promo.pixelsee.app Open in urlscan Pro
104.21.48.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Submission: On October 11 via manual (October 11th 2023, 6:34:23 am UTC) from ID — Scanned from DE

Summary HTTP 41 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 41 HTTP transactions. The main IP is 104.21.48.8, located in and belongs to CLOUDFLARENET, US. The main domain is promo.pixelsee.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 15th 2023. Valid for: 3 months.

This is the only time promo.pixelsee.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	104.21.48.8 104.21.48.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
2	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
7	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
2	142.250.13.156 142.250.13.156	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
3	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
1	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
41	15

15 104.21.48.8 (None, )

ASN13335 (CLOUDFLARENET, US)

promo.pixelsee.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.13.156 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	pixelsee.app promo.pixelsee.app	64 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	222 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 178 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	88 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	160 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	601 B
1	gstatic.com fonts.gstatic.com	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
41	11

	Domain	Requested by
15	promo.pixelsee.app	promo.pixelsee.app
7	pagead2.googlesyndication.com	promo.pixelsee.app pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	promo.pixelsee.app connect.facebook.net
2	www.googletagmanager.com	promo.pixelsee.app www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	www.facebook.com	promo.pixelsee.app
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	promo.pixelsee.app
41	14

This site contains links to these domains. Also see Links.

Domain
pixelsee.app
brightdata.com

Subject Issuer	Validity	Valid
pixelsee.app Cloudflare Inc ECC CA-3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Frame ID: 88D610D4E3E9E8A57C85043F61F41B07
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 0DDF9FA86DA6508E1CAFD68DDF403F71
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5826337412698082&output=html&adk=522671305&adf=1178619241&lmt=1696319236&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_ID_05_10_2023%26sub2%3Dpropeller%26sub6%3D733978197766713421&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697006056756&bpp=21&bdt=960&idt=796&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7313642626273&frm=20&pv=2&ga_vid=1139644790.1697006056&ga_sid=1697006058&ga_hid=1243940790&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078600%2C44804783%2C44805098%2C31078673%2C44804172&oid=2&pvsid=377441659544885&tmod=210532516&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=921
Frame ID: 20C726CC2D82B14EE1B27123C31A0A00
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2517E91C5CEA1FD2ADC1093B2F2BEB4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E2CE78CD229DE9B45CC52ABC43E515D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PIXELSEE | Your file ready to download

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

15
IPs

3
Countries

596 kB
Transfer

1700 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://pixelsee.app/ld/get_installer.php?pixsite=1&r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Title: Download

Search URL Search Domain Scan URL

URL: https://brightdata.com/sdk/faq#sdk_app_connect?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Title: https://brightdata.com/sdk/faq#sdk_app_connect

Search URL Search Domain Scan URL

URL: https://pixelsee.app/license.html?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Title: TOS

Search URL Search Domain Scan URL

URL: https://brightdata.com/legal/sdk-privacy?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Title: https://brightdata.com/legal/sdk-privacy

Search URL Search Domain Scan URL

URL: https://pixelsee.app/policy.html?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
promo.pixelsee.app/ 18 KB
5 KB 511ms
158ms Document
text/html 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698235d5a2cbf8fe5afd570e7e33b69b3e7ea01e66bceeec19fe0e19ba1a0021

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81451387ba5e2bf8-FRA
content-encoding: br
content-type: text/html
date: Wed, 11 Oct 2023 06:34:15 GMT
last-modified: Tue, 03 Oct 2023 09:47:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rzi%2FTvYG%2BNhBfG9CfZwfhlxjfoaOr2VNc6HbXAk95P6pJpbvSfnyzeNXBGUEGyYucuJUrAitRY425fDNMwRtl%2F%2BaLXyYRNuhxuf9Wq1G2m%2FY9PxEKe1nke2rPs81vDpe9H3WZrg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: txd393d133b946466080c26-00652641e7
x-amz-request-id: txd393d133b946466080c26-00652641e7
x-amz-version-id: 1696326436522816

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 363ms
20ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

481ae7ff0d53d45d9d93b8247dd3a3f7c0e901954851bb6350aeccd0bd54938f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 11 Oct 2023 06:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 04:50:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Oct 2023 06:34:16 GMT

GET
H2 200 style.min.css
promo.pixelsee.app/css/ 31 KB
6 KB 27ms
26ms Stylesheet
text/css 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91228866dbbc573944d948402536e1b470d67c5ae67e1c5cdfcb15cb5eb984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:15 GMT
x-amz-version-id: 1696326435888990
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx01c4389d131342bfba654-00651f5110
age: 1985
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx01c4389d131342bfba654-00651f5110
last-modified: Tue, 03 Oct 2023 09:47:15 GMT
server: cloudflare
etag: W/"583046cc62873e13de5979a19472fefb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XN3zDVL5cZYIeA%2BWI8C8jfK6SaBci7tZ6LWdB%2BP8BXpz3Xkg%2BUNZiNImscShlUuqzkDkCxMjTazQKvQiWwkeYCOI91oSpfvACc%2Bq1lI%2FTLktKBfdcrO5BEUDREYgiLSftyrPuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81451388cb5a2bf8-FRA

GET
H2 200 baloon.min.css
promo.pixelsee.app/css/ 4 KB
2 KB 25ms
25ms Stylesheet
text/css 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/css/baloon.min.css?ver=1
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf0481bb01e37a5b5cb2388e817decdc4f90e7cbd5994c55b05d7d4dbd86815f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:15 GMT
x-amz-version-id: 1696326435847788
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx03c3b8290255483e9faab-00651dfd29
age: 6908
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx03c3b8290255483e9faab-00651dfd29
last-modified: Tue, 03 Oct 2023 09:47:15 GMT
server: cloudflare
etag: W/"e38b048988db68478be49dda0683fa7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHE59o8%2B74lV0Nm6Q0NuTLbev9LwiS4XI%2FpPiI2ex2yoMwwvOPoW7H2ICkYgg2jN2B2rhvwWKXbU3pi1UV7OiWu1UNf9DpqLRWkiM7s%2Fpn%2Bj1yDp8osUth524HjDpT17mA0%2BPPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 81451388cb5c2bf8-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 387ms
33ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3d84bc0b853d5cd3a93b97fc972d677428a0c6fddbf7d317408c4f0a64e1fe1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93731
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 06:34:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 456ms
80ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b4edf8a814b5c42bd852fbfc0f33f5c41a53f8d72754c94ad7207343f9826bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Origin: https://promo.pixelsee.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51204
x-xss-protection: 0
server: cafe
etag: 15369135253664105825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 06:34:16 GMT

GET
H2 200 logo.svg
promo.pixelsee.app/images/ 2 KB
1 KB 19ms
18ms Image
image/svg+xml 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/logo.svg
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a1a80dae6a97aff9aa45a6225640d6b299d25eb4f7689055afb9dfd60ba4e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
x-amz-version-id: 1690210838551393
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txeb6b7e599ba4433f9bec9-0064be9282
age: 129
alt-svc: h3=":443"; ma=86400
x-amz-id-2: txeb6b7e599ba4433f9bec9-0064be9282
last-modified: Mon, 24 Jul 2023 15:00:38 GMT
server: cloudflare
etag: W/"9bb77a42ae4c13b0a557d3496c62af46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPv3IzLBlJumqcek9w3j6t0gmbuC%2Fud4ukPqDrQVN%2BeDzrpWwuALkzR%2Fhn0OKgcqy080RAQlsTtyeNqQEvDt5Qn%2Fx8KlCq2%2FeQjRO8IGXKNgUDSjbOBg2MIHZK%2F3pM3IsNxDToc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8145138b3e082bf8-FRA

GET
H2 200 email-decode.min.js Show response
promo.pixelsee.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 22ms
21ms Script
application/javascript 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.pixelsee.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Oct 2023 12:54:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"651eb1ec-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkJUw50FnB2jSpFHg3IBie4ZKTYumePibplHZaf26xO6xjQKcvQ8DAvlsqhOhwHUpPtdy6lzAsYmpuAdcYdfGcsGFLeVIZkTnPj8Cqekvs91MemP2mivBwSCrwkt7FaZdZxihzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 81451388fb9b2bf8-FRA
expires: Fri, 13 Oct 2023 06:34:15 GMT

GET
H2 200 application.js Show response
promo.pixelsee.app/js/ 126 KB
40 KB 47ms
42ms Script
application/javascript 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/js/application.js?ver=3
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9d51be1cf0594ab18897f60df474ad577451c87928a68e15392c105cec218b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:15 GMT
x-amz-version-id: 1696326436638730
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx4d3d1f786b5149a8ac2df-00651f4db1
age: 2162
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx4d3d1f786b5149a8ac2df-00651f4db1
last-modified: Tue, 03 Oct 2023 09:47:16 GMT
server: cloudflare
etag: W/"5a7b051a55bdca147ddc04e8ae0070f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTsGT9Ky20Kd5ABWjJGJNSG%2BIVtkoPStH4XFOd9hVfB%2B3Wy5dJcpKpqibYP3PYhQtE2C%2FdrzEp4tg98BxRKRnQeaIFp1oaNR4JX3rVgGg3tP567%2Fp%2FNgtQOVpgFsJElLnFNPTbA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 814513893bd22bf8-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 387ms
0ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Oct 2023 06:34:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53364
x-xss-protection: 0
pragma: public
x-fb-debug: sECNUOS/u+M/i0NvKOoYWglBolo1xshHQqVTkKAo1W5uUh7uTT6uGDTD5DavQYpgk/mWGdsN3vVQD36+3B645A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sprite.svg
promo.pixelsee.app/images/ 1 KB
1000 B 25ms
24ms Other
image/svg+xml 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/images/sprite.svg
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e2eeed07fc3c528683b99c4228190009025c38148de912b6407791ae59b5fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
x-amz-version-id: 1696326436479830
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx51281a537bd64607b72d9-00651f5c06
age: 129
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx51281a537bd64607b72d9-00651f5c06
last-modified: Tue, 03 Oct 2023 09:47:16 GMT
server: cloudflare
etag: W/"4e5148bc1a0851551c8ada00c5701ed8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NFnQYbO9%2FdLcqm33MsmLBOSdeh2RJCLbnBTntpSjzg5grbrnYw%2FSgASuxyhCJoPDBLEU15tMP6sZRfE5y6Gw3cgZH7kkrKUgL0bYTlwQIB3PT8BrAgNbrTVvYtoAD6ptdHgbxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8145138b4e202bf8-FRA

GET
DATA 200
OK truncated
/ 288 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c1707b307f1584c490c249330da68d304fdedd73422b6328fa440442f52e97e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 icon-play.svg
promo.pixelsee.app/images/icons/ 231 B
572 B 22ms
16ms Image
image/svg+xml 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/icons/icon-play.svg
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495358f422e19339e0c53ded45e198a434592da355c58b53451810e239a62169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
x-amz-version-id: 1696326435719081
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx31fb02b40f5943869c97b-00651f6cfc
age: 6892
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx31fb02b40f5943869c97b-00651f6cfc
last-modified: Tue, 03 Oct 2023 09:47:15 GMT
server: cloudflare
etag: W/"9fa059b1263d655c92304062c10cc3ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3R%2BEKUJAoMY%2BoFoipizwf3yhWpT8Wykq9OJ68OgA2SlwHyQb1zcQnHnIEBgXpCM4jJJvy%2F0vr%2FypbDDajiO9kAs4HHKqQ90nCNXf%2FOGFBPbXsoqIXC4pK5iZgRsre0QsT4kfGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8145138b5e3c2bf8-FRA

GET
H2 200 tv.png
promo.pixelsee.app/images/load/ 476 B
861 B 23ms
17ms Image
image/png 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/tv.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8724a4ae6581bb3559a23b285a6c4628e339a6b719cf8ffcb5d91cdaf2fe0bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
x-amz-version-id: 1690210838558670
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx777cf4f9bacd4ea0bf909-0064be9282
age: 6892
alt-svc: h3=":443"; ma=86400
content-length: 476
x-amz-id-2: tx777cf4f9bacd4ea0bf909-0064be9282
last-modified: Mon, 24 Jul 2023 15:00:38 GMT
server: cloudflare
etag: "03be608276b4b9c8d314812f18a9feed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nexodwu3nRVqPlaT68n0KTtFC1TSEo0GYDh6zDnGRMeupnVFJ8zbYtVfjjkOQvN6mSevh2%2FV3IdhY9z0jeiIigmSHBG%2FuhQjuh0OyC9E176AhIQFjYOfwO0kJr%2BamJ0IBE7ZrHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8145138b5e3e2bf8-FRA

GET
H2 200 playlist.png
promo.pixelsee.app/images/load/ 215 B
616 B 28ms
22ms Image
image/png 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/playlist.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b8fbaded24ceaa6e1c817e2a3cd84c3a3344eba0fad1f146720dfc995ed77b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
x-amz-version-id: 1694514662208915
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx848a1ed6539c424398a59-0065129280
age: 5222
alt-svc: h3=":443"; ma=86400
content-length: 215
x-amz-id-2: tx848a1ed6539c424398a59-0065129280
last-modified: Tue, 12 Sep 2023 10:31:02 GMT
server: cloudflare
etag: "38868742975def4cf1abe3c2034c968e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFbBDnXEKYmZ1gnW2Ej5wwkpJ0p5TTHr%2FUSqC9YK6rsRomfYcxWfcJaqGPxo1hR1lWrRosOcC2MTD7wIvJjhm6YCOQLU3Wvq1XC6vUcqdHNE4TwRPSkcUUN%2BPLlY2wGEWT%2FoYjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8145138b5e3f2bf8-FRA

GET
H2 200 pause.png
promo.pixelsee.app/images/load/ 552 B
990 B 31ms
25ms Image
image/png 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/pause.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7673c1ead17d751d2b588c6f8089b0fff26ae90ce8d14e704a0965a6ff37b57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
x-amz-version-id: 1694514661973689
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txfa675513bbdf427a825bc-0065164131
age: 5222
alt-svc: h3=":443"; ma=86400
content-length: 552
x-amz-id-2: txfa675513bbdf427a825bc-0065164131
last-modified: Tue, 12 Sep 2023 10:31:01 GMT
server: cloudflare
etag: "7f147decd06cd1ab5a8f539d55ceffe6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHEp7nKS49eY%2FQm0XDFQQXTAEnZPi%2BXMNInMwZOf3q1wlbUsK0iLYMuiSVDHl2rT1JfJXlt%2FaC0y7BiWTuC8Gqg0hWhbzRyeFkaYWtQPpqjXj1KYXevgji7qCyVUwASqje5AiAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8145138b5e402bf8-FRA

GET
H2 200 subtitles.png
promo.pixelsee.app/images/load/ 193 B
679 B 29ms
24ms Image
image/png 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/subtitles.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27554c42cd0c0bac487ef78447d427d5e5ba8bd24bb94289a9f9d435df468897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
x-amz-version-id: 1694514662596062
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx90328feca8754696a4489-0065129280
age: 129
alt-svc: h3=":443"; ma=86400
content-length: 193
x-amz-id-2: tx90328feca8754696a4489-0065129280
last-modified: Tue, 12 Sep 2023 10:31:02 GMT
server: cloudflare
etag: "a47325f449f3eb00d2f47d61f39eb065"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLw%2BcUOddCBHDZzkCZ6EkkIuNLaZAHwXSsv6xJhB37iYtLV%2BqqbKxnRRtAB4ku9TfMtlm18SlYXovLPMODZAOd%2BPgCmKAzIicG3vXkVulyt4BvYA0kkvWoxscnplJ8Uxxmy6F2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8145138b5e412bf8-FRA

GET
H2 200 windows.png
promo.pixelsee.app/images/load/ 214 B
607 B 36ms
31ms Image
image/png 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/windows.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c45931772e5bb04bb6e0d142a114a3bbe2ebb28c94ed4c0eb58cbbd4ab58ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
x-amz-version-id: 1696326436444756
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx88cb59cd72bd4c2b85731-00651cef91
age: 129
alt-svc: h3=":443"; ma=86400
content-length: 214
x-amz-id-2: tx88cb59cd72bd4c2b85731-00651cef91
last-modified: Tue, 03 Oct 2023 09:47:16 GMT
server: cloudflare
etag: "1982b726d7da6c46b504c6d859edb218"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEmXQBd9i5k8jayLKtn%2BphNsuINWXvNCswv9DVzaEeBghYh4hUcrHMbjoenlkDH3hCZDcdxiJPq2y3bFGGtFuaWfUurPh54rEjAQjtMGPLvjZzv0dojZ3TMexwn71KvfOHKDJfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8145138b6e462bf8-FRA

GET
H2 200 play.png
promo.pixelsee.app/images/load/ 411 B
798 B 37ms
32ms Image
image/png 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/play.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3440aae42853188c66d8631208b1fad7b580e2b7e065403d1387306d6e7ef558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
x-amz-version-id: 1694514662798013
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx5f9e9d087aba4ef29d092-006515e46a
age: 129
alt-svc: h3=":443"; ma=86400
content-length: 411
x-amz-id-2: tx5f9e9d087aba4ef29d092-006515e46a
last-modified: Tue, 12 Sep 2023 10:31:02 GMT
server: cloudflare
etag: "152bad15fdcef8e2dc4248fd58794e7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmmy7eEC5n%2BnS4vI00DTWz4P%2F1t%2B1bZLMcVCCWVy91h4BgWOOluLlhPdX94y2wMklTLVo7i2IfQnKt2ffpwlmxwmRRFzmAmZxJAjro%2BaNkCjnPCO3naRtc3OkpbG3J4so7lZT%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8145138b6e482bf8-FRA

GET
H2 200 footer-decor.png
promo.pixelsee.app/images/footer/ 3 KB
4 KB 36ms
33ms Image
image/png 104.21.48.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/footer/footer-decor.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b75d4c73aa7751c553a5191f8cff5d139a9f77717701f6157963e810bdb937c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
x-amz-version-id: 1696326435880693
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txe19959f346b54eb48277f-00651e2d1e
age: 129
alt-svc: h3=":443"; ma=86400
content-length: 3474
x-amz-id-2: txe19959f346b54eb48277f-00651e2d1e
last-modified: Tue, 03 Oct 2023 09:47:15 GMT
server: cloudflare
etag: "af15b8bc22a4d8aa6166d1f8e1ff4c67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LanXMGvw5eWZUG3zHGiWs6CX%2BCCpuEkYxwmOTSSzx1KCZmK%2FanXi8Khi6Qa2rrQU6jUfPrV27gAf045qpT8VaQoZ7BgCvRjbEUHQb%2BBWjkvba0Pys8nBoJxtidOqYjvgQmTvlCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8145138b6e492bf8-FRA

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 478ms
22ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promo.pixelsee.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 476111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:19:05 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 479ms
18ms Ping
text/plain 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TKL2XXV026&gtm=45je3a90&_p=1243940790&_gaz=1&cid=1139644790.1697006056&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1697006056&sct=1&seg=0&dl=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_ID_05_10_2023%26sub2%3Dpropeller%26sub6%3D733978197766713421&dt=PIXELSEE%20%7C%20Your%20file%20ready%20to%20download&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 06:34:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.pixelsee.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 506ms
47ms Ping
text/plain 142.250.13.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TKL2XXV026&cid=1139644790.1697006056&gtm=45je3a90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.13.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: we-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 06:34:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.pixelsee.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 79ms
43ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-229973687-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1a0cc847d76561e3b3e2a06e954ccdb7d338f7478077fca83a2acf0d834106ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 11 Oct 2023 06:34:16 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ 391 KB
133 KB 461ms
85ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ec522d9bb11b6e4175eb70f0c00e974427349a9a727ecddd4fc258f3f6233158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135711
x-xss-protection: 0
server: cafe
etag: 7279480777771313569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 06:34:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 0DDF 10 KB
5 KB 1193ms
18ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 14:28:29 GMT
etag: 2603938475786422795
expires: Tue, 24 Oct 2023 14:28:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1097ms
0ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-229973687-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 11 Oct 2023 05:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2676
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 11 Oct 2023 07:49:42 GMT

GET
H2 200 787001845751676 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 68ms
68ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/787001845751676?v=2.9.133&r=stable&domain=promo.pixelsee.app

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

92b43f5e18de547d0e5c3f4e978ce00ee515e8bd18320786f4f49db7cbbc67ac

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 11 Oct 2023 06:34:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ImL+IcZM2t91R3iFHdFCcSWYHCjILc3vAjAPJ49J/D/lIBR0a8Id8Ogd8g1Qp7NI/dPZtRpS7crOweWpLHcRPA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
601 B 476ms
19ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=promo.pixelsee.app&callback=_gfp_s_&client=ca-pub-5826337412698082

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

72bb5ab6d354c31783fa4d98c2315240c2d4af2316d695d09e98be5fed30d2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 20C7 603 B
245 B 404ms
372ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5826337412698082&output=html&adk=522671305&adf=1178619241&lmt=1696319236&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_ID_05_10_2023%26sub2%3Dpropeller%26sub6%3D733978197766713421&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697006056756&bpp=21&bdt=960&idt=796&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7313642626273&frm=20&pv=2&ga_vid=1139644790.1697006056&ga_sid=1697006058&ga_hid=1243940790&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078600%2C44804783%2C44805098%2C31078673%2C44804172&oid=2&pvsid=377441659544885&tmod=210532516&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=921

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 06:34:18 GMT
expires: Wed, 11 Oct 2023 06:34:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 62ms
62ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 06:34:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 1063ms
33ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=787001845751676&ev=PageView&dl=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_ID_05_10_2023%26sub2%3Dpropeller%26sub6%3D733978197766713421&rl=&if=false&ts=1697006058093&sw=1600&sh=1200&v=2.9.133&r=stable&ec=0&o=30&fbp=fb.1.1697006058072.959856264&ler=empty&it=1697006057158&coo=false&rqm=GET

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_ID_05_10_2023&sub2=propeller&sub6=733978197766713421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 11 Oct 2023 06:34:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 255ms
254ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1243940790&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_ID_05_10_2023%26sub2%3Dpropeller%26sub6%3D733978197766713421&ul=en-us&de=UTF-8&dt=PIXELSEE%20%7C%20Your%20file%20ready%20to%20download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=79354697&gjid=480685314&cid=1139644790.1697006056&tid=UA-229973687-1&_gid=333144308.1697006058&_r=1&gtm=457e3a90&jsscut=1&z=1952511503

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.pixelsee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 06:34:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.pixelsee.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 130ms
51ms XHR
text/plain 142.250.13.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-229973687-1&cid=1139644790.1697006056&jid=79354697&gjid=480685314&_gid=333144308.1697006058&_u=YADAAUAAAAAAACAAI~&z=173437476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.156 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promo.pixelsee.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 11 Oct 2023 06:34:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.pixelsee.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
68ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5ef7c475e2ffc3cfa4193d8613355509a2d23eef0c61ac32ec04f9ae79724403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12169
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 384ms
34ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_fy2021.js?bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 06:34:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A251 13 KB
5 KB 20ms
12ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Oct 2023 19:47:55 GMT
expires: Wed, 09 Oct 2024 19:47:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4E2C 829 B
1 KB 571ms
30ms Document
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

GSE /

Resource Hash

b13c46abef8fd337343a5d40a53dc24fef4862fea3435b97f33ca80e6fa3b26b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aPPtQP3tA-SvcxDyqhQ7OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aPPtQP3tA-SvcxDyqhQ7OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 06:34:20 GMT
expires: Wed, 11 Oct 2023 06:34:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame A251 37 KB
15 KB 11ms
10ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 19:47:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Oct 2024 19:47:55 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4E2C 0
0 42ms
42ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=377441659544885&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame A251 0
40 B 9ms
9ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?E61_5g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 06:34:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=377441659544885&bg=!ZWalZinNAAbjlzx0w5c7ADQBe5WfOPjDcErKBClQg9pgvpUrxO0v4e-ny9MijdJX97mCO-fku068QP0KU7Sx7nuZgp0gAgAAA8JSAAAADGgBB5kCveWhFvRVDguV-ZobucUQ2OPUnCIg8yS1cTPC8jTjoezWeWk7AjodgcOrUX4UviTd9cvurNlbskIAqsVZ-FOb_j2d666HKxhESxJlMd60BS0TpkXi27PGvBySZuYBxODIoE3mGkB0NzDC3ai6WuM83c0Whr6HoYUer6CqHhXSYfw7eF2IvxTaUo_LWRtgXKk6bonzqcHL6d-q7DyxW-fJfR51ct-SkoVqIiNmQ023qP3_-QezAFNvT5PFiByTf7QPr3y0bkX-EacfiBn6bd9MpQvLWY6vA-1S43i16wlOvW0Rh99OVSCiPxsvTgpUCnQDdAKmxvmCxE-gMXqXMe2OvYwr-bRIqqJBuNz7z8zMBDbfukXvsnnk5mQDGzeXvMnIDu7sx0EOO_C-LBJFpX87Z_F-bSIjFlnq2swFzXnL7wCjH4YWM6ECM4sOBYcRf33zoXxruLbS08lr_yjGQa4x3peVjcIzxC6mdcWSy--QUSX65vMNvrGbqJwtF2v1ANbQFs0GrLIeLKR0MxBKjrT8mxnBbth3_TLwPgO3XLO57oIms4sBJfDFK12nJGsW5IkjaPoKvlDvjn_fMc-0TAO9EUMrDK67MZZcPf4gAn3cdRJG-29vJEk3R_eBQw4A4SOjdL26hsPP2jCrm7U8GhrVnLiNKL8e4OjBmkGFkyxrJRd11dhlnyTcM4AhTO0aWZCDZRvyRhommcX4WhMSKVB1zirTASLw9bAjrV3pgypbE04we1K6DI0lu7Ost20Lji1qUdjbweLMTREQXmVlpiBoThbFOyklIZ_08ONvDkPPGOX4kl1VSai96v6UrfFy31p92pqHWIy8uiR-nLtWAneVk3WDbG3hvbEZO0a_ne8QZPeNCbySrlILPCExdgN1_-DZB6KjYh78sJ8rxj9EafmRgcuHDV1Nm8iHLd__BaHJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pixelsee.app/	1970-01-21 00:59:26	Name: _ga_TKL2XXV026 Value: GS1.1.1697006056.1.0.1697006056.60.0.0
.pixelsee.app/	1970-01-20 17:33:02	Name: _fbp Value: fb.1.1697006058072.959856264
.pixelsee.app/	1970-01-21 00:45:02	Name: __gads Value: ID=62b693e6f313d370-2291436c43df0073:T=1697006058:RT=1697006058:S=ALNI_Mbr7B5cIlHl98kex1A065Vg6IMVqA
.pixelsee.app/	1970-01-21 00:45:02	Name: __gpi Value: UID=00000c94aa9146db:T=1697006058:RT=1697006058:S=ALNI_Mb_6HpNFCPKSypww2NpLzASXbAC7g
.pixelsee.app/	1970-01-21 00:59:26	Name: _ga Value: GA1.2.1139644790.1697006056
.pixelsee.app/	1970-01-20 15:24:52	Name: _gid Value: GA1.2.333144308.1697006058
.pixelsee.app/	1970-01-20 15:23:26	Name: _gat_gtag_UA_229973687_1 Value: 1
.doubleclick.net/	1970-01-20 15:23:26	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
promo.pixelsee.app
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.21.48.8
142.250.13.156
142.250.181.226
142.250.184.206
142.250.185.104
142.250.185.194
142.250.185.68
142.250.186.110
142.250.186.170
142.250.186.34
157.240.0.35
157.240.0.6
172.217.18.1
172.217.18.3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0c1707b307f1584c490c249330da68d304fdedd73422b6328fa440442f52e97e
1a0cc847d76561e3b3e2a06e954ccdb7d338f7478077fca83a2acf0d834106ad
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27554c42cd0c0bac487ef78447d427d5e5ba8bd24bb94289a9f9d435df468897
2b75d4c73aa7751c553a5191f8cff5d139a9f77717701f6157963e810bdb937c
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
3440aae42853188c66d8631208b1fad7b580e2b7e065403d1387306d6e7ef558
3d84bc0b853d5cd3a93b97fc972d677428a0c6fddbf7d317408c4f0a64e1fe1c
3e2eeed07fc3c528683b99c4228190009025c38148de912b6407791ae59b5fa7
481ae7ff0d53d45d9d93b8247dd3a3f7c0e901954851bb6350aeccd0bd54938f
495358f422e19339e0c53ded45e198a434592da355c58b53451810e239a62169
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ef7c475e2ffc3cfa4193d8613355509a2d23eef0c61ac32ec04f9ae79724403
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
698235d5a2cbf8fe5afd570e7e33b69b3e7ea01e66bceeec19fe0e19ba1a0021
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72bb5ab6d354c31783fa4d98c2315240c2d4af2316d695d09e98be5fed30d2e9
8724a4ae6581bb3559a23b285a6c4628e339a6b719cf8ffcb5d91cdaf2fe0bf9
92b43f5e18de547d0e5c3f4e978ce00ee515e8bd18320786f4f49db7cbbc67ac
9a1a80dae6a97aff9aa45a6225640d6b299d25eb4f7689055afb9dfd60ba4e7b
9c45931772e5bb04bb6e0d142a114a3bbe2ebb28c94ed4c0eb58cbbd4ab58ffe
b13c46abef8fd337343a5d40a53dc24fef4862fea3435b97f33ca80e6fa3b26b
b4edf8a814b5c42bd852fbfc0f33f5c41a53f8d72754c94ad7207343f9826bc8
b9d51be1cf0594ab18897f60df474ad577451c87928a68e15392c105cec218b3
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
cf0481bb01e37a5b5cb2388e817decdc4f90e7cbd5994c55b05d7d4dbd86815f
d2b8fbaded24ceaa6e1c817e2a3cd84c3a3344eba0fad1f146720dfc995ed77b
d91228866dbbc573944d948402536e1b470d67c5ae67e1c5cdfcb15cb5eb984a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7673c1ead17d751d2b588c6f8089b0fff26ae90ce8d14e704a0965a6ff37b57
ec522d9bb11b6e4175eb70f0c00e974427349a9a727ecddd4fc258f3f6233158

promo.pixelsee.app Open in urlscan Pro 104.21.48.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

0 %IPv6

11 Domains

14 Subdomains

15 IPs

3 Countries

596 kBTransfer

1700 kBSize

8 Cookies

5 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

promo.pixelsee.app Open in urlscan Pro
104.21.48.8 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

15
IPs

3
Countries

596 kB
Transfer

1700 kB
Size

8
Cookies

41 HTTP transactions
1 data transactions