B7n3VIecwW9JE2hSyaZt5sL0NygiQuCxnGq4QDv5fXsvFwA5r4yXAoscFJ%2FwsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4990e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 consumerschoice.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 444ms
435ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/consumerschoice.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tH8JoFq0s4hEqGbl5d4qlRKZshbQDadFMVO0bg8%2BpNTcVGfacky0x4VePWVkB5mgsJqw91FPpuoR0RRTtGDLhDNp02nenpru5OEVvcFKIzebDIoKt%2BT7ztjFzNtj7nE2UXf0Mn3dj5ICd%2B9sg1veOMJciWOyXMx%2B5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4a90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 goldenhammer.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 498ms
489ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/goldenhammer.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuF25g6h3ceu5ory8TWCZpMGCwwrNQ5785SM3fk8%2F3arfi3Uwifg5ymwLMnehMppBrywNPVFy4ngM12%2FQPZQYkPItK%2FyeG6JI1690%2BdndyaCAIb1Bt%2FtqoNOGHlJoLPRo9dRjvu5DO6rrqZywSYRNgBRBOX8I9zKlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4b90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 guildmaster.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 383ms
374ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/guildmaster.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAhE4PoPcHY1lUywCiCO%2FlHZ8Jx3CNl8knOX1VvOTUp8aFv0IebACqanOG6x5rVwTAkQwTvJsxpK2QQLJoIsGi743pFD6F5%2FKaAyjQ6qo77STnknsOMG1IjzvEqtmUv1bzb8VTaoxE4GrUYi3M0Tnfj3X8RjH2VNYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4c90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 icon_servicerequest2.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 486ms
477ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_servicerequest2.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nn%2FObGHbgPcVkST360glpM6eTIeh977ja5CkHKX%2Fr6V3L8qEjTZDl8f9XjFw4qn29FEvCwdCErZWsztdIHMJYFORuGd3czh9olyIkPNjeJPq20DNuDWznX8Mnr%2FYAgeO3kBNSiO67ZGOqdGeu3juPrc9kesZuPZvxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4d90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 icon_financing2.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 386ms
377ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_financing2.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34l%2FRu4vBytRUGg26Uw8ogLCs9RgWcBcGIm8SKDURhJI0PGpB4IpoJ1tFlHw%2Bat7K1dasLjEkjx9G1BISqTIx8s7M%2F5IZ2CYntYLQWNK8AZvVYoRQzhj5LYxL98oQj3dkDp%2BxctvB6Io1c%2BpuDdze22SFhy4R%2FJ0gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c4e90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 icon_specials2.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 463ms
454ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_specials2.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BTyIqslV%2FMwPsksf41x6v3uqyrkgDjwyOMDBPEzWh%2BWqj4rKstcK%2F5Q2sf6Ny48P6UK%2BKmoxilvi715VuzXKP7OvU7X93tpphY48cZXLr4Qh9G08TPl5Vcad8oQEIHC2PyYRo44pd1JiXEuJ2a7SX9ctyy4KFi%2F%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c5090e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 icon_recent2.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 386ms
377ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_recent2.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jAIZLw8wsVeMVAaT4pxH%2B0noi61DCI3%2FoBAHgsx657yNGTubUA4oE5A3go4SAdym8%2BDQwlqqn4vwFSwuRn5E3HEOZ4HcolGr1W6opAe4GKAZGkgQl9wt1wlj4KRZ%2Bp7SU595yVTnGAyAhqkkNLAT7RMaBjst9oGtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c5190e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 Window-Shutters-600x441.jpg
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 458ms
449ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/Window-Shutters-600x441.jpg
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIUDQNL5FZXAFUCFRjzDyeDXiKclfGTjqXmLTWlUR5tZsEhLtXlcvZPXGj2phTHk5eYczTHLcOdPQwaFFpk4eEWrnuqppJrXDwJ9Bu6gx8Z2KSjl9I4dBVESh3%2BwokjbpxjuW%2BE1%2FjlbtmwubYhwX9j5pAdmvOUhww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c5290e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 New-Project-41.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 494ms
486ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-41.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTahFKsNfb90St3FbDT4WFJFDXVtwZFOjlWpnN2Z2q9FySMhre%2F0j7cMmgsyLwj%2BiULQCJRhOyQGN%2B%2Frc%2B98w%2Fl6khifY3r8XM0SFU0e1kKFIYwJgexJg6L1Ndx0DjYxWJG8wz9PkksM0btKRRxOo6rzxnpewnMBww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c5590e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 New-Project-42.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 444ms
435ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-42.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdlFPG9LqswnO7XHbTHXOSXAM%2BGp6H%2F1rlBdsc0TtIW0o5j%2BxBspJ%2BT9hO8715YBpAYyMIIjLvZiXYpUFgYvlsClsuMJRmY%2FOWwBQ1m8A4sT%2FEtHHJcZbUlcmsL1A5e8o4sPa%2Fgj4z3yr6THhZ%2FXVx0yb0B6BaQcHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c5690e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 New-Project-43.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 486ms
477ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-43.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CfwRkQqfrCeRxWm8UPUrjfBlS8BVhgsbaC1PIkOxcuSqP%2B35%2FL8NSq%2B%2BOAS64OooptnMzCq6CDK6TGC8F0H1wXzExB1gmqJyJ6USHljPZ7V0mRKl%2FQeSYSXnzQoTi3JUGaDI8yFGUI9%2BtURqshs81px0h3H7zG98w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c5890e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 nari.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 444ms
436ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/nari.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FzVab7QuquNxkLHGgiKNMjiT%2FpZ4r%2BQ9PGFHs8uT0PL19f7oNR77r2INhNB1JLEh5iBAmOPPz1Lk%2BXPMFoxumhBUOcvyXvtKVNXxYBaAnRjJhOOo1G%2BN%2Bo2uBBlpmvyJ9XP5twleQlSXCg1OVisJRLHgy13nLobbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c5990e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 Porch.com-featured-pro-badge.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 487ms
478ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/Porch.com-featured-pro-badge.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvygmzCMAxB2bzh0PaGJX955IvwXkoQ1FqcWBRzBG3xhBKkgrF72V3vAzEaDm3PBecq3EB1DzFZ2CZDW%2B92A2afn6rsMkvhfd3mSH78y8mkWI%2BeFB9HTbAJKZNCPJCHaAlj25tb5Qcpw29PiiZbNRhGiAuQ5zv8pmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c5a90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 white-shower-logo-large-400x109.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 486ms
478ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/white-shower-logo-large-400x109.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xm6%2BdK5AZN3vJDWRsb9AeVLOyACsZEaZywlFfnFTmnwvY1Dr2bUybu8FAkGv397JKuZ27LwtEp4Ih3yYmByO0Rb%2FnWkDgWtDNl%2FO9ALBdaHTGDi4TLJo60t5%2BnNcIS6auWH5cUsPMnguCDcBAQI3JEQOi%2BPtY6o0yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c5b90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 custom.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 313ms
313ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/custom.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FD6wbAd7wZqipDH%2BKhc2C0XEkTyYIAK8LMHQe5FcyedixkQAY%2BfztOSFJyfcrdlTKgNIFRqHCdTcLcu1bnjeBScMZtzyWGZOrx1yoj%2FEzfsyeRgIs%2FGLJM7DsmygAQ%2B1Umpr4URCnNFou60fd09Ne092kijMTPCNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e4390d95290e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 regenerator-runtime.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 346ms
346ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/regenerator-runtime.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E41E56AY%2BgFWve2S46u5N7s8Ukun8rC0zeC9MI9UjTqNbzicj6KMxVJ8Vu75gzaGglcO%2F2qouns4kxjsmJAqGzbbHfvUDRw527H873LiAIL3pvz6Rk6swoGulqOOWcHAdRatU9trj%2B6LtwHgSXKft00tX2sg9FnNhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e4392cbab90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 wp-polyfill.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 464ms
463ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/wp-polyfill.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0UBj11KrO2uylC015bato2am7XfRx0sJSdMGUkWhg15KWY9DLzg%2Fsi1nxMQPqaY9xKXkfXf3PD963dJelsHQ3vj6EmNaKKkA95uXwNx7aZXsrFlznt0lGjj1EdmLRPlkX5Zmm7VP8jIXiPZfNeWw4ywZory6bI%2FZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43930be090e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 dom-ready.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 316ms
305ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/dom-ready.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTR1Oi8vnAR1fU5uXv%2Bn4Ebb5e6unacOgLDI1yqfojU1x%2FLQY8TZSDbR3gubHCvH2%2FU84spownEZALCFY%2FKYzc77P9hNDwZKP9C%2BW6%2BiDvFmq9qI62vWXnk2SSi9%2F9vckTZIuWNscJbarB579mgEJOqh%2FQ28JIuf7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931bff90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 hooks.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 391ms
379ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/hooks.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEhjI2vVuQzXHT6bfuPqjE56cdViE8XWA2tKdh2Nq0Mb%2FNvzFW%2FIY014q%2F%2BEx7vYk0SXm5dGWvbjIQ48dAPlBcuOJ46z3TDq65HNdKDyLS6ERbCk1JHgu8y9m9DhiubEdWcq7kPqYoLgXKYJGNmvEMy8Qgqg4A41zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c0490e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 i18n.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 506ms
494ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/i18n.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yb5IGIDNgcyObD1dfTuxK%2Fhu42mGQcYu7%2FAezDNnGRBRPVG9cMP07PxpWr7DRjmZuLroW6XjMj9qy%2B2cfqCKEMxvGTJUQC4QfzHxcI698tFfxSLdAxcqmt9vW0viObOaQShLD8FFPTweec8t0mOZuT41TNYq%2FoEZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c0590e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 a11y.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 433ms
421ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/a11y.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO5l6LyjzsO1hv%2Bx4IYT9IZhQEayKYZAHEl%2FKQhRLy0MMRUNo0EqK4Plzg9m022JqqBLi8AyD38f2WDQq2RoK%2Fmjwto3tqYRHFSG%2FT4GL9fi30%2Bk%2FsqDF0ysI9Fff7GVNiahgCD4ijlwpuXfJPPX4QtnDGJzrV5sqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c0690e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 jquery.maskedinput.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 454ms
445ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/jquery.maskedinput.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1ltXnEHvSXxX4DFStPAcZa6u4oBI7aBbUSOa1IBEUq4wmlXJFEZwJQ05pzlA8i2s5uHMx4KuoOVZHVZIZQVEPFH9%2Blr%2BuNWVmIAEZrgkEVGihfC%2BTQJ6YkZWvRTEh9Lsucc%2FyOfMQ7zm6%2BGlfSEhO3CwtHXnucGRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43933c5c90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 placeholders.jquery.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 444ms
436ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/placeholders.jquery.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ2OsBmsGAGS9Hf51CvbRTjVMTycNmp2QOailLn63LcxtADzb3gWpsGkY2HGUr13mNdJL7ZgOh1Z7hOU0xuv4jBk0xnCtwb8F7a3WY96Xmw7rCkkisPA2qoCerQ3UHklA%2Fe2zLv6obNeYS32Pta6ZQpScrygEkyYfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43933c5d90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 heartbeat.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 425ms
413ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/heartbeat.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6hIV6h4X4L9gZ%2FGB7plSXaqg9Bws%2FXwVbccWn7qCOfydSkAleElRlcWbLVXFAfUk34JrDktYknXouqfWDpriPbazokd9mxHMRlSauo%2B8QdBBH%2FldcSYG8GD2dNSc1nTIIirU8kloWeStuXhoilGLw487cPMokcVVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c0790e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 52282ad0a5602927f6314764b3261544.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 384ms
372ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/52282ad0a5602927f6314764b3261544.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAAtuZiykUYYufgnWiDWnTLz%2FPAYp2pMdhlYPczrNahP2ysSyTgCScFvM4FQ7UZD3RG384uUQRIea8IRAf%2BnB8HM4i01MOJ1ysT1HTxi71EBcv8utTu%2ByHbNef6vwp9ZkVJLQ9X7gHrorlimUtQ5L5S6uu%2BH0beIjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c0890e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 lazyload.min.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 455ms
447ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/lazyload.min.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39FhfmBDkozGRN1l6WsUf3zkXqwN5%2FQUHTxzUZYtZGWPSD3Yriy3EnV%2FsFuh1%2BCtABCtTKR3xpal3nsQq3utsxiNlEYztdY0vpFLSRJM4sNU84l8LgaLOtwU5A9Dgfh%2FCqh1AsC41F2RNMnjh0np3UrlsizikEURbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43933c5e90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 swap.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 375ms
363ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/swap.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ihuqnTqurUvECwkkNnfaMzuAKvNMAmIb00LiBX0pQxd1C45mEaiMr%2FIwFWV9obElT%2FSBYuVnBMJmFLkiYUGQQ1Vk7iYVZgJMYJWhNAC4MKeessoVTd0WpXN45HOVekYM7G1S%2FxtAZVcohqoK029%2BiBScsMuOdp6Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c0990e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 blank.gif
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 457ms
448ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/blank.gif
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Inp3TY4kcS4dGkoV8LubqJuBf9E%2BI%2FwHJuz45GNKv6338gTrO7Vp6XbmFfJGhnTb6y%2FQFjmfHO4lBtb%2FK%2BDLNoaxTtALlXAiYBlXaOtcujkKPbzDvadLwjNkOeHFZS7LbbE6aMYTi7meABAlHtoGuu%2B4uIGoCEby6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43933c5f90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 lptm.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 392ms
380ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/lptm.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saZqoALB4fg4k%2FSPlpMMkFpBupRP1C42IzLa3Ma5P0kFRrvaXOYZl6mGw%2Fr6vsz2AhTSK1qKUBm1f3ReT74V0DIL8Tt20Qk2imxMAblM8p1gdoaWmw3oKkXbmOG2PIvFc9a3L9ZE1yj8ncyUuLsGrC0grMtvlAVX2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c0a90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 0
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 445ms
436ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/0
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELdk1Pvp88rAblK31gxJlOS2NA0qJ%2BxLg1czNndSHVKdksfHCVaXJxS82gTEoGDGXChcqLKEPWAyrcenS9CeILcBjSHSnkm1CFCW%2FbXPMbYrB%2BiUvnkfWRL9HcPVkhaOAWCQRPR3cBbSdtlhgxB4ddulHWDXVJ8eEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 741e43933c6190e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 external_forms.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 177ms
166ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/external_forms.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHaETwRfxPuKrTJSLlScK54T5IZHW2F1Var79iG0PVm%2FfJfCuF%2BJmPmK6NLzpXdl6mgvgk8YrFEas5UGAxImOfRCWiXcjWgUc9E0NINZv5Az82ro3lQ%2BqoMA2JCVtFjBO4uXYXzQMhZKzlnDQJ5EuFpioU1%2BYkKEFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c0c90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 icap.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 479ms
468ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/icap.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VCzfFsufcb3KZaJRjjh1VJQlzJsZN4p9JccbUrgglIiS2%2FuOO3Mc8qrbvzwsbn1N5OyZc210GifFeu5vsWpjrrGEnc%2BtsX9buS6JdCV2QPvv%2BFjOrOAk%2Fo24k4IBF9pBd%2FzgTA27KrKVFhdSgOWsNuNqnnb4K5nAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c0e90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 poll.js
ganhardinheiro-vtxwsp.shop/1_files/ 0
0 389ms
378ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/poll.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnUJjdU45LbxHXDFY9y5lmnTcU2R36wRcw3%2BoEaVCSkGy44voSiZQx7ZeC3H6OekOXgBMxDWMqkGpqSxBA42cSdfEyhG1i17E%2BAJ4zeWvHgww4gK6h4m7dkYdNqGPt6l0gfJLgM8lJwWhjmJJnwWYwR85pazzATf9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43931c0f90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 track.js Show response
cdn.funnelytics.io/ 9 KB
3 KB 73ms
7ms Script
application/javascript 18.66.122.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.funnelytics.io/track.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 00:52:08 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 16:42:53 GMT
server: AmazonS3
age: 54542
etag: W/"4ae1baef1263c1a5a4d1b46c51016daa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: v9ZliyJZk3t-agddLcQTq3_VlToprDA0OrQNNVwCZwLRlkevDW96ZA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 217 KB
76 KB 61ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTL3FGC

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2aedcfa49020ab8dad94f72adc4575341ccb761bb137dcb1f22a325602db655e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77214
x-xss-protection: 0
last-modified: Sun, 28 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Aug 2022 16:01:09 GMT

GET
H3 200 /
ganhardinheiro-vtxwsp.shop/ 488 KB
47 KB 470ms
470ms Font
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e6b6f3f53960505909f47d1b621e262db8546a835bed953316e0afcd840a807

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
Origin: https://ganhardinheiro-vtxwsp.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDx5uF8qlTG%2BiIcoweWcvzgfBpMijjpbsT1gf1gq6azO2jcn%2BJ6uTZ09vSgBsrUAkZlkpcXOEhiPVdGdi1mGsrNetSc3f8z7QsAzT5O%2FgOGONS2YcZAhoy7xWzHuqxELUGO14SaNfvs0IWN1dIVkkUZGxcsDhEKOiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 741e43930be590e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
ganhardinheiro-vtxwsp.shop/ 488 KB
47 KB 515ms
515ms Script
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e6b6f3f53960505909f47d1b621e262db8546a835bed953316e0afcd840a807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eioLsSeDE5banfc%2F7g2ruhSw7FY5W8H285Lzt6JafSiWzM0%2BaMELSFmZ8n48OiDyCNarFPBJJYbDXkJXeK8q%2Fi3mazTc8clqdmBtyQRxLbvB7Oba5WSDV62ZmQZfS%2BGBU%2FrdlXq5GrFtlmVqAAlxZemkJUuey%2FK4Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 741e43930be790e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 49ms
14ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d98a94c67e6e29d48d55ba2f6b415d0646af7f7313b539697eb53b34ab78c4c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26668
x-xss-protection: 0
pragma: public
x-fb-debug: 3mMVLroGVQvwWhsr6jRsrFKTpvqx8Lybh56qAANtp45kwnZYyOPsweDaUEcDFNVS+ywoGr2oJRRWNrzxOKWJ0g==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 28 Aug 2022 16:01:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1661702443213
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
ganhardinheiro-vtxwsp.shop/ 488 KB
47 KB 508ms
507ms Stylesheet
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e6b6f3f53960505909f47d1b621e262db8546a835bed953316e0afcd840a807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9uH%2BqWtV%2BDpLtFNuhYO1qm%2BUbw1IVd65OmDe3zmrO5CpC4iVVlQwtVs5t1VLhEXnoQRWtRzB6q7omrTsrfDm1JTjiwZjH5RC2fWVmur0NQbRPbSzNv68X75%2FRO%2FhFo9uurHXDPNc0AXSDV9iFS1ZnHFsQkiuLw3IjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 741e43930be990e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 /
ganhardinheiro-vtxwsp.shop/ 0
47 KB 518ms
507ms Other
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkRCCNN7VlBbWWqJTZoQXo4ZRtuEPvolK3il5gjCC3kAw5%2Bg8k0Ur90UfXWnBFvrckwCDhlKyicpU5zro8QCJHnOAWb4KE3LsXI8bslJCv1lOcT8KjxT030D1Ja4yOyeSkLNyYiOPB8azM373ojdP4fgskUwSLVJNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 741e43931c2290e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 anchor.htm Show response
ganhardinheiro-vtxwsp.shop/1_files/ Frame C978 548 B
645 B 483ms
483ms Document
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/anchor.htm
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 741e43933c6490e8-FRA
content-encoding: br
content-type: text/html
date: Sun, 28 Aug 2022 16:01:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7qhoRhkNT5ymA2eLsAZs6B9SbDReaJmdk4AqOBU5Xzv2lbiG%2BctYe2eAV7Zlt17DGp1gm9Az8wA0GN3wIKZneenRk9hZ2XredgYBv%2F0s%2FrrqogimH7OxB%2FP4GKgHc%2Fso0dI7%2BdCMlPw8h0PRkg4gOXs0vDARTiXtw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 644b00377d0bb2cb64db722e7d973f5f1e50937aab4375dce5eb195ece4fab39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b942f73ea524f5d314fd977ffd48e273aeb371f038c3b03e5b875dfdb9df4338

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31c12d0340af1ee51b66ea917cb42b0743bca6993ea7f4aa37e18a4c6ba944e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3cb8ee093714e25359a4732b12bc2402a60143531c6609f66177bbbb1be9877

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f8facf0e83b2c37c1073f9d296249ef7f121cd150b669398d65267aa3c22a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1c6c5d76bfa6ceb9f61eab5a6ec2402dc7a81731f1b227c6aa0c019a2996d86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20b0cb963d56a89ed85110b54add23383f2cb36290ba5e2a29192642f6ef19c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee04f81b24bc61b5d4c30a630f7baaa63d396b2239ac06fc599e50003d38c53e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

home_hero_tj_1200.jpg
www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/
Redirect Chain

https://woodbridgehomesolutions.com/wp-content/uploads/2020/11/home_hero_tj_1200.jpg
https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/home_hero_tj_1200.jpg

104 KB
104 KB

870ms
198ms

Image
image/jpeg

104.196.252.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/home_hero_tj_1200.jpg

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Server

104.196.252.36 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

36.252.196.104.bc.googleusercontent.com

Software

nginx /

Resource Hash

d40462f2ee7144343c0a03c55e945a247c2648a9a2dcb4d4483131467d8086c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:11 GMT
last-modified: Tue, 23 Aug 2022 19:50:13 GMT
server: nginx
etag: "63052f75-19fdf"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 106463

Redirect headers

location: https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/home_hero_tj_1200.jpg
content-security-policy: upgrade-insecure-requests
server: nginx
date: Sun, 28 Aug 2022 16:01:10 GMT
content-length: 162
strict-transport-security: max-age=63072000
content-type: text/html

GET
H2

200

contact-us-form-bkgrnd.png
www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/
Redirect Chain

https://woodbridgehomesolutions.com/wp-content/uploads/2020/11/contact-us-form-bkgrnd.png
https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/contact-us-form-bkgrnd.png

69 KB
69 KB

1125ms
453ms

Image
image/png

104.196.252.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/contact-us-form-bkgrnd.png

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Server

104.196.252.36 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

36.252.196.104.bc.googleusercontent.com

Software

nginx /

Resource Hash

096d6ace619f7d5241a4fe9ff39db4c25918e0f09de9195178b6bd0c394939df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:11 GMT
last-modified: Tue, 23 Aug 2022 19:50:12 GMT
server: nginx
etag: "63052f74-11453"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 70739

Redirect headers

location: https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/contact-us-form-bkgrnd.png
content-security-policy: upgrade-insecure-requests
server: nginx
date: Sun, 28 Aug 2022 16:01:10 GMT
content-length: 162
strict-transport-security: max-age=63072000
content-type: text/html

GET
H3 404 a.htm Show response
ganhardinheiro-vtxwsp.shop/1_files/ Frame BE0B 548 B
647 B 370ms
370ms Document
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/a.htm
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 741e4393acfc90e8-FRA
content-encoding: br
content-type: text/html
date: Sun, 28 Aug 2022 16:01:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZt%2BUgfXdQ12BEEmiAc18FfucE1biap4024xSQ%2BkTMlanSqqCdPOLo9u3u5%2FkOkEG2OWkLD7BnHqmSXbk%2Froe34aQhQaEmUGJeHInlifUbFZkLgkBYNDrrWLlWVQkjw9H%2FGzCjnp6w2VmfyAaFniZCGjJvzS76JRew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 sessions Show response
track-v2.funnelytics.io/ 50 B
263 B 463ms
229ms XHR
application/json 3.99.99.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/sessions
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.99.99.158 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-99-99-158.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5749b649df2fab3ee02d4421366d115f87788b4818c591bc54c69fe558eb7f45

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 28 Aug 2022 16:01:10 GMT
x-amzn-requestid: decb17d3-9b52-427e-b787-b8646c576d56
x-amz-apigw-id: XlOi9GM74osFkIQ=
x-amzn-trace-id: Root=1-630b9145-47d48ed57867afb5525a6949;Sampled=0
content-length: 50
content-type: application/json

GET
H3 200 282008447331376 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 89ms
73ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/282008447331376?v=2.9.78&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7bfc3ecf8c3b8057d957295a845c08d850d1b8aeb5aa9d1ad2b3dc796b7285f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 4824Pbo6pUqR+h+RZ+KM2tjwh8L847gseucX97rWsA4+modFa0b5ZQIC7c4zWPW65r+1/3kEHY61pjTIPP53EA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 28 Aug 2022 16:01:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1661702469800
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTL3FGC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3549
date: Sun, 28 Aug 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 28 Aug 2022 17:02:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 119ms
82ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTL3FGC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15682
x-xss-protection: 0
server: cafe
etag: 14097944420163075165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:01:09 GMT

GET
H3

200

activityi;dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F Show response
11643113.fls.doubleclick.net/ Frame C7C1
Redirect Chain

https://11643113.fls.doubleclick.net/activityi;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F?
https://11643113.fls.doubleclick.net/activityi;dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fga...

492 B
413 B

147ms
92ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11643113.fls.doubleclick.net/activityi;dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTL3FGC

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

484166741c9dcedc3c63335da0c82481645e006febd113910246e074b13b05c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 388
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:01:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:01:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11643113.fls.doubleclick.net/activityi;dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F Show response
11643113.fls.doubleclick.net/ Frame 95F0
Redirect Chain

https://11643113.fls.doubleclick.net/activityi;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F?
https://11643113.fls.doubleclick.net/activityi;dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2...

498 B
421 B

153ms
48ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11643113.fls.doubleclick.net/activityi;dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTL3FGC

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

c781755142865e4f14a9ad23b531f78c4903a3ceea023c8f41ef711300cf2ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 396
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:01:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:01:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11643113.fls.doubleclick.net/activityi;dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 74ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTL3FGC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 313096274D194D69BAE662E6EC911051 Ref B: FRA31EDGE0716 Ref C: 2022-08-28T16:01:09Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sun, 28 Aug 2022 16:01:09 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 swap.js Show response
cdn.calltrk.com/companies/393440213/5aef4bbfb33a8e4c93db/12/ 39 KB
12 KB 161ms
109ms Script
text/javascript 18.66.112.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.calltrk.com/companies/393440213/5aef4bbfb33a8e4c93db/12/swap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTL3FGC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-77.fra56.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7e4a3cac272bf56da16237af42d0187acae1d18b2d19e1fcd1f9a7457d53f011

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-runtime: 0.006675
date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P5
etag: W/"7e4a3cac272bf56da16237af42d0187a"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: BXeV_ipmzmtsSVVQE-KyG3MQo4qmcqzuKKzVRpe3szhGNoDpw-H3Sw==
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-request-id: 0d7328bd-385b-485d-8fdd-ca24ff1a4d81

GET
H2 200 lptm.js Show response
ftlaunchpad.ai/ 4 KB
2 KB 455ms
107ms Script
application/javascript 3.133.237.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ftlaunchpad.ai/lptm.js?id=e8edae
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTL3FGC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.133.237.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-133-237-167.us-east-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 77fe882633c6aeadd1ba7328baa1a42cb5d37c9a10f02daf80b1a2e9171fb6eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: gzip
last-modified: Sun, 28 Aug 2022 16:01:10 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 1919

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 452ms
104ms Script
text/javascript 3.220.159.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.159.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-159-159.compute-1.amazonaws.com
Software: /
Resource Hash: b9667b997dce74c4f66bff1f10f7fbbb449b7bd292f2dc428f917d46395a3f87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 28 Aug 2022 16:01:10 GMT
Content-Encoding: gzip
Cache-Control: max-age=5
Content-Length: 5404
Connection: keep-alive
Content-Type: text/javascript

GET
H2

200

blank.gif
rdcdn.com/images/
Redirect Chain

https://rdcdn.com/rt?aid=18772&e=1&img=1
https://rdcdn.com/eow
https://rdcdn.com/images/blank.gif

42 B
198 B

99ms
96ms

Image
image/gif

52.205.197.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdcdn.com/images/blank.gif
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H2
Server: 52.205.197.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-197-33.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:12 GMT
last-modified: Thu, 23 Dec 2021 21:40:22 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0e70b045f8d71:0"
content-length: 42
content-type: image/gif

Redirect headers

date: Sun, 28 Aug 2022 16:01:12 GMT
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: text/html; charset=utf-8
location: https://rdcdn.com/images/blank.gif
cache-control: private
content-length: 151

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
15ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=954262647&t=pageview&_s=1&dl=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F&ul=en-us&de=UTF-8&dt=Woodbridge%20Home%20Solutions%3A%20Replacement%20Windows%2C%20Vinyl%20Siding%20%26%20Doors&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1015459077&gjid=1793870044&cid=252248978.1661702470&tid=UA-23971604-1&_gid=206366335.1661702470&_r=1&gtm=2wg8o0TTL3FGC&z=534879065

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ganhardinheiro-vtxwsp.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
447 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23971604-1&cid=252248978.1661702470&jid=1015459077&gjid=1793870044&_gid=206366335.1661702470&_u=YEBAAEAAAAAAAC~&z=1548885012

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Aug 2022 16:01:09 GMT
content-type: text/plain
access-control-allow-origin: https://ganhardinheiro-vtxwsp.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4049230.js Show response
bat.bing.com/p/action/ 0
118 B 183ms
183ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4049230.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 248742678489405DA9E69A620DBA8AD7 Ref B: FRA31EDGE0716 Ref C: 2022-08-28T16:01:09Z
date: Sun, 28 Aug 2022 16:01:09 GMT
x-cache: CONFIG_NOCACHE

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/877648647/ 2 KB
2 KB 231ms
209ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/877648647/?random=1661702469874&cv=9&fst=1661702469874&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F&tiba=Woodbridge%20Home%20Solutions%3A%20Replacement%20Windows%2C%20Vinyl%20Siding%20%26%20Doors&auid=1603561221.1661702470&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77e29b18dd5e30fb08d831e860820da0da2ce8a678e41e439b23338cb2ee5238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 941788543232640 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 138ms
138ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/941788543232640?v=2.9.78&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7062fdd283bed25e80eaba9e3c41f1e5c5af4f9d8f70c7b97ce73767c2f32db4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: qy/TytX6GMs6RWxpP+sZYRT2R/j5MjIx4R/DSYCe5CZwh7DeaBtaPSBt4SHLN75IJsqRYCgsrt/b8gk7Ticsxw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 28 Aug 2022 16:01:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1661702469976
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 55ms
23ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=282008447331376&ev=PageView&dl=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F&rl=&if=false&ts=1661702469896&sw=1600&sh=1200&v=2.9.78&r=stable&ec=0&o=30&fbp=fb.1.1661702469895.1282923652&it=1661702469717&coo=false&rqm=GET

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 28 Aug 2022 16:01:09 GMT

GET
H2 200 dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F Show response
adservice.google.com/ddm/fls/i/ Frame 5018 491 B
856 B 97ms
45ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F

Requested by

Host: 11643113.fls.doubleclick.net
URL: https://11643113.fls.doubleclick.net/activityi;dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ab6a5b31188380197f40e07ac12b50b21e8a4a2aa0c17ae5d10a3436f815fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11643113.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 387
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:01:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/877648647/ 42 B
548 B 44ms
21ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/877648647/?random=1661702469874&cv=9&fst=1661702400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F&tiba=Woodbridge%20Home%20Solutions%3A%20Replacement%20Windows%2C%20Vinyl%20Siding%20%26%20Doors&async=1&fmt=3&is_vtc=1&random=925071634&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/877648647/ 42 B
548 B 43ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/877648647/?random=1661702469874&cv=9&fst=1661702400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F&tiba=Woodbridge%20Home%20Solutions%3A%20Replacement%20Windows%2C%20Vinyl%20Siding%20%26%20Doors&async=1&fmt=3&is_vtc=1&random=925071634&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 30ms
13ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=941788543232640&ev=PageView&dl=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F&rl=&if=false&ts=1661702470142&sw=1600&sh=1200&v=2.9.78&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1661702469895.1282923652&it=1661702469717&coo=false&tm=1&rqm=GET

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 28 Aug 2022 16:01:10 GMT

GET
H2 200 dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F Show response
adservice.google.com/ddm/fls/i/ Frame 1D9A 497 B
465 B 49ms
45ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F

Requested by

Host: 11643113.fls.doubleclick.net
URL: https://11643113.fls.doubleclick.net/activityi;dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c23a896b32876c3567623afb3eddd1ba92f0cac371da9b296e4e7aef95ed8801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11643113.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 395
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:01:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 steps Show response
track-v2.funnelytics.io/ 47 B
257 B 214ms
213ms XHR
application/json 3.99.99.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/steps
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.99.99.158 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-99-99-158.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: fac2216de38213c41db6e1476fb3d40205e085a85a8533484eb7793e021ea19c

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Sun, 28 Aug 2022 16:01:10 GMT
x-amzn-requestid: bb747804-6be7-40de-ba73-be95c2c95dda
x-amz-apigw-id: XlOjAGOcYosFrWw=
x-amzn-trace-id: Root=1-630b9146-09c60f92766a51dd013b2cf2;Sampled=0
content-length: 47
content-type: application/json

GET
H2 200 dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F Show response
adservice.google.de/ddm/fls/i/ Frame 63ED 194 B
242 B 72ms
47ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJKyw4v06fkCFQ7lmgod0RgE2A;src=11643113;type=retar0;cat=retar0;ord=7529156059720;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:01:10 GMT
expires: Sun, 28 Aug 2022 16:01:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F Show response
adservice.google.de/ddm/fls/i/ Frame D68E 194 B
870 B 70ms
45ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPC7xYv06fkCFdDEmgodPFwHzg;src=11643113;type=conve0;cat=websi0;ord=1;num=8785810463645;gtm=2wg8o0;auiddc=1603561221.1661702470;~oref=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:01:10 GMT
expires: Sun, 28 Aug 2022 16:01:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 404ms
100ms Fetch
image/jpeg 3.220.159.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.159.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-159-159.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 28 Aug 2022 16:01:10 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 fullthrottlelims.js Show response
app.livemarketshoppers.com/ 49 B
149 B 467ms
103ms Script
application/javascript 3.20.146.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.livemarketshoppers.com/fullthrottlelims.js?wBOcwBEYUFRZ1VUFAUOAlX
Requested by: Host: ftlaunchpad.ai
URL: https://ftlaunchpad.ai/lptm.js?id=e8edae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.146.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-146-98.us-east-2.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f7436b857493faa8bb9173b7cba25212c1e1fb83545d02681d9389370eca85e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
server: Apache/2.4.29 (Ubuntu)
content-length: 49
content-type: application/javascript

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 5379
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3...

1008 B
2 KB

326ms
187ms

Document
text/html

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=399097605129761200&dcc=t

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

9ffa7a7b864558847873c7245a6c7015406c2340d6ce82847de493a76ace63a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1008
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 28 Aug 2022 16:01:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: AS9CMJWFN2DDVNYASRR8

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 28 Aug 2022 16:01:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=399097605129761200&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: A3VVJEVF62P6WR80EBGB

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 14ms
13ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=941788543232640&ev=PageView&dl=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F&rl=&if=false&ts=1661702470240&sw=1600&sh=1200&v=2.9.78&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1661702469895.1282923652&it=1661702469717&coo=false&rqm=GET

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 28 Aug 2022 16:01:10 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D25C 0
15 B 16ms
13ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ganhardinheiro-vtxwsp.shop
Referer: https://ganhardinheiro-vtxwsp.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ganhardinheiro-vtxwsp.shop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:01:10 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 404 logo_img_sep.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 18ms
17ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/logo_img_sep.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUPqW1x7v%2B3z9BLsuNZ7F7MNCNXQZc5C1wHNLVQjjEqQ9BXwckV%2Fv071Le96TqNv7Y%2BFvX8qucwUk7kbOcNnNvW8uOTkOcG5Cie2wMFHEhcQd6RUTQVnPaQon6kODaIgX885KZZ36M7xKIFV78jhymHNXisd9FNFjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43982ad390e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcb5777660059ed215298111746de9322c9891b8597e6cb0ad49b010369372b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 404 logo-white-new.png
ganhardinheiro-vtxwsp.shop/1_files/ 548 B
548 B 18ms
17ms Image
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/logo-white-new.png
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpHlk61xvVgbKLbVn%2FT5iEBOjLlPwGBKLdhuz8N6DWtRo2rtPjoVVbtgZKxr27fdFiLxqVxsXua2X7hA5tuIlTpOI9ZOLtS8euVaXmaDuG%2B6dMBwdvWf0grPLjju5cHjnBgPscTwzn%2FFNgI04tPvV%2BKPbUOShBcOGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 741e43982ad690e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 activityi.htm Show response
ganhardinheiro-vtxwsp.shop/1_files/ Frame B01D 548 B
645 B 331ms
329ms Document
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/activityi.htm
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 741e43984aee90e8-FRA
content-encoding: br
content-type: text/html
date: Sun, 28 Aug 2022 16:01:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFR39CNBeEohXJiuKedsi5KOVjOqlnJPt4jFbEglJBb9jaWPEgHdmGMNxdW9NZnxAB5ww4A5K4ufl%2BUKwEpiOTyaOC6pS%2FlfYPFxwLg60dcjmSXCW70i9mAW5c%2BfLOWu%2BGksMTm5NgUfYXYVN1a9exCAQFf4uja7eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 404 activityi_002.htm Show response
ganhardinheiro-vtxwsp.shop/1_files/ Frame 5600 548 B
650 B 320ms
317ms Document
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/activityi_002.htm
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 741e43984afc90e8-FRA
content-encoding: br
content-type: text/html
date: Sun, 28 Aug 2022 16:01:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV35Z17PxD%2FQpigEpdsqXsssm4yxjMMNPAxJK20rUT2WAKCQlHjr%2BWUhmibZi9a3EOeMIE2exKR5E2pf2vxx%2FJy9nXrn9%2FNw0LxBm3X%2F89SgupLNDAWVOoG83ScQYYlVIF8pT%2BO71I%2FZZGQV6qTHRlOIOroC24aMzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

family_60_tj.jpg
www.woodbridgehomesolutions.com/wp-content/uploads/2020/10/
Redirect Chain

https://woodbridgehomesolutions.com/wp-content/uploads/2020/10/family_60_tj.jpg
https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/10/family_60_tj.jpg

36 KB
37 KB

1041ms
453ms

Image
image/jpeg

104.196.252.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/10/family_60_tj.jpg

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Server

104.196.252.36 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

36.252.196.104.bc.googleusercontent.com

Software

nginx /

Resource Hash

2e8246badd04a14e6adf76815e60a7b08a1427d575627d5da2aaf63ba79911b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:11 GMT
last-modified: Tue, 23 Aug 2022 19:50:17 GMT
server: nginx
etag: "63052f79-90ce"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 37070

Redirect headers

location: https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/10/family_60_tj.jpg
content-security-policy: upgrade-insecure-requests
server: nginx
date: Sun, 28 Aug 2022 16:01:10 GMT
content-length: 162
strict-transport-security: max-age=63072000
content-type: text/html

GET
H2

200

bg_footer.jpg
www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/
Redirect Chain

https://woodbridgehomesolutions.com/wp-content/uploads/2020/11/bg_footer.jpg
https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/bg_footer.jpg

44 KB
44 KB

896ms
453ms

Image
image/jpeg

104.196.252.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/bg_footer.jpg

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Server

104.196.252.36 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

36.252.196.104.bc.googleusercontent.com

Software

nginx /

Resource Hash

f0a631a259c692b267a498a5a8fcb5952e002ba758ad1dcf8e3e7e6080ee2f37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:11 GMT
last-modified: Tue, 23 Aug 2022 19:50:13 GMT
server: nginx
etag: "63052f75-aefa"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-length: 44794

Redirect headers

location: https://www.woodbridgehomesolutions.com/wp-content/uploads/2020/11/bg_footer.jpg
content-security-policy: upgrade-insecure-requests
server: nginx
date: Sun, 28 Aug 2022 16:01:10 GMT
content-length: 162
strict-transport-security: max-age=63072000
content-type: text/html

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 290ms
100ms Fetch
image/jpeg 3.220.159.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.159.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-159-159.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 28 Aug 2022 16:01:10 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H3 404 bframe.htm Show response
ganhardinheiro-vtxwsp.shop/1_files/ Frame 2645 548 B
648 B 321ms
320ms Document
text/html 2606:4700:3037::6815:390f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ganhardinheiro-vtxwsp.shop/1_files/bframe.htm
Requested by: Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:390f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 741e43986b2590e8-FRA
content-encoding: br
content-type: text/html
date: Sun, 28 Aug 2022 16:01:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkVW65YiBgvABEbvU%2F5ljNp9%2FLk82XeJwgrfiIL0untHO%2F3uKhlSgWlHBPKYub1njNStlPC1nF2sfVxf%2FyAPPm07u4ItQ15FtKccMqiXO9gGYdWk1mSBfKl6rpy5%2BXq%2BBcOROIJEmpbONkikDzJbKvZV9lGJrOCn9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 3058
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3...

518 B
1 KB

110ms
109ms

Document
text/html

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c67373d7ed9824564f99558f13dbc2ab1f7cfd0b459f0e867984cbf7a04f964a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ganhardinheiro-vtxwsp.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 518
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 28 Aug 2022 16:01:11 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: EAJQNGCSMP2B24X9KWEZ

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 28 Aug 2022 16:01:10 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=621818418191788700&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 2YPRPF8QTXBGAF0NY1K1

GET
H2 200 external_forms.js Show response
js.calltrk.com/companies/393440213/ 23 KB
8 KB 126ms
103ms Script
text/javascript 18.66.112.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.calltrk.com/companies/393440213/external_forms.js?t=1661702470506&

Requested by

Host: cdn.calltrk.com
URL: https://cdn.calltrk.com/companies/393440213/5aef4bbfb33a8e4c93db/12/swap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-77.fra56.r.cloudfront.net

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e398c800cb5323885a4a2af58eafdf27404df74e0072f33ed964dc6211f6b68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: a337bd5a-43c7-4071-ab5f-2e9045734b9c
x-runtime: 0.003111
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 (Ubuntu)
etag: W/"e398c800cb5323885a4a2af58eafdf27"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: F2Fq7Z-k4ySCKoRzefyXfp6T6VokUNZvNOdWHh0ul02WPIs6sGs75A==

POST
H2 200 swap_session.json Show response
js.calltrk.com/group/0/5aef4bbfb33a8e4c93db/12/ 142 B
668 B 238ms
156ms XHR
application/json 18.66.112.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.calltrk.com/group/0/5aef4bbfb33a8e4c93db/12/swap_session.json
Requested by: Host: cdn.calltrk.com
URL: https://cdn.calltrk.com/companies/393440213/5aef4bbfb33a8e4c93db/12/swap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-77.fra56.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9a7472785a1724297f5e77671011c822af6729d5c3fff86e76854d0d4cc9646b

Request headers

Accept: application/json
Referer: https://ganhardinheiro-vtxwsp.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: gzip
vary: Origin
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
status: 200 OK
x-request-id: 14cb7ea9-1146-4a05-bc83-3146551b724c
x-runtime: 0.053404
access-control-allow-origin: *
server: nginx/1.18.0 (Ubuntu)
etag: W/"9a7472785a1724297f5e77671011c822"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: application/json; charset=utf-8
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: SEwMxCGz6NuteLGb_sHuwjsC2D6EC7PeBQs9CwdLKSnfxR1TFPaDSQ==

GET
H2 200 5398a95e-6d6b-4dc1-8b07-59e01bd4177a Show response
track-v2.funnelytics.io/settings/ 67 B
277 B 134ms
133ms XHR
application/json 3.99.99.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/settings/5398a95e-6d6b-4dc1-8b07-59e01bd4177a
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.99.99.158 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-99-99-158.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9cbece8c1d47c49a557882822ea4b8377c1f48f285a2fdbaf89a68f91e12609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 Aug 2022 16:01:10 GMT
x-amzn-requestid: 4dafe017-6bd4-45c0-bd7c-62056420eaf3
x-amz-apigw-id: XlOjDGeQ4osFi9w=
x-amzn-trace-id: Root=1-630b9146-427244774629891d2cde0f26;Sampled=0
content-length: 67
content-type: application/json

GET
H2 204 0
bat.bing.com/action/ 0
176 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4049230&tm=gtm002&Ver=2&mid=df90fed0-29e3-4230-8b32-9ec34162eb8f&sid=a24a737026ea11ed8a3fd5477b54f697&vid=a24aadc026ea11eda7a655a90f636e78&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Woodbridge%20Home%20Solutions%3A%20Replacement%20Windows,%20Vinyl%20Siding%20%26%20Doors&p=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F&r=&lt=2091&evt=pageLoad&sv=1&rn=781788

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C0CED4A59F14FA8BB58BE4071AA8674 Ref B: FRA31EDGE0716 Ref C: 2022-08-28T16:01:10Z
date: Sun, 28 Aug 2022 16:01:10 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A755 0
15 B 15ms
12ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ganhardinheiro-vtxwsp.shop
URL: https://ganhardinheiro-vtxwsp.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ganhardinheiro-vtxwsp.shop
Referer: https://ganhardinheiro-vtxwsp.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ganhardinheiro-vtxwsp.shop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 28 Aug 2022 16:01:10 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
408 B 101ms
101ms XHR
text/plain 3.220.159.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=hX9FK6-uxqDRz38lKsXNfg&is_js=true&landing_url=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F&t=Woodbridge%20Home%20Solutions%3A%20Replacement%20Windows%2C%20Vinyl%20Siding%20%26%20Doors&tip=ZJIopdNBWI5BzY84oU9VzCvNnf7RXbZissnSDz6KAzA&host=https://ganhardinheiro-vtxwsp.shop&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd94338de7dfe7646a354d5f697afb021a3515f0525&sa-user-id-v2=s%253A0-37e2f408-7eda-4426-74a6-5d1504a406f2%2524ip%252481.95.5.37.57xG9tUL3j3Kv8F2wHAzn99oeP%252BfMnPimh%252F7fwxRplc&sa-user-id=s%253A0-37e2f408-7eda-4426-74a6-5d1504a406f2.o%252BbS1J4PvFHutpM6UHbFCAZIs3HIe6AckOSiFHUoxkM
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.159.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-159-159.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:01:10 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ganhardinheiro-vtxwsp.shop
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
408 B 154ms
100ms XHR
text/plain 3.220.159.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=hX9FK6-uxqDRz38lKsXNfg&is_js=true&landing_url=https%3A%2F%2Fganhardinheiro-vtxwsp.shop%2F&t=Woodbridge%20Home%20Solutions%3A%20Replacement%20Windows%2C%20Vinyl%20Siding%20%26%20Doors&tip=ZJIopdNBWI5BzY84oU9VzCvNnf7RXbZissnSDz6KAzA&host=https://ganhardinheiro-vtxwsp.shop&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd97e60f4a4dfd04d3d53ed33ac36d34e95515f0525&sa-user-id-v2=s%253A0-37e2f408-7eda-4426-74a6-5d1504a406f2%2524ip%252481.95.5.37.57xG9tUL3j3Kv8F2wHAzn99oeP%252BfMnPimh%252F7fwxRplc&sa-user-id=s%253A0-37e2f408-7eda-4426-74a6-5d1504a406f2.o%252BbS1J4PvFHutpM6UHbFCAZIs3HIe6AckOSiFHUoxkM
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.159.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-159-159.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 16:01:10 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ganhardinheiro-vtxwsp.shop
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H2 200 icap.js Show response
js.calltrk.com/group/0/5aef4bbfb33a8e4c93db/12/ 22 B
453 B 209ms
209ms Script
text/javascript 18.66.112.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.calltrk.com/group/0/5aef4bbfb33a8e4c93db/12/icap.js?t=1661702470767&GoogleAnalytics__ga=GA1.2.252248978.1661702470&Facebook__fbp=fb.1.1661702469895.1282923652&ga=GA1.2.252248978.1661702470&uuid=c129750d-9971-4c88-9faa-1734fae21901&ids%5B%5D=393440213
Requested by: Host: cdn.calltrk.com
URL: https://cdn.calltrk.com/companies/393440213/5aef4bbfb33a8e4c93db/12/swap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-77.fra56.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ganhardinheiro-vtxwsp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-runtime: 0.018368
date: Sun, 28 Aug 2022 16:01:10 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-P5
etag: W/"1643b5cec44cc597bc2cce3448ce5434"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: rBUOI2mlz0Mcgvh-o1Y4rzwJs2JruDNTkKfoDvfGLEzvVqPGmUOYhg==
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-request-id: 332f18f3-8ad2-4792-b1c4-0d393b5cb13c

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 29F2 6 KB
6 KB 104ms
104ms Document
text/html 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=399097605129761200&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

1837accb16f81dfdbda60fb6f041cc2db9eabf493b7145e8509fd447928dcbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=399097605129761200&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 5831
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 28 Aug 2022 16:01:11 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: V7NP4K8Q9Q682FVMPA9E

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 0EBB 4 KB
5 KB 100ms
100ms Document
text/html 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=yzjAPCbLzdgFAg9tvkkanzMpZFkr_PTFy-mYa7sPfehdQFKOGLaQjWxi8kLyNINw894fc7vDIps0gGV6JPmc-yXmASnTMWdD8phZQWj7tqQ

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

0f5588c2e7162b6b0c4eefe034878b49aaeb5e94ec04d626ec283781c171a2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Dd9eb352a-44a3-cac9-a481-e0c7e5ae222c%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.woodbridgehomesolutions.com&ex-hargs=v%3D1.0%3Bc%3D578563711389210527%3Bp%3DD9EB352A-44A3-CAC9-A481-E0C7E5AE222C&cb=621818418191788700&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 4356
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 28 Aug 2022 16:01:11 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: C34M6G799C48J1QKG175

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=TaLoO2TSQGqciW54t3eH5w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DTaLoO2TSQGqciW54t3eH5w%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=TaLoO2TSQGqciW54t3eH5w

43 B
556 B

188ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=TaLoO2TSQGqciW54t3eH5w

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4BYTDFRN8ZDW96944B5M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
X-Proxy-Origin: 81.95.5.37; 81.95.5.37; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8f9fe3e0-cac7-4cbc-a504-95b0d6b1a6bf
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=TaLoO2TSQGqciW54t3eH5w
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=219333204257002509402&ex=neustar.biz

43 B
556 B

102ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=219333204257002509402&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Q9ZZFZFC2JCSRRPF9QF7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
server: AAWebServer
location: https://s.amazon-adsystem.com/ecm3?id=219333204257002509402&ex=neustar.biz
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=PHQt8PDVTVWXnMN6gpvRBA&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=PHQt8PDVTVWXnMN6gpvRBA&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YwuRR63qoHY90VDKWCDzgQAA

43 B
556 B

285ms
103ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YwuRR63qoHY90VDKWCDzgQAA

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 20PH8KQW7BQ6VZ7ZC5SW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaLAWT42mtAPwJTIWbitwOstM4S6Ie74xabjo7fxqUPmFqWrMjANTDS1Kp6IvQ%2B%2BPjDg1%2BPszGFd49IHWO2lfvaWf5hsm9beB8lOS7FJ8zsTThR4q4CkukyCcJ9TuGNDu9bhOvrexPCYjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YwuRR63qoHY90VDKWCDzgQAA
cache-control: no-cache
cf-ray: 741e439f0db26945-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=877f222eb7f5c03e551492034a9204d2

43 B
556 B

101ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=877f222eb7f5c03e551492034a9204d2

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CH4AGT3RNCDXSQKMAQGV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=877f222eb7f5c03e551492034a9204d2
Date: Sun, 28 Aug 2022 16:01:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
556 B

275ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QQ6MWZAF0J933E616CD9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Sun, 28 Aug 2022 16:01:11 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Nuo4M2xNS4q_iruNFoVkIQ
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Nuo4M2xNS4q_iruNFoVkIQ&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Nuo4M2xNS4q_iruNFoVkIQ

43 B
556 B

223ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Nuo4M2xNS4q_iruNFoVkIQ

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4NXTSMHTW0RBXDXTKEQS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Nuo4M2xNS4q_iruNFoVkIQ
date: Sun, 28 Aug 2022 16:01:11 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=d26bc06d-41e9-46e8-93e2-e49f24e66fbb

43 B
556 B

230ms
104ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=d26bc06d-41e9-46e8-93e2-e49f24e66fbb

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1MGSP9NVT52D20YGV9GT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Sun, 28 Aug 2022 16:01:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=d26bc06d-41e9-46e8-93e2-e49f24e66fbb

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 29F2 43 B
182 B 325ms
94ms Image
image/gif 2600:1f18:612b:4232:b349:7e6b:417:1a78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:b349:7e6b:417:1a78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:11 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 29F2 0
123 B 204ms
31ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:11 GMT
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=a9b1b17c-9c89-43a7-656f-8ea6f05b2167

43 B
556 B

103ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=a9b1b17c-9c89-43a7-656f-8ea6f05b2167

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HDA3TFCC7KH85PQ4CPV8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 28 Aug 2022 16:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=a9b1b17c-9c89-43a7-656f-8ea6f05b2167
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 741e439ebf6c5c62-FRA
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=f28860675314d29e63d9aa9c79353&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

286ms
105ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=f28860675314d29e63d9aa9c79353&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZNC8J1RHGSE68NS25KV7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=f28860675314d29e63d9aa9c79353&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1661702471727090-387
Expires: Sun, 28 Aug 2022 16:01:11 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

220ms
99ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XQ669KNYSSFAX4QX1R1D
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 28 Aug 2022 16:01:11 GMT
via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=Q2ZAECYH889SYRPF8FM5:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: Q2ZAECYH889SYRPF8FM5
strict-transport-security: max-age=31536000; includeSubDomains
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
permissions-policy: interest-cohort=()
x-robots-tag: noindex, nofollow
x-amz-cf-id: 9V5LeuS0lp2dr3nXuCShcmEQRUevDT57DqEBxks5Ktcfapw3iJhZOQ==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 29F2 0
337 B 153ms
29ms Image
text/plain 34.254.11.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=cqHetQyQQHa8kieNGdyKbg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.11.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-11-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:11 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1661702471
x-served-by: beacon-n013-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 29F2 0
263 B 401ms
100ms Image
text/plain 54.237.50.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.50.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-50-216.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 29F2 0
122 B 93ms
20ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=L5UKBjciR6S1Z38slEBQLg&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-fpgnl
date: Sun, 28 Aug 2022 16:01:11 GMT
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe6857f16029edb2

43 B
556 B

208ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe6857f16029edb2

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: KN834SPWDD8XN1ZCXEWY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 28 Aug 2022 16:01:11 GMT
x-content-type-options: nosniff
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe6857f16029edb2
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Authorization
content-length: 93

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nlP_PEQyThKUumwGuqmkyg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nlP_PEQyThKUumwGuqmkyg

43 B
556 B

211ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nlP_PEQyThKUumwGuqmkyg

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5SYC3528YJ06XCNP5YTH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nlP_PEQyThKUumwGuqmkyg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=h2oy0WA8TA61hW6WiUPSuw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=42861391711458597590802334923768946017

43 B
556 B

213ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=42861391711458597590802334923768946017

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D75WFRJEJZBBVJFJ5QG1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v038-043538ae8.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MtzyuukcTmE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=42861391711458597590802334923768946017
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=IKwKGgzgQZ6pGOUMrs8YIw
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814057500938271562&gdpr=&gdpr_consent=

43 B
556 B

209ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814057500938271562&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X7SDWZNQTZ8A8AM0F0BE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814057500938271562&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 29F2 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5342351800892741913

43 B
556 B

284ms
104ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5342351800892741913

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 53BBBWH0Y820B2SJ6HQT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5342351800892741913
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a2fe554b-26ea-11ed-a8fb-1a7cb9e30206

43 B
556 B

194ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a2fe554b-26ea-11ed-a8fb-1a7cb9e30206

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VWSVPGWN8ZGDTC0MADZ8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 28 Aug 2022 16:01:11 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a2fe554b-26ea-11ed-a8fb-1a7cb9e30206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 128
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2294b703ea-903a-47a7-bbb4-fbd0a5847820%22,%22Time%22:%2220220828T160111.875322%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=94b703ea-903a-47a7-bbb4-fbd0a5847820

43 B
556 B

292ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=94b703ea-903a-47a7-bbb4-fbd0a5847820

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: C1CW0PZJTNQMK433NPDZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=94b703ea-903a-47a7-bbb4-fbd0a5847820
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECWK58nFZnQJ-t779WK07sU&google_cver=1

43 B
556 B

275ms
103ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECWK58nFZnQJ-t779WK07sU&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BJE7T3769QP0YR1M04NS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECWK58nFZnQJ-t779WK07sU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 29F2 20 B
20 B 352ms
102ms Image
text/plain 54.85.225.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.225.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-225-242.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:12 GMT
x-age: 0
content-length: 20
content-type: text/plain; charset=utf-8
x-served-by: usermatch-a011-ash-prod.krxd.net
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fa289aa3cea272c871d77ce425861fbf

43 B
556 B

196ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fa289aa3cea272c871d77ce425861fbf

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YFWYY2SX8V2999K84K4R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fa289aa3cea272c871d77ce425861fbf
date: Sun, 28 Aug 2022 16:01:11 GMT
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: tg53hNJCDLcqQko3wSgtGWuAe_muBHYDqj1eUo9nm402b5QxJFtt-g==
x-cache: Miss from cloudfront

GET
H3 200 cm
us-u.openx.net/w/1.0/ Frame 29F2 43 B
75 B 30ms
17ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=Klmmd_3e6g5NgxP-IUWdtDc4dAc4ZgAC

43 B
556 B

269ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=Klmmd_3e6g5NgxP-IUWdtDc4dAc4ZgAC

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XTGN4BD8NJ65EKKJ9NJ9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVLHfN25DuVR69FfPTH%2BbyAMSQyIjCpTxmhimos0N%2BUWGQsVR4fmGhtw0IxlHPLd8Xx5FALBYMTUk56yiD1nl7VjmnXPkhQNb9n8S1utMQciFeLqR7jmA99RjJkeB%2BUK6jP%2BSa0Nfbxkjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=Klmmd_3e6g5NgxP-IUWdtDc4dAc4ZgAC
cache-control: no-cache
cf-ray: 741e43a18ece9bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DF52663AA54B8204

43 B
556 B

103ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DF52663AA54B8204

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CPK54M0X6SHC1AAK71FB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
frontend-id: 13
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DF52663AA54B8204
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=2765703662372067994&ex=appnexus.com

43 B
556 B

295ms
104ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=2765703662372067994&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 26CZ74HDYT63TKJJTWZV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
X-Proxy-Origin: 81.95.5.37; 81.95.5.37; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ccfcee39-0b67-45e6-a2a2-2e3ee4370401
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=2765703662372067994&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 29F2 0
225 B 103ms
18ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=ngGP5Y9sRL26BdC2oUsd_g&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:12 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=Df_LKwfwLkxY5sqYFYreuA&ex=rubiconproject.com&status=ok

43 B
556 B

295ms
104ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=Df_LKwfwLkxY5sqYFYreuA&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NCPNRM8W11SS9K1M845D
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=Df_LKwfwLkxY5sqYFYreuA&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=awL9p6PbR3iuNjwTqrKdQw&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

285ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CQ8R5B6S51BN1BFFCFHD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame 29F2 0
324 B 89ms
8ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2D48910B632B7C9E1902C3E21A

43 B
556 B

103ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2D48910B632B7C9E1902C3E21A

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0K27T4TKCJE0KANYBTFE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 28 Aug 2022 16:01:12 GMT
Server: openresty/1.15.8.2
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2D48910B632B7C9E1902C3E21A
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Sun, 28 Aug 2022 16:01:11 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3be4facefc1e363124c33e9e6e1823079f060e1d7708e976d5fe4f0816f50c73

43 B
556 B

165ms
103ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3be4facefc1e363124c33e9e6e1823079f060e1d7708e976d5fe4f0816f50c73

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B9WPJ8SKD06PQDDP04JP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:12 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3be4facefc1e363124c33e9e6e1823079f060e1d7708e976d5fe4f0816f50c73
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 29F2 0
166 B 117ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=cqHetQyQQHa8kieNGdyKbg&dmt=3&ex-pl-n-g-hmt=awL9p6PbR3iuNjwTqrKdQw&ep=mfS4I4Lxm4iN8M-0MyueFUW7zM9L2lJTOo-QAXo8-VwHWuN5d16Oo_outEZWAc9bJwc4k0RjDDxjgRj_MgisAIlP0ZGb-vpCNhQ5Sq8Hud9trQzDxk5IEbGSkTgVmOhDUbmHWntvcFW0khrG41hPAopMEep2-qBYIjU5VD-93yfVYobZ7vFS86XVWrOZpAGaWtDcKJQoKUeepfqP_sKirSF-J1c5eDVsJ0tLDWtCx-n2HJdhttDjj19bHMDvj3zv8dQ8gyL9aPIvRtWwrMpPUOpj-vEkPXOCzF6MnDL6zXwAu9G96NfU3Q6tdWj6YEvQdhWP43SvFepAe_ai7AuCzGSIwM4K58sGPzTG2Xkx7sw0vPXhxO1jKutNFJts_Cei86-J_ufDkIvbcqbwAmtZRuuFaEw20grkuc1XfEv9rrSwT1lva7W-cJg2Y8AhVq6s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 29F2
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=8627aabf-4273-4768-bb2a-557abc94e084-tucta0516c8

43 B
556 B

102ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=8627aabf-4273-4768-bb2a-557abc94e084-tucta0516c8

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W1X89CS2WFQPABS6BRJH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=8627aabf-4273-4768-bb2a-557abc94e084-tucta0516c8
date: Sun, 28 Aug 2022 16:01:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12703

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=219443204257002507322&ex=neustar.biz

43 B
556 B

199ms
106ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=219443204257002507322&ex=neustar.biz

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=yzjAPCbLzdgFAg9tvkkanzMpZFkr_PTFy-mYa7sPfehdQFKOGLaQjWxi8kLyNINw894fc7vDIps0gGV6JPmc-yXmASnTMWdD8phZQWj7tqQ

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BK08P60CC38CK0155YM1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
server: AAWebServer
location: https://s.amazon-adsystem.com/ecm3?id=219443204257002507322&ex=neustar.biz
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=722a84740f13da0792d843830a309c8b

43 B
556 B

283ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=722a84740f13da0792d843830a309c8b

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8RH002XGTBBRZAYDV6AP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=722a84740f13da0792d843830a309c8b
Date: Sun, 28 Aug 2022 16:01:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
556 B

262ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PYG6G5AGP4FFNGPEG6KW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Sun, 28 Aug 2022 16:01:11 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0-5b7a9510-a46e-40fa-abdb-efa1d5cb3065

43 B
556 B

235ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0-5b7a9510-a46e-40fa-abdb-efa1d5cb3065

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9DWZQ12M3F38AZPKA6A9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Sun, 28 Aug 2022 16:01:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=0-5b7a9510-a46e-40fa-abdb-efa1d5cb3065

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 0EBB 43 B
183 B 137ms
92ms Image
image/gif 2600:1f18:612b:4232:b349:7e6b:417:1a78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=yzjAPCbLzdgFAg9tvkkanzMpZFkr_PTFy-mYa7sPfehdQFKOGLaQjWxi8kLyNINw894fc7vDIps0gGV6JPmc-yXmASnTMWdD8phZQWj7tqQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:b349:7e6b:417:1a78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:11 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 0EBB 0
16 B 37ms
30ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:11 GMT
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=c08bfde0-63c7-4779-5fa3-5ae6f03ced21

43 B
556 B

199ms
104ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=c08bfde0-63c7-4779-5fa3-5ae6f03ced21

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 01WQT3W6C61VVPSEJB4R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 28 Aug 2022 16:01:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=c08bfde0-63c7-4779-5fa3-5ae6f03ced21
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 741e439edfbf5c62-FRA
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=f28860675314d29e63d9aa9c79353&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

282ms
103ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=f28860675314d29e63d9aa9c79353&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NJ3B75SAVJ2T5JYVBWN8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=f28860675314d29e63d9aa9c79353&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1661702471727089-387
Expires: Sun, 28 Aug 2022 16:01:11 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

189ms
98ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6J1MXP0FZXNWDS04TPKX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 28 Aug 2022 16:01:11 GMT
via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P4
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=Z1F9BS1E5RQKRVK6ZNC3:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: Z1F9BS1E5RQKRVK6ZNC3
strict-transport-security: max-age=31536000; includeSubDomains
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
permissions-policy: interest-cohort=()
x-robots-tag: noindex, nofollow
x-amz-cf-id: 8q5ARP51oP9xXNf1C4XNJFvjanj6j5vNHJDJbtL5nmS2v3zMEAL-Jw==

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 0EBB 0
263 B 425ms
100ms Image
text/plain 54.237.50.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=yzjAPCbLzdgFAg9tvkkanzMpZFkr_PTFy-mYa7sPfehdQFKOGLaQjWxi8kLyNINw894fc7vDIps0gGV6JPmc-yXmASnTMWdD8phZQWj7tqQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.50.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-50-216.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe6857f160abec65

43 B
556 B

206ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe6857f160abec65

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VCZS1DZVEVHVATKT0DTN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 28 Aug 2022 16:01:11 GMT
x-content-type-options: nosniff
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fe6857f160abec65
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self'
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Authorization
content-length: 93

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=h2oy0WA8TA61hW6WiUPSuw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=h2oy0WA8TA61hW6WiUPSuw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=42861391711458597590802334923768946017

43 B
556 B

202ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=42861391711458597590802334923768946017

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NGNK8T5A3JK29QGAAE55
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v038-04c8fac1a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: XzmzmXWIS5A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=42861391711458597590802334923768946017
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=IKwKGgzgQZ6pGOUMrs8YIw
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814057500938271562&gdpr=&gdpr_consent=

43 B
556 B

249ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814057500938271562&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HAC5W2V8KANTSJ78DD6K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10814057500938271562&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 0EBB 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5342351800892741913

43 B
556 B

202ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5342351800892741913

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: T318VB2W4Y809R65CFC0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5342351800892741913
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=a2fe55b2-26ea-11ed-a8fb-1a7cb9e30206
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a2fe554b-26ea-11ed-a8fb-1a7cb9e30206

43 B
556 B

183ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a2fe554b-26ea-11ed-a8fb-1a7cb9e30206

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PVBBG0BDG8QWCETDTG86
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 28 Aug 2022 16:01:11 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=a2fe554b-26ea-11ed-a8fb-1a7cb9e30206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 97
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22a6c67d09-b004-4d2d-be02-527fb7565a9e%22,%22Time%22:%2220220828T160111.866145%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=94b703ea-903a-47a7-bbb4-fbd0a5847820

43 B
556 B

296ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=94b703ea-903a-47a7-bbb4-fbd0a5847820

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6YSRSBMB0Y8HPEN6SKV7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=94b703ea-903a-47a7-bbb4-fbd0a5847820
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECWK58nFZnQJ-t779WK07sU&google_cver=1

43 B
556 B

263ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECWK58nFZnQJ-t779WK07sU&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S2JYZB29DP7DZ8WJTKY6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECWK58nFZnQJ-t779WK07sU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fdae2b531ef99d3baddf944af058f3bf

43 B
556 B

263ms
103ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fdae2b531ef99d3baddf944af058f3bf

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: F62B3XWXY75NGFA4ZWX3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fdae2b531ef99d3baddf944af058f3bf
date: Sun, 28 Aug 2022 16:01:11 GMT
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: 9Yu48Neksx3TZOMQirohAFQZe5MulUcS0vxMGXfFhtOUhcwUvmJEeQ==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 0EBB 43 B
304 B 45ms
15ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=yzjAPCbLzdgFAg9tvkkanzMpZFkr_PTFy-mYa7sPfehdQFKOGLaQjWxi8kLyNINw894fc7vDIps0gGV6JPmc-yXmASnTMWdD8phZQWj7tqQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=Klmmd_3e6g5NgxP-IUWdtDc4dAc4ZgAC

43 B
556 B

265ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=Klmmd_3e6g5NgxP-IUWdtDc4dAc4ZgAC

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NY79WX0M5SCNNK04CTFG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDHjEaX5JCFoc9R2lBKozdelgV8FdFzV7kLfh4Sgd39fE39Xtq%2B022RkJqBFKIMVXU5L6ejdLTz%2Bi5Zq65yvKquHEij8eSOYsyH%2FyDV8iZu%2BSryOJH6l%2FqDTlLMkYIwbbDHr5IZd51aJog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=Klmmd_3e6g5NgxP-IUWdtDc4dAc4ZgAC
cache-control: no-cache
cf-ray: 741e43a18ecd9bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DF52663AA54B8204

43 B
556 B

101ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DF52663AA54B8204

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: C5KHD2HR1MNN19ZQ2CEX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:11 GMT
frontend-id: 13
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DF52663AA54B8204
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=2765703662372067994&ex=appnexus.com

43 B
556 B

279ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=2765703662372067994&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SB2474Q62ZQ6PA9SGVWZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:11 GMT
X-Proxy-Origin: 81.95.5.37; 81.95.5.37; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ac21f5f9-19b7-4a64-9a51-8c3c18cfe2ee
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=2765703662372067994&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=i-jfe6rrs6owbfe5nGC_s8WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
556 B

249ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=i-jfe6rrs6owbfe5nGC_s8WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6TK9R726WQJERQ4BWH7Q
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=i-jfe6rrs6owbfe5nGC_s8WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
loadus.exelator.com/load/ Frame 0EBB 0
324 B 191ms
7ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=yzjAPCbLzdgFAg9tvkkanzMpZFkr_PTFy-mYa7sPfehdQFKOGLaQjWxi8kLyNINw894fc7vDIps0gGV6JPmc-yXmASnTMWdD8phZQWj7tqQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2D48910B63287C890C020CC406

43 B
556 B

115ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2D48910B63287C890C020CC406

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GA7ZG6K699WG2B38HSPQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 28 Aug 2022 16:01:12 GMT
Server: openresty/1.15.8.2
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=E79C4F2D48910B63287C890C020CC406
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Sun, 28 Aug 2022 16:01:11 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3be4facefc1e363124c33e9e6e1823079f060e1d7708e976d5fe4f0816f50c73

43 B
556 B

259ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3be4facefc1e363124c33e9e6e1823079f060e1d7708e976d5fe4f0816f50c73

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 089ZW9452DN67BQAASM0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Aug 2022 16:01:12 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=3be4facefc1e363124c33e9e6e1823079f060e1d7708e976d5fe4f0816f50c73
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0EBB 0
41 B 122ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=yzjAPCbLzdgFAg9tvkkanzMpZFkr_PTFy-mYa7sPfehdQFKOGLaQjWxi8kLyNINw894fc7vDIps0gGV6JPmc-yXmASnTMWdD8phZQWj7tqQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 16:01:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0EBB
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=ff93ac2a-b2b4-480b-a4a5-0a6818c9e293-tucta0516c8

43 B
556 B

100ms
99ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=ff93ac2a-b2b4-480b-a4a5-0a6818c9e293-tucta0516c8

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Aug 2022 16:01:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2NX2SK81JC95N6F3FJY9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=ff93ac2a-b2b4-480b-a4a5-0a6818c9e293-tucta0516c8
date: Sun, 28 Aug 2022 16:01:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12703

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ganhardinheiro-vtxwsp.shop/	1970-01-20 07:44:38	Name: _gcl_au Value: 1.1.1603561221.1661702470
.ganhardinheiro-vtxwsp.shop/	1970-01-20 15:11:02	Name: _ga Value: GA1.2.252248978.1661702470
.ganhardinheiro-vtxwsp.shop/	1970-01-20 05:36:28	Name: _gid Value: GA1.2.206366335.1661702470
.ganhardinheiro-vtxwsp.shop/	1970-01-20 05:35:02	Name: _gat_UA-23971604-1 Value: 1
.bing.com/	1970-01-20 14:56:38	Name: MUID Value: 22F9A5F604336342034BB7F8059F6271
.ganhardinheiro-vtxwsp.shop/	1970-01-20 07:44:38	Name: _fbp Value: fb.1.1661702469895.1282923652
.ganhardinheiro-vtxwsp.shop/	1970-01-20 14:20:38	Name: calltrk_referrer Value: direct
.ganhardinheiro-vtxwsp.shop/	1970-01-20 14:20:38	Name: calltrk_landing Value: https%3A//ganhardinheiro-vtxwsp.shop/
.ganhardinheiro-vtxwsp.shop/	1970-01-20 15:11:02	Name: _fs Value: fbf5d031-6568-441c-b6eb-f46de4c1e6ca
tags.srv.stackadapt.com/	1970-01-20 14:20:38	Name: sa-user-id Value: s%3A0-37e2f408-7eda-4426-74a6-5d1504a406f2.o%2BbS1J4PvFHutpM6UHbFCAZIs3HIe6AckOSiFHUoxkM
.srv.stackadapt.com/	1970-01-20 14:20:38	Name: sa-user-id-v2 Value: s%3AN-L0CH7aRCZ0pl0VBKQG8lFfBSU.C83poHI3Bi0spx9LeK40S6S1v6B6cLtrPKuntLLPYVs
ganhardinheiro-vtxwsp.shop/	1970-01-20 14:20:38	Name: sa-user-id Value: s%253A0-37e2f408-7eda-4426-74a6-5d1504a406f2.o%252BbS1J4PvFHutpM6UHbFCAZIs3HIe6AckOSiFHUoxkM
ganhardinheiro-vtxwsp.shop/	1970-01-20 14:20:38	Name: sa-user-id-v2 Value: s%253A0-37e2f408-7eda-4426-74a6-5d1504a406f2%2524ip%252481.95.5.37.57xG9tUL3j3Kv8F2wHAzn99oeP%252BfMnPimh%252F7fwxRplc
.ganhardinheiro-vtxwsp.shop/	1970-01-20 14:20:38	Name: calltrk_session_id Value: c129750d-9971-4c88-9faa-1734fae21901
.ganhardinheiro-vtxwsp.shop/	1970-01-20 05:36:28	Name: _uetsid Value: a24a737026ea11ed8a3fd5477b54f697
.ganhardinheiro-vtxwsp.shop/	1970-01-20 14:56:38	Name: _uetvid Value: a24aadc026ea11eda7a655a90f636e78
.ganhardinheiro-vtxwsp.shop/	1970-01-20 14:20:38	Name: calltrk_fcid Value: 410ded95-f2c5-4354-9bf9-408db1c3286c
.amazon-adsystem.com/	1970-01-20 10:46:04	Name: ad-id Value: A2wgTjtOCEvlhCT-lrJSn98
.amazon-adsystem.com/	1970-01-20 15:11:02	Name: ad-privacy Value: 0
.bidswitch.net/	1970-01-20 14:20:38	Name: c Value: 1661702471
.bidswitch.net/	1970-01-20 14:20:38	Name: tuuid_lu Value: 1661702471
.adnxs.com/	1970-01-20 07:44:38	Name: uuid2 Value: 2765703662372067994
.casalemedia.com/	1970-01-20 14:20:38	Name: CMID Value: YwuRR63qoHY90VDKWCDzgQAA
.casalemedia.com/	1970-01-20 07:44:38	Name: CMPS Value: 1120
.casalemedia.com/	1970-01-20 07:44:38	Name: CMPRO Value: 1120
.adnxs.com/	1970-01-20 07:44:38	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2HaSt_i]c!@wnfH8KHJO4W`i=1ZD=0k@k3/[S2f3OGwIjB4$Fjajg!n>x%m4^@wn!_6-zQEVk`!:1<SI[C*B
.agkn.com/	1970-01-20 14:20:38	Name: ab Value: 0001%3A533JzPfk4Kjgd48ujmulwERrgK3XWrkv
.zeotap.com/	1970-01-20 14:20:38	Name: zc Value: c08bfde0-63c7-4779-5fa3-5ae6f03ced21
.bidswitch.net/	1970-01-20 14:20:38	Name: tuuid Value: b586580c-d77e-4c8c-ba43-abd05cf68e28
.mookie1.com/	1970-01-20 15:03:50	Name: id Value: 10814057500938271562
.mookie1.com/	1970-01-20 15:03:50	Name: mdata Value: 1\|10814057500938271562\|1661702471547
.mookie1.com/	1970-01-20 15:03:50	Name: ov Value: c965fb5a2356baa1bf5fb48ef97bbb9d
.myvisualiq.net/	1970-01-20 15:11:02	Name: tuuid Value: d26bc06d-41e9-46e8-93e2-e49f24e66fbb
.myvisualiq.net/	1970-01-20 15:11:02	Name: c Value: 1661702471
.myvisualiq.net/	1970-01-20 15:11:02	Name: tuuid_lu Value: 1661702471
.yahoo.com/	1970-01-20 14:21:00	Name: A3 Value: d=AQABBEeRC2MCEH0SvLcBUL3pXZvpW9oT3noFEgEBAQHiDGMVYwAAAAAA_eMAAA&S=AQAAAoWd6bY0Wo-kn0WL8LUmfCg
.adform.net/	1970-01-20 06:19:40	Name: C Value: 1
.analytics.yahoo.com/	1970-01-20 14:20:38	Name: IDSYNC Value: 195g~26ug
.adform.net/	1970-01-20 07:01:26	Name: uid Value: 5342351800892741913
.demdex.net/	1970-01-20 09:54:14	Name: demdex Value: 42861391711458597590802334923768946017
.dpm.demdex.net/	1970-01-20 09:54:14	Name: dpm Value: 42861391711458597590802334923768946017
.spotxchange.com/	1970-01-20 06:15:21	Name: audience Value: a2fe554b-26ea-11ed-a8fb-1a7cb9e30206
.krxd.net/	1970-01-20 09:54:14	Name: _kuid_ Value: PC52E9rA
.mookie1.com/	1970-01-20 05:49:26	Name: syncdata_AMA Value: 1
ads.samba.tv/	1970-01-20 15:05:16	Name: sambapxid Value: fe6857f160abec65
ads.stickyadstv.com/	1970-01-20 06:18:14	Name: UID Value: f28860675314d29e63d9aa9c79353
ads.stickyadstv.com/	1970-01-20 05:55:12	Name: uid-bp-30833 Value: 1
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: b739506214a979798a5de7c697a9a278
.doubleclick.net/	1970-01-20 14:56:38	Name: IDE Value: AHWqTUmGQY5CeOYGNEL9kOaURkWdpZY-nqpxh_3jIeHt8GWPB6uQK-z8L3SzmPNuGwU
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1661702471_1
.serving-sys.com/	1970-01-20 07:44:38	Name: u2 Value: 94b703ea-903a-47a7-bbb4-fbd0a58478204Iw060
.casalemedia.com/	1970-01-20 07:44:38	Name: CMTS Value: 5140
rdcdn.com/	1970-01-20 15:11:02	Name: aid Value: 18772
rdcdn.com/	1970-01-20 15:11:02	Name: ref Value: https://ganhardinheiro-vtxwsp.shop/
rdcdn.com/	1970-01-20 15:11:02	Name: img Value: http://rdcdn.com/rt?aid=18772&e=1&img=1
.ispot.tv/	1970-01-20 15:11:02	Name: pt Value: v2:3be4facefc1e363124c33e9e6e1823079f060e1d7708e976d5fe4f0816f50c73\|a651f097038902484485624440fcfd8118ed6749d0dfefeb2d875105263c5654
.semasio.net/	1970-01-20 14:20:38	Name: SEUNCY Value: DF52663AA54B8204
.ninthdecimal.com/	1970-01-20 09:54:14	Name: ndat Value: LU+c52MLkUgZnnwrGuLDAg==

93 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/bat.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/events.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/custom.js Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://ganhardinheiro-vtxwsp.shop/(Line 508) Message: Error while parsing the 'sandbox' attribute: 'allow-storage-access-by-user-activation' is an invalid sandbox flag.
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/external_forms.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/regenerator-runtime.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/dom-ready.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/f_002.txt Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/282008447331376.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/gtm.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/jquery.json.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/track.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/swap.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/identity.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/52282ad0a5602927f6314764b3261544.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/bathtubs.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/kitchen-homepage-block.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/guildmaster.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/poll.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/hooks.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/lptm.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_financing2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_recent2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/header-phone-icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/gravityforms.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/kitchens.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/bestvalue.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-16-compressed.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/siding-project.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/heartbeat.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/api.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/logo-white-new.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/a11y.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/941788543232640.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/f.txt Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/sticky-phone-icon-blue.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/testimonial-couple.jpeg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_soffit.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-30-1-compressed.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/consumerschoice.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-42.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/nari.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/placeholders.jquery.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/4049230.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/fullthrottlelims.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/wp-polyfill.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/mitchell-ceo-woodbridge-600x770.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/shower-bath-background-block.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/30years.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/jquery.maskedinput.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/lazyload.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/Window-Shutters-600x441.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/logo-dark-new.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/blank.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/homepage-orange-right-arrow.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-28.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_specials2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/logo_img_sep.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/five-star-image.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/a.htm Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/icap.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/fbevents.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_windows.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/line-logo-short.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_servicerequest2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-43.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/white-shower-logo-large-400x109.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/Porch.com-featured-pro-badge.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/analytics.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/New-Project-41.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/anchor.htm Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/goldenhammer.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/i18n.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_siding.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/icon_doors.png Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://ganhardinheiro-vtxwsp.shop/(Line 939) Message: Error while parsing the 'sandbox' attribute: 'allow-storage-access-by-user-activation' is an invalid sandbox flag.
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/logo_img_sep.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/logo-white-new.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/activityi_002.htm Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/activityi.htm Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ganhardinheiro-vtxwsp.shop/1_files/bframe.htm Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://ganhardinheiro-vtxwsp.shop/ Message: The resource https://ganhardinheiro-vtxwsp.shop/# was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ganhardinheiro-vtxwsp.shop/ Message: The resource https://ganhardinheiro-vtxwsp.shop/# was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11643113.fls.doubleclick.net
aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
adservice.google.de
amazon.partners.tremorhub.com
app.livemarketshoppers.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.calltrk.com
cdn.funnelytics.io
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
ftlaunchpad.ai
ganhardinheiro-vtxwsp.shop
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
js.calltrk.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
mwzeom.zeotap.com
odr.mookie1.com
pi.ispot.tv
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
px.surveywall-api.survata.com
rdcdn.com
s.amazon-adsystem.com
sb.scorecardresearch.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tags.bluekai.com
tags.srv.stackadapt.com
token.rubiconproject.com
track-v2.funnelytics.io
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
woodbridgehomesolutions.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
www.woodbridgehomesolutions.com
x.bidswitch.net
px.surveywall-api.survata.com
104.18.18.126
104.18.19.126
104.196.252.36
13.32.121.37
141.226.228.48
142.250.184.194
142.250.186.98
151.101.130.132
172.217.18.6
18.156.0.31
18.198.69.109
18.66.112.77
18.66.122.44
185.64.190.78
185.64.190.80
185.89.211.84
185.94.180.126
188.65.124.66
2.23.154.122
212.82.100.182
2600:1f18:612b:4232:b349:7e6b:417:1a78
2606:4700:10::6816:1957
2606:4700:3037::6815:390f
2620:1ec:c11::200
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
3.122.47.104
3.127.124.165
3.133.237.167
3.20.146.98
3.209.91.249
3.220.159.159
3.73.240.107
3.99.99.158
34.254.11.145
34.98.64.218
34.98.67.61
37.157.2.236
45.79.156.231
52.17.63.11
52.205.197.33
52.222.237.72
52.29.252.234
52.46.151.131
54.237.50.216
54.76.210.146
54.85.225.242
69.173.144.138
69.173.144.165
69.192.160.219
77.243.60.138
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
07f8facf0e83b2c37c1073f9d296249ef7f121cd150b669398d65267aa3c22a0
096d6ace619f7d5241a4fe9ff39db4c25918e0f09de9195178b6bd0c394939df
0f5588c2e7162b6b0c4eefe034878b49aaeb5e94ec04d626ec283781c171a2ca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d
1837accb16f81dfdbda60fb6f041cc2db9eabf493b7145e8509fd447928dcbb5
20b0cb963d56a89ed85110b54add23383f2cb36290ba5e2a29192642f6ef19c6
2aedcfa49020ab8dad94f72adc4575341ccb761bb137dcb1f22a325602db655e
2e8246badd04a14e6adf76815e60a7b08a1427d575627d5da2aaf63ba79911b7
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
31c12d0340af1ee51b66ea917cb42b0743bca6993ea7f4aa37e18a4c6ba944e9
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
421ff7b6d660296443895950bff55ddb81a9eeb3d8c76e8cd067d3757bf249cb
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
484166741c9dcedc3c63335da0c82481645e006febd113910246e074b13b05c4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5749b649df2fab3ee02d4421366d115f87788b4818c591bc54c69fe558eb7f45
5ab6a5b31188380197f40e07ac12b50b21e8a4a2aa0c17ae5d10a3436f815fe1
644b00377d0bb2cb64db722e7d973f5f1e50937aab4375dce5eb195ece4fab39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7062fdd283bed25e80eaba9e3c41f1e5c5af4f9d8f70c7b97ce73767c2f32db4
77e29b18dd5e30fb08d831e860820da0da2ce8a678e41e439b23338cb2ee5238
77fe882633c6aeadd1ba7328baa1a42cb5d37c9a10f02daf80b1a2e9171fb6eb
7e4a3cac272bf56da16237af42d0187acae1d18b2d19e1fcd1f9a7457d53f011
8e6b6f3f53960505909f47d1b621e262db8546a835bed953316e0afcd840a807
9a7472785a1724297f5e77671011c822af6729d5c3fff86e76854d0d4cc9646b
9cbece8c1d47c49a557882822ea4b8377c1f48f285a2fdbaf89a68f91e12609a
9d98a94c67e6e29d48d55ba2f6b415d0646af7f7313b539697eb53b34ab78c4c
9ffa7a7b864558847873c7245a6c7015406c2340d6ce82847de493a76ace63a9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c6c5d76bfa6ceb9f61eab5a6ec2402dc7a81731f1b227c6aa0c019a2996d86
b7bfc3ecf8c3b8057d957295a845c08d850d1b8aeb5aa9d1ad2b3dc796b7285f
b942f73ea524f5d314fd977ffd48e273aeb371f038c3b03e5b875dfdb9df4338
b9667b997dce74c4f66bff1f10f7fbbb449b7bd292f2dc428f917d46395a3f87
bcb5777660059ed215298111746de9322c9891b8597e6cb0ad49b010369372b0
bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23a896b32876c3567623afb3eddd1ba92f0cac371da9b296e4e7aef95ed8801
c67373d7ed9824564f99558f13dbc2ab1f7cfd0b459f0e867984cbf7a04f964a
c781755142865e4f14a9ad23b531f78c4903a3ceea023c8f41ef711300cf2ab7
d40462f2ee7144343c0a03c55e945a247c2648a9a2dcb4d4483131467d8086c9
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e398c800cb5323885a4a2af58eafdf27404df74e0072f33ed964dc6211f6b68b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb8ee093714e25359a4732b12bc2402a60143531c6609f66177bbbb1be9877
ee04f81b24bc61b5d4c30a630f7baaa63d396b2239ac06fc599e50003d38c53e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a631a259c692b267a498a5a8fcb5952e002ba758ad1dcf8e3e7e6080ee2f37
f7436b857493faa8bb9173b7cba25212c1e1fb83545d02681d9389370eca85e2
fac2216de38213c41db6e1476fb3d40205e085a85a8533484eb7793e021ea19c

ganhardinheiro-vtxwsp.shop Open in urlscan Pro 2606:4700:3037::6815:390f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

204 Requests

73 %HTTPS

24 %IPv6

48 Domains

62 Subdomains

34 IPs

11 Countries

967 kBTransfer

3859 kBSize

58 Cookies

0 Outgoing links

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ganhardinheiro-vtxwsp.shop Open in urlscan Pro
2606:4700:3037::6815:390f Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

73 %
HTTPS

24 %
IPv6

48
Domains

62
Subdomains

34
IPs

11
Countries

967 kB
Transfer

3859 kB
Size

58
Cookies

204 HTTP transactions
9 data transactions