shootsta.qwilr.com Open in urlscan Pro
2600:9000:20eb:a800:10:986b:4340:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW4XXTHT1px66YN56dL57NQv_l102?te=W3R5hFj4cm2zw...
Effective URL:
https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Submission: On June 05 via manual (June 5th 2020, 1:16:31 am UTC) from IN

Summary HTTP 60 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 7 countries across 25 domains to perform 60 HTTP transactions. The main IP is 2600:9000:20eb:a800:10:986b:4340:93a1, located in United States and belongs to AMAZON-02, US. The main domain is shootsta.qwilr.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on June 2nd 2020. Valid for: 2 years.

This is the only time shootsta.qwilr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:9c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:20e... 2600:9000:20eb:a800:10:986b:4340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
2	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::622 2a04:4e42:3::622	54113 (FASTLY) (FASTLY)
3	151.101.12.217 151.101.12.217	54113 (FASTLY) (FASTLY)
2	143.204.101.129 143.204.101.129	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.206 143.204.101.206	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.2 143.204.101.2	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.99.83 143.204.99.83	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
11	13.225.87.125 13.225.87.125	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	147.75.100.189 147.75.100.189	54825 (PACKET) (PACKET)
1	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:29b::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.226.153.22 13.226.153.22	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	147.75.33.131 147.75.33.131	54825 (PACKET) (PACKET)
1	147.75.102.203 147.75.102.203	54825 (PACKET) (PACKET)
1	3.216.220.253 3.216.220.253	14618 (AMAZON-AES) (AMAZON-AES)
1	52.63.16.97 52.63.16.97	16509 (AMAZON-02) (AMAZON-02)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
5	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
60	29

1 2606:4700::6812:9c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen80.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eventtracking.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20eb:a800:10:986b:4340:93a1 (United States)

ASN16509 (AMAZON-02, US)

shootsta.qwilr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::622 (Ascension Island)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.101.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-129.fra50.r.cloudfront.net

d219lb0su8m9bb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.206 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-206.fra50.r.cloudfront.net

d2q7nwt0fhbb30.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-2.fra50.r.cloudfront.net

d2cankni8sodj9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.99.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.225.87.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-125.fra2.r.cloudfront.net

analytics.hx-qwilr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.100.189 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:29b::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.153.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-22.dus51.r.cloudfront.net

scripts.kissmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.220.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-220-253.compute-1.amazonaws.com

trc.kissmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.63.16.97 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-16-97.ap-southeast-2.compute.amazonaws.com

api.qwilr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	hx-qwilr.com analytics.hx-qwilr.com	7 KB
5	nr-data.net bam.nr-data.net	1000 B
5	qwilr.com shootsta.qwilr.com api.qwilr.com	515 KB
4	cloudfront.net d219lb0su8m9bb.cloudfront.net d2q7nwt0fhbb30.cloudfront.net d2cankni8sodj9.cloudfront.net	7 MB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
3	gstatic.com fonts.gstatic.com	24 KB
3	vimeo.com player.vimeo.com
2	kissmetrics.com scripts.kissmetrics.com trc.kissmetrics.com	12 KB
2	facebook.net connect.facebook.net	161 KB
2	google.de www.google.de	260 B
2	google.com www.google.com	271 B
2	doubleclick.net googleads.g.doubleclick.net	3 KB
2	googleadservices.com www.googleadservices.com	22 KB
2	stripe.com js.stripe.com	43 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	newrelic.com js-agent.newrelic.com	13 KB
1	hotjar.io vc.hotjar.io	116 B
1	googletagmanager.com www.googletagmanager.com	28 KB
1	licdn.com snap.licdn.com	2 KB
1	google-analytics.com www.google-analytics.com	18 KB
1	segment.com cdn.segment.com	78 KB
1	wistia.net fast.wistia.net	118 KB
1	hubspot.com 1 redirects eventtracking.hubspot.com	678 B
1	sidekickopen80.com 1 redirects t.sidekickopen80.com	569 B
60	25

	Domain	Requested by
11	analytics.hx-qwilr.com	shootsta.qwilr.com
5	bam.nr-data.net	shootsta.qwilr.com
4	shootsta.qwilr.com	shootsta.qwilr.com
3	fonts.gstatic.com	shootsta.qwilr.com
3	player.vimeo.com	shootsta.qwilr.com
2	px.ads.linkedin.com	1 redirects shootsta.qwilr.com
2	connect.facebook.net	shootsta.qwilr.com
2	www.google.de	shootsta.qwilr.com
2	www.google.com	shootsta.qwilr.com
2	googleads.g.doubleclick.net	shootsta.qwilr.com
2	d219lb0su8m9bb.cloudfront.net	shootsta.qwilr.com
2	www.googleadservices.com	shootsta.qwilr.com
2	js.stripe.com	shootsta.qwilr.com
2	fonts.googleapis.com	shootsta.qwilr.com
1	js-agent.newrelic.com	shootsta.qwilr.com
1	api.qwilr.com	shootsta.qwilr.com
1	trc.kissmetrics.com	scripts.kissmetrics.com
1	vc.hotjar.io	shootsta.qwilr.com
1	vars.hotjar.com	shootsta.qwilr.com
1	script.hotjar.com	shootsta.qwilr.com
1	www.linkedin.com	1 redirects
1	www.googletagmanager.com	shootsta.qwilr.com
1	scripts.kissmetrics.com	shootsta.qwilr.com
1	snap.licdn.com	shootsta.qwilr.com
1	www.google-analytics.com	shootsta.qwilr.com
1	static.hotjar.com	shootsta.qwilr.com
1	cdn.segment.com	shootsta.qwilr.com
1	d2cankni8sodj9.cloudfront.net	shootsta.qwilr.com
1	d2q7nwt0fhbb30.cloudfront.net	shootsta.qwilr.com
1	fast.wistia.net	shootsta.qwilr.com
1	eventtracking.hubspot.com	1 redirects
1	t.sidekickopen80.com	1 redirects
60	32

This site contains links to these domains. Also see Links.

Domain
shootsta.com

Subject Issuer	Validity	Valid
*.qwilr.com GeoTrust RSA CA 2018	`2020-06-02` - `2022-06-02`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-05-14` - `2020-10-07`	5 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-29` - `2021-05-07`	a year	crt.sh
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-23` - `2021-04-24`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2019-06-24` - `2020-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
analytics.hx-qwilr.com Amazon	`2020-02-21` - `2021-03-21`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.kissmetrics.com RapidSSL RSA CA 2018	`2019-06-25` - `2020-06-24`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
vc.hotjar.io Let's Encrypt Authority X3	`2020-05-15` - `2020-08-13`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Frame ID: F3A06FA1256360EC98A19B34EA71618F
Requests: 57 HTTP requests in this frame

Frame: https://player.vimeo.com/video/376284479
Frame ID: 5AE36E51812A14479985BD21ECC5761F
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/402027977
Frame ID: 6D71F136BE96458CD2F7D44B2CA03900
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/229955478
Frame ID: 19969898271700B0DAE2E2D60BD2481F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 7DC2454805DC41DDEC7CE7157C559931
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Frame ID: 813956E2C0F279753CF0CEB012A599F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW4XXTHT1px66YN56dL57NQv_l... HTTP 301
https://eventtracking.hubspot.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW4XXTHT1px66YN56dL57NQv_l... HTTP 307
https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

60
Requests

97 %
HTTPS

48 %
IPv6

25
Domains

32
Subdomains

29
IPs

7
Countries

7788 kB
Transfer

11947 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://shootsta.com/learn/
Title: https://shootsta.com/learn/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW4XXTHT1px66YN56dL57NQv_l102?te=W3R5hFj4cm2zwW4cKj234fNrbDW1JFmgN3Z-xyJW43T4Nz3R0KjpW3_SNZ53zb1CtW3T3jr443W8-XW43XqpC3gxkDMF3DSHfwqdpz1&si=8000000001397421&pi=08b26d03385a956961cd1e41f0c839fa HTTP 301
https://eventtracking.hubspot.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW4XXTHT1px66YN56dL57NQv_l102?te=W3R5hFj4cm2zwW4cKj234fNrbDW1JFmgN3Z-xyJW43T4Nz3R0KjpW3_SNZ53zb1CtW3T3jr443W8-XW43XqpC3gxkDMF3DSHfwqdpz1&si=8000000001397421&pi=08b26d03385a956961cd1e41f0c839fa HTTP 307
https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&time=1591319757822 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D76193%26url%3Dhttps%253A%252F%252Fshootsta.qwilr.com%252FThis-message-is-for-you-nYwjbcBEQLi5%26time%3D1591319757822%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&time=1591319757822&liSync=true

60 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request This-message-is-for-you-nYwjbcBEQLi5 Show response
shootsta.qwilr.com/
Redirect Chain

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW4XXTHT1px66YN56dL57NQv_l102?te=W3R5hFj4cm2zwW4cKj234fNrbDW1JFmgN3Z-xyJW43T4Nz3R0KjpW3_SNZ53zb1CtW3T3jr443W8-XW43XqpC...
https://eventtracking.hubspot.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW4XXTHT1px66YN56dL57NQv_l102?te=W3R5hFj4cm2zwW4cKj234fNrbDW1JFmgN3Z-xyJW43T4Nz3R0KjpW3_SNZ53zb1CtW3T3jr443W8-XW4...
https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

210 KB
26 KB

1869ms
1814ms

Document
text/html

2600:9000:20eb:a800:10:986b:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:a800:10:986b:4340:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / cloud66

Resource Hash

09b19c685414462cd3a2b17cd27182be2724c4dd51349dcfee32cb85a67aa0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: shootsta.qwilr.com
:scheme: https
:path: /This-message-is-for-you-nYwjbcBEQLi5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
date: Fri, 05 Jun 2020 01:15:55 GMT
server: nginx
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
x-powered-by: cloud66
content-encoding: gzip
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: otTHW6MXzcW5Z3xYixlZyZ8T433CyZMss39zJDUAiGjxoUsKppgIPg==

Redirect headers

status: 307
date: Fri, 05 Jun 2020 01:15:54 GMT
set-cookie: __cfduid=de5f8151b3373ad360995bb8a65a727971591319754; expires=Sun, 05-Jul-20 01:15:54 GMT; path=/; domain=.hubspot.com; HttpOnly; SameSite=Lax _hetc=a8813ddc-4ace-46aa-a4f8-c2463d547849|1591319754347|ACOD57cwLQIVAITUeGKdVHXQmqoUowkQrO/6m5t5AhQ0hF/bNekpRFsEWw+jq2lA6owmRg==;Version=1;Comment=;Domain=eventtracking.hubspot.com;Path=/;Max-Age=31536000
x-robots-tag: none
link: <https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5>; rel="canonical"
location: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
referrer-policy: no-referrer
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-request-id: 0323a58de4000096d481387200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 59e60b8fd91a96d4-FRA

GET
H2 200 css
fonts.googleapis.com/ 384 B
399 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Damion

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7e4a69a70550cd9cf342ca971992b47545e7290f045befd4adbd23f0f353473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 23:56:29 GMT
server: ESF
date: Fri, 05 Jun 2020 01:15:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jun 2020 01:15:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
686 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,700,400italic&subset=latin,latin-ext

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fdebcbc60c2d255d1553d90d481787d83f3b68f9f173c6fc9314988321eb6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Jun 2020 01:15:56 GMT
server: ESF
date: Fri, 05 Jun 2020 01:15:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jun 2020 01:15:56 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 166 KB
43 KB 99ms
22ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

397d997216eebd06ca11eeb3c5de92128f1303a76fef035037b00a3a7465e230

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:56 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 255
via: 1.1 varnish
x-cache: HIT
status: 200
content-length: 43508
x-amz-id-2: IF8QGv7ZKsTvSzvHKhIK03c/S1z+NzD4zRDt9Ti1se0ZfMFvnieKwyHnEO35mI/4DUJqije98KI=
x-served-by: cache-fra19157-FRA
timing-allow-origin: *
last-modified: Wed, 03 Jun 2020 20:51:16 GMT
server: AmazonS3
etag: "d1360031d6604028160486821c72cae7"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 916E00B7F5500C5B
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 38

GET
H2 200 vendors-IdentityProtected-PDFLoader-Public-51fc734e9041221fac82.js Show response
shootsta.qwilr.com/Public/Assets/ 513 KB
135 KB 27ms
8ms Script
application/javascript 2600:9000:20eb:a800:10:986b:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shootsta.qwilr.com/Public/Assets/vendors-IdentityProtected-PDFLoader-Public-51fc734e9041221fac82.js
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:a800:10:986b:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df99e955387c31384d8891927137064d2372af571ec3615844abe7021d8e6c12

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 02:34:16 GMT
content-encoding: br
last-modified: Wed, 27 May 2020 01:26:46 GMT
server: AmazonS3
age: 772901
etag: "e1a1b64c6036aac3ca1ae6d5eeaad6d9"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 137942
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-id: zD2I_ocDMtbYIUJuLUcveTmwoz0iIlywUD2U6KOopZn3McTT6YgJfQ==

GET
H2 200 vendors-IdentityProtected-Public-cacc622e997b20dc0988.js Show response
shootsta.qwilr.com/Public/Assets/ 383 KB
89 KB 43ms
24ms Script
application/javascript 2600:9000:20eb:a800:10:986b:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shootsta.qwilr.com/Public/Assets/vendors-IdentityProtected-Public-cacc622e997b20dc0988.js
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:a800:10:986b:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1bf1a249653fb233fdfd115719d8a15718007d83e2cdf2cc6a70db7d0d45b8e

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 02:34:16 GMT
content-encoding: br
last-modified: Wed, 27 May 2020 01:26:48 GMT
server: AmazonS3
age: 772901
etag: "5a78416b2e4e9d104f411241a761b0da"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 90721
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-id: DEULGZRwTD_fx9nulph2kCnTjXbifVFXcLIfmjOcg7MxgE_Aye6WKQ==

GET
H2 200 app-Public-d1ebef62829980445b89.js Show response
shootsta.qwilr.com/Public/Assets/ 2 MB
265 KB 29ms
26ms Script
application/javascript 2600:9000:20eb:a800:10:986b:4340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shootsta.qwilr.com/Public/Assets/app-Public-d1ebef62829980445b89.js
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:a800:10:986b:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5988287c3845bb6727ad34c4dc5ad0073d0aa3e3ac3939888f741c20680d1851

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 04:20:15 GMT
content-encoding: br
last-modified: Thu, 04 Jun 2020 04:16:29 GMT
server: AmazonS3
age: 75342
etag: "e6cae4534ba4fb46e8affe3658c33ce0"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 270371
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-id: M2cqWpEFLm1e5IPL6y1RRwKDOzYcyGC7aTXy3n6uOqkv1CRojKXcpg==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 28 KB
11 KB 88ms
32ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef89e475db06ca770de3a2114cb6849bde3e638b2f1399bc4caac2e3a3374106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 10805
x-xss-protection: 0
server: cafe
etag: 3989703406758892135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Jun 2020 01:15:56 GMT

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ 654 KB
118 KB 26ms
7ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::622 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5d3ade33224db1cdd406b831d0b2dc226491dbc46e5b0988fd1e2b4dfaf7fd1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:56 GMT
content-encoding: br
vary: Accept-Encoding
age: 3233
x-cache: HIT, HIT
status: 200
content-length: 120927
x-served-by: cache-sea4430-SEA, cache-fra19147-FRA
access-control-allow-origin: *
x-browser-version: 83
last-modified: Thu, 04 Jun 2020 20:39:18 GMT
x-timer: S1591319756.396517,VS0,VE0
etag: "5ed95bf6-1d85f"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 16

GET
H/1.1 200
OK 376284479
player.vimeo.com/video/ Frame 5AE3 0
0 221ms
175ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/376284479

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Response headers

Connection: keep-alive
Content-Length: 5273
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 05 Jun 2020 01:25:56 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-a-3
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Fri, 05 Jun 2020 01:15:56 GMT
Age: 0
X-Served-By: cache-fra19157-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1591319757.571776,VS0,VE151
Vary: Accept-Encoding

GET
H/1.1 200
OK 402027977
player.vimeo.com/video/ Frame 6D71 0
0 211ms
165ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/402027977

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Response headers

Connection: keep-alive
Content-Length: 5266
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 05 Jun 2020 01:25:56 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 0
X-VServer: infra-playproxy-a-7
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Fri, 05 Jun 2020 01:15:56 GMT
Age: 0
X-Served-By: cache-fra19164-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1591319757.572844,VS0,VE144
Vary: Accept-Encoding

GET
H/1.1 200
OK 229955478
player.vimeo.com/video/ Frame 1996 0
0 162ms
117ms Document
text/html 151.101.12.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/229955478

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Response headers

Connection: keep-alive
Content-Length: 9473
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Fri, 05 Jun 2020 01:25:19 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-1
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Fri, 05 Jun 2020 01:15:56 GMT
Age: 0
X-Served-By: cache-fra19167-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1591319757.572247,VS0,VE96
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Big-City-Life.jpg
d219lb0su8m9bb.cloudfront.net/ 251 KB
252 KB 1332ms
1230ms Image
image/jpeg 143.204.101.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d219lb0su8m9bb.cloudfront.net/Big-City-Life.jpg
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-129.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8448fd5d0229e8fc74f9d340538965d5e254ba97c5664767372f0e35df2d6a61

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Jun 2020 01:15:58 GMT
Via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
Last-Modified: Fri, 04 Mar 2016 05:48:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "9231d1faaf103b5db0f5ba9e12888ec0"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 257297
X-Amz-Cf-Id: 7ZupabdKCzffiQfeo0pFqn63IGH-TYtSc2sOP3ugIN0Lh1wXpFPTPA==

GET
H/1.1 200
OK photo-1418065460487-3e41a6c84dc5.jpg
d2q7nwt0fhbb30.cloudfront.net/large/ 2 MB
2 MB 1324ms
1212ms Image
image/jpeg 143.204.101.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2q7nwt0fhbb30.cloudfront.net/large/photo-1418065460487-3e41a6c84dc5.jpg
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.206 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-206.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08d88bec3e00bb7a7d8c813d989022a80ef7d2f052c2cbb82624cc689ae47e61

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Jun 2020 01:15:58 GMT
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Last-Modified: Fri, 04 Mar 2016 03:39:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "1d1a515281b9b8f467688c0079ae3b1e"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1896464
X-Amz-Cf-Id: L0qv1RHEf920q5Hon57JF3ftjvaRkgCqMffXzSgEhYGVzDAnhQQ4KQ==

GET
H/1.1 200
OK U9K1xwCzThAwkBgPxlfJQC7LeLPf8R-pCa6Osg.png
d2cankni8sodj9.cloudfront.net/ 362 KB
363 KB 1346ms
1240ms Image
application/octet-stream 143.204.101.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cankni8sodj9.cloudfront.net/U9K1xwCzThAwkBgPxlfJQC7LeLPf8R-pCa6Osg.png
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 832eb37d7ebaa38e9ea03224c122e242a4c6123d658a37d6efdef7dc26aeb159

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Jun 2020 01:15:58 GMT
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Last-Modified: Thu, 05 Sep 2019 03:25:04 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "b374751180e3e905ea4d5568e2b6cfdc"
X-Cache: Miss from cloudfront
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 371150
X-Amz-Cf-Id: 09RhVhvDI6MraozSuDgbCHbLRLmHbGYMjGRUrfVr3bXAuIz7Q7OGXA==

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:300,400,700,400italic&subset=latin,latin-ext
Origin: https://shootsta.qwilr.com

Response headers

date: Fri, 22 May 2020 18:25:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:10 GMT
server: sffe
age: 1147830
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
expires: Sat, 22 May 2021 18:25:26 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:300,400,700,400italic&subset=latin,latin-ext
Origin: https://shootsta.qwilr.com

Response headers

date: Tue, 19 May 2020 04:07:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 1458491
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7968
x-xss-protection: 0
expires: Wed, 19 May 2021 04:07:45 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins:300,400,700,400italic&subset=latin,latin-ext
Origin: https://shootsta.qwilr.com

Response headers

date: Sat, 16 May 2020 07:38:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:29 GMT
server: sffe
age: 1705046
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
expires: Sun, 16 May 2021 07:38:30 GMT

GET
H/1.1 206
Partial Content Big-City-Life.mp4
d219lb0su8m9bb.cloudfront.net/ 4 MB
4 MB 1234ms
1170ms Media
video/mp4 143.204.101.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d219lb0su8m9bb.cloudfront.net/Big-City-Life.mp4
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-129.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76acb66fb11b9630c03f7ceefac7249ea59d2c677fef7506d4b4e11520a1c7b4

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 05 Jun 2020 01:15:58 GMT
Via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
Last-Modified: Fri, 04 Mar 2016 05:48:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "f6766ece32d9e1a3213990f06911afd2"
X-Cache: Miss from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-4301863/4301864
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4301864
X-Amz-Cf-Id: 7aLx7ak0mONfDFCZ-AAtn9pJxsxKSFHKDH7hDQjckflYnLKlDC_l2A==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/ 397 KB
78 KB 897ms
848ms Script
text/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/duH9aykmlpeNUBxugWt3Lfmb1guEdGrn/analytics.min.js
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.99.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b646bf5c9c7cdc09338770b21cca5a006c78569b8be83ab4e370bcc9697c250a

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-length: 79146
access-control-allow-origin: *
last-modified: Fri, 29 May 2020 18:05:33 GMT
server: AmazonS3
etag: "b689bf3dfb3614d1152b7936169e430f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: bY3.Xeqx2Qt19yoltpZftC.OjuX043WA
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
cache-control: public, max-age=300
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
x-amz-cf-id: OFJ7mEyepytUawzir8Qe-5ZjBvhZcDYLwNfXxUHymJzqN219Fmh9FA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/ 2 KB
2 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/?random=1591319756665&cv=9&fst=1591319756665&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&tiba=This%20message%20is%20for%20you!&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

473ea6bcc4e6d6f3036ab9fef643187dcdecdbb29549ba6df1924facc288e1f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jun 2020 01:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
607 B 1136ms
1134ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: 9f8eaf83fc7a3950631a72c03d3dfded08a4d9321aefc93fae089c37a59ba106

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:15:58 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: f7d4a4e5-95a9-4f7a-a528-fdcedeadcba4
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99cce-888731cf6c3e05c4ae127d46;Sampled=0
x-amz-apigw-id: NoVwSFJBywMFhzQ=
content-length: 240
x-amz-cf-id: tXcjFeqOh3XmOI-OaHXF8L0A_A5Rwx5PywNfYH0m3akRW9NUMQXl_A==

GET
H2 200 /
www.google.com/pagead/1p-user-list/957165257/ 42 B
164 B 57ms
56ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957165257/?random=1591319756665&cv=9&fst=1591318800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&tiba=This%20message%20is%20for%20you!&fmt=3&is_vtc=1&random=1431535826&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jun 2020 01:15:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957165257/ 42 B
153 B 57ms
57ms Image
image/gif 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957165257/?random=1591319756665&cv=9&fst=1591318800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&tiba=This%20message%20is%20for%20you!&fmt=3&is_vtc=1&random=1431535826&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jun 2020 01:15:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-218686.js Show response
static.hotjar.com/c/ 3 KB
2 KB 77ms
34ms Script
application/javascript 147.75.100.189
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-218686.js?sv=6

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.100.189 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress1

Software

Resource Hash

c081caed0b0bacf926d2a2439ef1c8a4c9290dd12ef83286d68569129db1e063

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
section-io-tag: hotjarjs
age: 0
status: 200
section-io-cache: Miss
vary: Accept-Encoding
content-length: 1595
cache-control: max-age=60
etag: W/47e2a9c5fa86a1c6c3ea6fc3bd75a1e2
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.017
section-io-id: 5b7855cf96453e79a09f0163f60b4cf9
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
11 KB 36ms
35ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

cd34ee8ae406b1662e7ef53583b899f9ccc52d0920127c4716c6944a68916cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 10884
x-xss-protection: 0
server: cafe
etag: 10406653800972162523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Jun 2020 01:15:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1178
date: Fri, 05 Jun 2020 00:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 05 Jun 2020 02:56:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 19ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: ndFjEEyQC8iLAvyEK38OA25pvB1U5DrSIhDWHmnm3fBwhs+ndbDSU5KFj9qcL/VTbr5M8P2mOzxHdSdian6fvA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 05 Jun 2020 01:15:57 GMT, Fri, 05 Jun 2020 01:15:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:6c00:29b::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:29b::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Jun 2020 01:15:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=67807
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H/1.1 200
OK bb86df12b7c4bc535cf1d0ab770808ba6e380ac9.2.js Show response
scripts.kissmetrics.com/ 25 KB
12 KB 418ms
322ms Script
application/x-javascript 13.226.153.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.kissmetrics.com/bb86df12b7c4bc535cf1d0ab770808ba6e380ac9.2.js
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.153.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-22.dus51.r.cloudfront.net
Software: nginx/1.6.2 /
Resource Hash: c09fb5bc9bfb0e33227ef6fbba5704286d51f606d6552b5167a7d93e47593a34

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Jun 2020 01:14:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Nov 2017 02:51:42 GMT
Server: nginx/1.6.2
X-Amz-Cf-Pop: DUS51-C1
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
P3P: CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
Cache-Control: max-age=60
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
X-Amz-Cf-Id: Czo3_eiPbxFCm369okde7gvkIgdoJbcx5HZCEgyex4VgmOi8TrwY9Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 74 KB
28 KB 51ms
21ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MLQKJ7&l=dataLayer

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc2070f552b6f684122f9fde881c94bb57e653f9b1f5333578d507a52a6d5ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:57 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28277
x-xss-protection: 0
last-modified: Fri, 05 Jun 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jun 2020 01:15:57 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&time=1591319757822
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D76193%26url%3Dhttps%253A%252F%252Fshootsta.qwilr.com%252FThis-message-is-for-you-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&time=1591319757822&liSync=true

0
66 B

166ms
166ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&time=1591319757822&liSync=true
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:58 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: 2hF2j+OAFRYQ88xm1SoAAA==

Redirect headers

strict-transport-security: max-age=2592000
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: 5rL+h+OAFRbQcgkzkSsAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 4A7F905CD75C45189CDB0768285D154D Ref B: FRAEDGE0818 Ref C: 2020-06-05T01:15:57Z
date: Fri, 05 Jun 2020 01:15:57 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76193&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&time=1591319757822&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1511546975772062 Show response
connect.facebook.net/signals/config/ 518 KB
130 KB 100ms
100ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1511546975772062?v=2.9.18&r=stable

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1334926116b049e96d4e0ad25ce1f4c8433b6501945fed0191b485cafa4d43dc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6u+/6aJ6HBNNqtfq+bGdtTGbgs5NCWivVSkXvsfoeYUYIBEx/JksQDodizEbf6JWZUX0Mr5NKtUxk57e0BCOBA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 05 Jun 2020 01:15:57 GMT, Fri, 05 Jun 2020 01:15:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/ 2 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957165257/?random=1591319757908&cv=9&fst=1591319757908&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&tiba=This%20message%20is%20for%20you!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72b44fcf992fc657a8bfe1110571325a7a824c742f33631939ee6339d7375734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jun 2020 01:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1023
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.c618ee7dde3b49023442.js Show response
script.hotjar.com/ 369 KB
70 KB 51ms
17ms Script
application/javascript 147.75.100.189
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.c618ee7dde3b49023442.js
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.189 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress1
Software: /
Resource Hash: 33367bba4a5dc9b2654baae1da2442ce081f383578c475dccce533446f8286f6

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:57 GMT
content-encoding: br
age: 28158
status: 200
section-io-cache: Hit
content-length: 71542
last-modified: Thu, 04 Jun 2020 17:23:29 GMT
etag: "a4b4a9718154528979eaf019b61f30e6"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.093
section-io-id: 1927459ac9d732ecd749e21eb4667b30
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 /
www.google.com/pagead/1p-user-list/957165257/ 42 B
107 B 39ms
37ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957165257/?random=1591319757908&cv=9&fst=1591318800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&frm=0&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&tiba=This%20message%20is%20for%20you!&async=1&fmt=3&is_vtc=1&random=429551946&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jun 2020 01:15:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957165257/ 42 B
107 B 23ms
22ms Image
image/gif 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957165257/?random=1591319757908&cv=9&fst=1591318800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&frm=0&url=https%3A%2F%2Fshootsta.qwilr.com%2FThis-message-is-for-you-nYwjbcBEQLi5&tiba=This%20message%20is%20for%20you!&async=1&fmt=3&is_vtc=1&random=429551946&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jun 2020 01:15:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 7DC2 0
0 54ms
17ms Document
text/html 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress9
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Response headers

status: 200
date: Fri, 05 Jun 2020 01:15:58 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 03 Jun 2020 11:24:24 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.057
section-origin-responded: true
age: 77758
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 3d71e674259ca835813e5f29e8fd22ba

POST
H2 204 218686 Show response
vc.hotjar.io/sessions/ 0
116 B 85ms
49ms XHR
text/plain 147.75.102.203
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/218686?s=0.25
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 05 Jun 2020 01:15:58 GMT
access-control-allow-origin: *
section-io-id: d110b976a9fdc4d5e0bcd75399ce718b
section-origin-responded: true

POST
H/1.1 200
OK e
trc.kissmetrics.com/ 43 B
376 B 414ms
102ms Other
image/gif 3.216.220.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.kissmetrics.com/e
Requested by: Host: scripts.kissmetrics.com
URL: https://scripts.kissmetrics.com/bb86df12b7c4bc535cf1d0ab770808ba6e380ac9.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.220.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-220-253.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 Jun 2020 01:15:58 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 05 Jun 2020 01:15:57 GMT

GET
H2 200 nYwjbcBEQLi5 Show response
api.qwilr.com/web-api/count-visit/ 2 B
324 B 1630ms
958ms XHR
text/plain 52.63.16.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.qwilr.com/web-api/count-visit/nYwjbcBEQLi5?visitToken=&userId=XBifZe+rKjD9bUtpzfPekq/4KyU=

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.63.16.97 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-63-16-97.ap-southeast-2.compute.amazonaws.com

Software

nginx / cloud66

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:59 GMT
x-content-type-options: nosniff
server: nginx
status: 200
x-powered-by: cloud66
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://shootsta.qwilr.com
access-control-allow-credentials: true
x-dns-prefetch-control: off
vary: Origin
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 nr-spa-1071.min.js Show response
js-agent.newrelic.com/ 32 KB
13 KB 20ms
20ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1071.min.js
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0f3a0b6bb569a4c29d1bf5e034f9ec975d04b45edfd66ebff73ed5cf4a22447

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 01:15:59 GMT
content-encoding: gzip
x-amz-request-id: E441B0BD67C0BCF3
x-cache: HIT
status: 200
content-length: 12624
x-amz-id-2: v+KEyl7ZA7RkR18wrimV4kg4yslZl1OBLaXdhr6ZOENVrZVT/DrTKKvBtgsrq1XjGankQP6zhk0=
x-served-by: cache-hhn4024-HHN
last-modified: Wed, 28 Feb 2018 23:35:17 GMT
server: AmazonS3
x-timer: S1591319760.654254,VS0,VE0
etag: "c4be07d99198e723860aeee65fd397cf"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 160

GET
H2 200 m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
js.stripe.com/v3/ Frame 8139 0
0 243ms
242ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html

Requested by

Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5

Response headers

status: 200
x-amz-id-2: NC1RPX+LSbFlZjx6vHg4jmu1wUzgp+QgUKKvlDDaTMgumTnCIqy3IxNjwtwEz6HZalfIwTYsrBY=
x-amz-request-id: 538B036455D2AC34
last-modified: Fri, 28 Feb 2020 23:42:06 GMT
etag: "a0f6c1465b8d9aab778cf2913d1d3c86"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 05 Jun 2020 01:15:59 GMT
via: 1.1 varnish
age: 272
x-served-by: cache-fra19157-FRA
x-cache: HIT
x-cache-hits: 44
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 203

GET
H/1.1 200
OK a67936c515 Show response
bam.nr-data.net/1/ 57 B
275 B 115ms
114ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/a67936c515?a=77322204&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=6042&ref=https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5&be=2607&fe=6006&dc=3036&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1591319753638,%22n%22:0,%22f%22:716,%22dn%22:717,%22dne%22:754,%22c%22:754,%22s%22:759,%22ce%22:772,%22rq%22:772,%22rp%22:2586,%22rpe%22:2589,%22dl%22:2591,%22di%22:3036,%22ds%22:3036,%22de%22:3158,%22dc%22:6005,%22l%22:6006,%22le%22:6008%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST
H/1.1 200
OK a67936c515 Show response
bam.nr-data.net/resources/1/ 36 B
218 B 126ms
126ms XHR
text/plain 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/a67936c515?a=77322204&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=6161&ref=https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5&st=1591319753638
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: e247a2a47263e45bc51a706c68076ee75695e26c590119d8f29e2a293d165baa

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://shootsta.qwilr.com
Access-Control-Allow-Credentials: true
Content-Length: 36
Content-Type: text/plain; charset=ISO-8859-1

POST
H/1.1 200
OK a67936c515 Show response
bam.nr-data.net/events/1/ 24 B
185 B 114ms
114ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/a67936c515?a=77322204&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=7187&ref=https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://shootsta.qwilr.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
604 B 1004ms
1004ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: 86c02de607340a58c139dd372349ccf26be182f4bc64d43f7597c3070c232e95

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:16:03 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: f4e88369-e1ee-4bae-925d-35e2268ca000
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99cd3-b745d0bab601e014dde4220a;Sampled=0
x-amz-apigw-id: NoVxAHAmywMFcUQ=
content-length: 240
x-amz-cf-id: _HU6XKhUynBZ16CGLdmL6C913Uw8ybXQ6qY4Xec4jcKaara8m0ovGg==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
606 B 978ms
978ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: 57637229296d4cf72d2b6876518a02d5a6ea8e7a61797bef99ec60422a803408

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:16:02 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: c7c5870f-bf41-4cef-80d7-dd1af8669590
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99cd2-8bcdb780b2d5dd80c1061c80;Sampled=0
x-amz-apigw-id: NoVw8FzLSwMFYNA=
content-length: 240
x-amz-cf-id: r1cw112V9xJHXs0APBYw6bqFU8qARK7UnszNFaFxwC6Kl89ITXO9TA==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
604 B 994ms
994ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: 51b463c1f30aed34b9030241512c34e36931b9a0a1a2e97f9c218551e54a9af3

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:16:08 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: f3cc2087-0513-4fee-8947-c8b80a3cc88c
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99cd8-dd6b96c801ccbf98f3caebea;Sampled=0
x-amz-apigw-id: NoVxyH2WywMFwOQ=
content-length: 240
x-amz-cf-id: q3h2D-ccUM6so3VE5V4_5PsaSl9ATw8c1AFIbyrDpYNaAvJ32fG0AA==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
607 B 1257ms
1257ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: 45ecc49faf85ae37a61e1474de57e1bff33d3d3f6753feec809bdd5a7267c9c1

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:16:08 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: b282faf4-7a2a-4db0-aa4b-b8234c75bb7e
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99cd8-0db69ebca1edcd7cbe273368;Sampled=0
x-amz-apigw-id: NoVx2EVJSwMFW4g=
content-length: 240
x-amz-cf-id: 2xyiK6Sa2nZSRPLd-0uT9ZIXQFMqmzxB_vmzqNXBnqL4Hf2ZSnrTJA==

POST
H/1.1 200
OK a67936c515 Show response
bam.nr-data.net/resources/1/ 0
161 B 452ms
452ms XHR
text/plain 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/a67936c515?a=77322204&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=16165&ref=https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5&st=1591319753638&ptid=ea3d95fb-001f-b5d3-9a65-0172820c8bf9
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://shootsta.qwilr.com
Access-Control-Allow-Credentials: true
Content-Length: 0
Content-Type: text/plain

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
607 B 1285ms
1278ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: d1c91524a74a7a2bd157c69338196318faf2a26be2046b8c0a90670430ca0d8d

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:16:13 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 9bbae75c-5157-4d00-bfb0-4d1b390fd039
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99cdd-5ff0323c2b743498e5cabbea;Sampled=0
x-amz-apigw-id: NoVylHSJSwMF3Yw=
content-length: 240
x-amz-cf-id: OXtqxYjqGAmDa3145eI-pAmHq_fRNEIQu6uNjlpzQQWRL3hjUn9EOA==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
604 B 977ms
976ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: ca2d905b0e41652cff79ec960109e41736ee9ed14ec4ea32d476710a6672f28b

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:16:13 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: d2082377-90aa-4100-bbd3-50dc45d76bbf
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99cdd-7e2366ac0752c50620a033d6;Sampled=0
x-amz-apigw-id: NoVykF6LywMF-Aw=
content-length: 240
x-amz-cf-id: srvcc334yyznbh-aWtx1aplovW9uANBE_r2Cc0xnm_8gSpQi3sxgaw==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
606 B 1021ms
1021ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: 49186bfff42358386a3130c738279794b5748c2863ef56a26ae156f360287f8e

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:16:17 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 7a20cba5-ed52-451b-916c-0792b362af4e
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99ce1-b337b3aa2e8f4c712432b749;Sampled=0
x-amz-apigw-id: NoVzPEC0SwMFQRg=
content-length: 240
x-amz-cf-id: Gm4M4nn2XkMgf3H5SXUGUvvGVgPGa-NxwNcP-n1rNqiyH0nlo2MZ0Q==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
604 B 980ms
980ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: 4aba8379fdabd79e4d835be3a7259276669870464e06beafdcb15d234a2a31a2

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:16:18 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 535abc22-ff2a-4c4f-a03c-8e804dacf9a0
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99ce2-e705b910dc7a7c60f27b7180;Sampled=0
x-amz-apigw-id: NoVzVHfoSwMFufQ=
content-length: 240
x-amz-cf-id: 4n4s62tfqYI5roFIDp_Egyk8P3Wyvc677DtDzKkkJ8VyJs78Lv81qg==

POST
H/1.1 200
OK a67936c515 Show response
bam.nr-data.net/resources/1/ 0
161 B 155ms
154ms XHR
text/plain 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/a67936c515?a=77322204&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=26173&ref=https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5&st=1591319753638&ptid=ea3d95fb-001f-b5d3-9a65-0172820c8bf9
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://shootsta.qwilr.com
Access-Control-Allow-Credentials: true
Content-Length: 0
Content-Type: text/plain

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
608 B 566ms
565ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: 53746fe88d046e14bc2e0953162421cac884a15ee12142e68fb201c9babb1104

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:16:22 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 6dfcd6ec-3093-4127-b35a-d0217d75c2c4
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99ce5-018651fd59b5885e1aea2795;Sampled=0
x-amz-apigw-id: NoVz7GixywMFYNA=
content-length: 240
x-amz-cf-id: YG5Jw7jWPWXSXJVx5LcmIKp5D9W7lANSr9tUYAqKFKNZ1EVtONngJQ==

POST
H2 200 events Show response
analytics.hx-qwilr.com/ 240 B
605 B 1024ms
1023ms XHR
application/json 13.225.87.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.hx-qwilr.com/events
Requested by: Host: shootsta.qwilr.com
URL: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-125.fra2.r.cloudfront.net
Software: /
Resource Hash: df4252d42901420fafa2590b4cda1a63f0022345ef7b508c34aecb6c3fee8e7a

Request headers

Accept: application/json, text/plain, */*
Referer: https://shootsta.qwilr.com/This-message-is-for-you-nYwjbcBEQLi5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 05 Jun 2020 01:16:23 GMT
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 9fccbfef-d538-442d-9ee6-c3fb88adce8a
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5ed99ce6-0d5a114030e3bf28a80c75c0;Sampled=0
x-amz-apigw-id: NoV0GHypywMFcUQ=
content-length: 240
x-amz-cf-id: _DeJz1dog7upZQHRoJJRfCTdGG4MQoL8dJIiXCAqvWUeh0sckdzOGQ==

POST events
analytics.hx-qwilr.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.hx-qwilr.com
URL: https://analytics.hx-qwilr.com/events

Domain: analytics.hx-qwilr.com
URL: https://analytics.hx-qwilr.com/events

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.qwilr.com/	1970-01-19 12:11:35	Name: _gcl_au Value: 1.1.1001017029.1591319758
.qwilr.com/	1969-12-31 23:59:59	Name: _hjid Value: 808e42c7-1ec9-4423-8461-ea8bd7a0c06f
.qwilr.com/	1970-01-21 05:49:59	Name: km_lv Value: 1591319758
.qwilr.com/	1970-01-19 10:02:01	Name: km_vs Value: 1
.qwilr.com/	1970-01-19 10:03:26	Name: _gid Value: GA1.2.892653143.1591319758
.qwilr.com/	1969-12-31 23:59:59	Name: kvcd Value: 1591319758325
.qwilr.com/	1970-01-19 10:02:01	Name: _hjAbsoluteSessionInProgress Value: 1
.qwilr.com/	1970-01-21 05:49:59	Name: km_ai Value: XBifZe%2BrKjD9bUtpzfPekq%2F4KyU%3D
.vimeo.com/	1970-01-20 03:33:11	Name: vuid Value: pl1712140771.930970966
.qwilr.com/	1970-01-20 03:33:11	Name: _ga Value: GA1.2.1095635466.1591319758
.shootsta.qwilr.com/	1970-01-19 10:02:01	Name: __stripe_sid Value: 1b5c59cc-8a0a-4464-a591-a66848278aaf
.shootsta.qwilr.com/	1970-01-19 18:47:35	Name: __stripe_mid Value: 1d2f274e-5528-4462-8212-394e98e9b0f3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.hx-qwilr.com
api.qwilr.com
bam.nr-data.net
cdn.segment.com
connect.facebook.net
d219lb0su8m9bb.cloudfront.net
d2cankni8sodj9.cloudfront.net
d2q7nwt0fhbb30.cloudfront.net
eventtracking.hubspot.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
js.stripe.com
player.vimeo.com
px.ads.linkedin.com
script.hotjar.com
scripts.kissmetrics.com
shootsta.qwilr.com
snap.licdn.com
static.hotjar.com
t.sidekickopen80.com
trc.kissmetrics.com
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
analytics.hx-qwilr.com
13.225.87.125
13.226.153.22
143.204.101.129
143.204.101.2
143.204.101.206
143.204.99.83
147.75.100.189
147.75.102.203
147.75.33.131
151.101.114.110
151.101.12.176
151.101.12.217
162.247.242.19
172.217.18.162
2600:9000:20eb:a800:10:986b:4340:93a1
2606:4700::6812:9c2
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:809::2002
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2004
2a00:1450:4001:821::200a
2a00:1450:4001:825::2003
2a02:26f0:6c00:29b::25ea
2a03:2880:f007:8:face:b00c:0:1
2a04:4e42:3::622
2a05:f500:11:101::b93f:9005
3.216.220.253
52.63.16.97
08d88bec3e00bb7a7d8c813d989022a80ef7d2f052c2cbb82624cc689ae47e61
09b19c685414462cd3a2b17cd27182be2724c4dd51349dcfee32cb85a67aa0bf
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0fe2aa289162af5650c4a5ad04948ed0872b83982060632f75b9dbd8520d2c8b
1334926116b049e96d4e0ad25ce1f4c8433b6501945fed0191b485cafa4d43dc
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
2fdebcbc60c2d255d1553d90d481787d83f3b68f9f173c6fc9314988321eb6d5
33367bba4a5dc9b2654baae1da2442ce081f383578c475dccce533446f8286f6
397d997216eebd06ca11eeb3c5de92128f1303a76fef035037b00a3a7465e230
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
45ecc49faf85ae37a61e1474de57e1bff33d3d3f6753feec809bdd5a7267c9c1
473ea6bcc4e6d6f3036ab9fef643187dcdecdbb29549ba6df1924facc288e1f6
49186bfff42358386a3130c738279794b5748c2863ef56a26ae156f360287f8e
4aba8379fdabd79e4d835be3a7259276669870464e06beafdcb15d234a2a31a2
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
51b463c1f30aed34b9030241512c34e36931b9a0a1a2e97f9c218551e54a9af3
53746fe88d046e14bc2e0953162421cac884a15ee12142e68fb201c9babb1104
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
57637229296d4cf72d2b6876518a02d5a6ea8e7a61797bef99ec60422a803408
5988287c3845bb6727ad34c4dc5ad0073d0aa3e3ac3939888f741c20680d1851
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d3ade33224db1cdd406b831d0b2dc226491dbc46e5b0988fd1e2b4dfaf7fd1d
72b44fcf992fc657a8bfe1110571325a7a824c742f33631939ee6339d7375734
76acb66fb11b9630c03f7ceefac7249ea59d2c677fef7506d4b4e11520a1c7b4
832eb37d7ebaa38e9ea03224c122e242a4c6123d658a37d6efdef7dc26aeb159
8448fd5d0229e8fc74f9d340538965d5e254ba97c5664767372f0e35df2d6a61
86c02de607340a58c139dd372349ccf26be182f4bc64d43f7597c3070c232e95
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9f8eaf83fc7a3950631a72c03d3dfded08a4d9321aefc93fae089c37a59ba106
b646bf5c9c7cdc09338770b21cca5a006c78569b8be83ab4e370bcc9697c250a
c081caed0b0bacf926d2a2439ef1c8a4c9290dd12ef83286d68569129db1e063
c09fb5bc9bfb0e33227ef6fbba5704286d51f606d6552b5167a7d93e47593a34
ca2d905b0e41652cff79ec960109e41736ee9ed14ec4ea32d476710a6672f28b
cc2070f552b6f684122f9fde881c94bb57e653f9b1f5333578d507a52a6d5ae1
cd34ee8ae406b1662e7ef53583b899f9ccc52d0920127c4716c6944a68916cd5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d1c91524a74a7a2bd157c69338196318faf2a26be2046b8c0a90670430ca0d8d
d7e4a69a70550cd9cf342ca971992b47545e7290f045befd4adbd23f0f353473
df4252d42901420fafa2590b4cda1a63f0022345ef7b508c34aecb6c3fee8e7a
df99e955387c31384d8891927137064d2372af571ec3615844abe7021d8e6c12
e0f3a0b6bb569a4c29d1bf5e034f9ec975d04b45edfd66ebff73ed5cf4a22447
e1bf1a249653fb233fdfd115719d8a15718007d83e2cdf2cc6a70db7d0d45b8e
e247a2a47263e45bc51a706c68076ee75695e26c590119d8f29e2a293d165baa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef89e475db06ca770de3a2114cb6849bde3e638b2f1399bc4caac2e3a3374106
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

shootsta.qwilr.com Open in urlscan Pro 2600:9000:20eb:a800:10:986b:4340:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

48 %IPv6

25 Domains

32 Subdomains

29 IPs

7 Countries

7788 kBTransfer

11947 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

shootsta.qwilr.com Open in urlscan Pro
2600:9000:20eb:a800:10:986b:4340:93a1 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

48 %
IPv6

25
Domains

32
Subdomains

29
IPs

7
Countries

7788 kB
Transfer

11947 kB
Size

12
Cookies

60 HTTP transactions
2 data transactions