grabhijackd.com Open in urlscan Pro
192.254.225.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://glynnkosky.com/hijackd
Effective URL:
https://grabhijackd.com/exclusive/
Submission: On May 30 via manual (May 30th 2022, 10:13:11 am UTC) from IE — Scanned from DE

Summary HTTP 256 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 31 domains to perform 256 HTTP transactions. The main IP is 192.254.225.179, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is grabhijackd.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 14th 2021. Valid for: a year.

This is the only time grabhijackd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	192.254.225.179 192.254.225.179	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 5	172.67.68.35 172.67.68.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 9	2600:9000:215... 2600:9000:2156:3a00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.64.65 151.101.64.65	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	52.211.231.175 52.211.231.175	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.229.135.46 54.229.135.46	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 92	2606:4700::68... 2606:4700::6810:10c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2606:4700::68... 2606:4700::6810:fc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
5	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	() ()
14	2a00:1450:400... 2a00:1450:4001:813::2002	() ()
256	32

4 192.254.225.179 (United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-225-179.unifiedlayer.com

glynnkosky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
grabhijackd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
instantecomfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.68.35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

warriorplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2156:3a00:6:9280:1080:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.65 (United States)

ASN54113 (FASTLY, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.211.231.175 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-231-175.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.135.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-135-46.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

92 2606:4700::6810:10c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:fc2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

static.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	clickfunnels.com 2 redirects www.clickfunnels.com — Cisco Umbrella Rank: 58889 static.clickfunnels.com — Cisco Umbrella Rank: 741183 assets.clickfunnels.com — Cisco Umbrella Rank: 55631 images.clickfunnels.com — Cisco Umbrella Rank: 85693 app.clickfunnels.com — Cisco Umbrella Rank: 33473	26 MB
27	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	1 MB
17	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads.g.doubleclick.net	5 KB
11	adroll.com 3 redirects s.adroll.com — Cisco Umbrella Rank: 2302 d.adroll.com — Cisco Umbrella Rank: 1408	41 KB
9	prfct.co 6 redirects pixel-geo.prfct.co — Cisco Umbrella Rank: 14003	4 KB
5	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4378	168 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	313 KB
5	warriorplus.com 1 redirects warriorplus.com — Cisco Umbrella Rank: 397068	49 KB
4	gstatic.com fonts.gstatic.com	57 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3029 onesignal.com — Cisco Umbrella Rank: 1276	82 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	4 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 818	92 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	476 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	491 B
2	grabhijackd.com 1 redirects grabhijackd.com	976 B
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1125	11 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	instantecomfunnels.com instantecomfunnels.com	958 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 306	239 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 348	274 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 506	355 B
1	google.de www.google.de — Cisco Umbrella Rank: 6117	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2049	958 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1960	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1967	16 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2164	855 B
1	marinsm.com tag.marinsm.com — Cisco Umbrella Rank: 27819	4 KB
1	glynnkosky.com 1 redirects glynnkosky.com	163 B
0	addevent.com Failed track.addevent.com Failed
256	31

	Domain	Requested by
86	images.clickfunnels.com	static.clickfunnels.com grabhijackd.com
27	www.googletagmanager.com	warriorplus.com static.clickfunnels.com www.clickfunnels.com www.googletagmanager.com
14	googleads.g.doubleclick.net	www.googleadservices.com
9	pixel-geo.prfct.co	6 redirects
9	s.adroll.com	3 redirects www.googletagmanager.com s.adroll.com warriorplus.com grabhijackd.com
5	app.clickfunnels.com	1 redirects static.clickfunnels.com www.clickfunnels.com
5	fast.wistia.com	static.clickfunnels.com fast.wistia.com
5	connect.facebook.net	warriorplus.com connect.facebook.net grabhijackd.com
5	warriorplus.com	1 redirects warriorplus.com static.cloudflareinsights.com grabhijackd.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.clickfunnels.com	grabhijackd.com static.clickfunnels.com
3	fonts.googleapis.com	static.clickfunnels.com grabhijackd.com
3	use.fontawesome.com	static.clickfunnels.com use.fontawesome.com
3	www.facebook.com	grabhijackd.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	assets.clickfunnels.com	1 redirects static.clickfunnels.com
2	cm.g.doubleclick.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	d.adroll.com	s.adroll.com
2	onesignal.com	cdn.onesignal.com
2	grabhijackd.com	1 redirects warriorplus.com
2	cdn.onesignal.com	warriorplus.com cdn.onesignal.com
2	static.cloudflareinsights.com	warriorplus.com grabhijackd.com
1	www.googleadservices.com	www.googletagmanager.com
1	instantecomfunnels.com	www.clickfunnels.com
1	static.clickfunnels.com	grabhijackd.com
1	pixel.rubiconproject.com
1	us-u.openx.net
1	analytics.twitter.com
1	www.google.de	grabhijackd.com
1	www.google.com	grabhijackd.com
1	track.hubspot.com
1	stats.g.doubleclick.net	warriorplus.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-scripts.com	www.googletagmanager.com
1	tag.marinsm.com	www.googletagmanager.com
1	glynnkosky.com	1 redirects
0	track.addevent.com Failed	grabhijackd.com
256	39

This site contains links to these domains. Also see Links.

Domain
warriorplus.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
grabhijackd.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-14` - `2022-10-14`	a year	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
tag.marinsm.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.prfct.co Sectigo RSA Domain Validation Secure Server CA	`2021-11-02` - `2022-11-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.instanttrafficjacker.logbookloansauto.co.uk R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://grabhijackd.com/exclusive/
Frame ID: 5DF25FC76B8CA0EC9335FE99F85730A8
Requests: 257 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hijack'd Official Site + Review + DISCOUNT + DEMO + BONUS

Page URL History Show full URLs

https://glynnkosky.com/hijackd HTTP 301
https://warriorplus.com/o2/a/z191y7/0/youtube Page URL
https://warriorplus.com/o2/a/z191y7/0/youtube?nonce=a4fdd166ca5c7d44b48f43a254852cfd40d62937 HTTP 302
https://warriorplus.com/o/view/nglgq9/affc_z191y7 Page URL
https://grabhijackd.com/exclusive HTTP 301
https://grabhijackd.com/exclusive/ Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

ClickFunnels (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

<meta property="cf:app_domain" content="app\.clickfunnels\.com"

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

256
Requests

73 %
HTTPS

66 %
IPv6

31
Domains

39
Subdomains

32
IPs

5
Countries

29230 kB
Transfer

36369 kB
Size

29
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://warriorplus.com/o2/buy/ryh37n/nglgq9/llb0c4?cp=hijackspecial
Title: Claim My Discount Now

Search URL Search Domain Scan URL

URL: https://warriorplus.com/o2/buy/ryh37n/nglgq9/llb0c4
Title: Get Instant Access Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://glynnkosky.com/hijackd HTTP 301
https://warriorplus.com/o2/a/z191y7/0/youtube Page URL
https://warriorplus.com/o2/a/z191y7/0/youtube?nonce=a4fdd166ca5c7d44b48f43a254852cfd40d62937 HTTP 302
https://warriorplus.com/o/view/nglgq9/affc_z191y7 Page URL
https://grabhijackd.com/exclusive HTTP 301
https://grabhijackd.com/exclusive/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://glynnkosky.com/hijackd HTTP 301
https://warriorplus.com/o2/a/z191y7/0/youtube

Request Chain 2

https://warriorplus.com/o2/a/z191y7/0/youtube?nonce=a4fdd166ca5c7d44b48f43a254852cfd40d62937 HTTP 302
https://warriorplus.com/o/view/nglgq9/affc_z191y7

Request Chain 13

https://pixel-geo.prfct.co/tagjs?a_id=406&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag

Request Chain 16

https://s.adroll.com/j/exp/KD3RBGHXH5DG3PI3RBAUIR/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 17

https://s.adroll.com/j/pre/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 30

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_FiJko7tNDJETrSM9h

Request Chain 31

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_FiJko7tNDJETrSM9h&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_FiJko7tNDJETrSM9h&_origin=1&verify=true

Request Chain 32

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_FiJko7tNDJETrSM9h

Request Chain 33

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_FiJko7tNDJETrSM9h

Request Chain 34

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfRmlKa283dE5ESkVUclNNOWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfRmlKa283dE5ESkVUclNNOWg&google_tc= HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 36

https://secure.adnxs.com/seg?t=2&add=1083254 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D1083254 HTTP 302
https://secure.adnxs.com/seg?add=695885&t=2 HTTP 302
https://pixel-geo.prfct.co/seg/?add=695885

Request Chain 193

https://app.clickfunnels.com/cf.js HTTP 301
https://www.clickfunnels.com/cf.js

Request Chain 225

https://assets.clickfunnels.com/templates/listhacking-sales/images/arrow-flash-small.gif HTTP 301
https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif

Request Chain 234

https://s.adroll.com/j/exp/4RT76HY4CVCEVPHEANWH4P/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

256 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

youtube Show response
warriorplus.com/o2/a/z191y7/0/
Redirect Chain

https://glynnkosky.com/hijackd
https://warriorplus.com/o2/a/z191y7/0/youtube

27 KB
11 KB

679ms
609ms

Document
text/html

172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://warriorplus.com/o2/a/z191y7/0/youtube

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3

Resource Hash

5554712b78169bc70648e1d18dc38d67fc19576f4f04ab21947310ea6942b854

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7136b1e94cad901e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 10:13:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H22TayLG6XDu5KS3Q8PYGifx3S1uotb%2FVkLS2O%2BI%2B7wMWYDCi0d8lJkBMom3xn8m2fsVGRJcplXF1zzPxU3XB7RoUwDN7n5XCOz3K594kNzOW0EiAO75cNABId0%2B3R90ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3

Redirect headers

cache-control: max-age=3600
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 10:13:03 GMT
expires: Mon, 30 May 2022 11:13:03 GMT
location: https://warriorplus.com/o2/a/z191y7/0/youtube
server: Apache
x-redirect-by: redirection

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 98ms
50ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: warriorplus.com
URL: https://warriorplus.com/o2/a/z191y7/0/youtube
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://warriorplus.com/
Origin: https://warriorplus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7136b1edcd6d913d-FRA

GET
H3

200

affc_z191y7
warriorplus.com/o/view/nglgq9/
Redirect Chain

https://warriorplus.com/o2/a/z191y7/0/youtube?nonce=a4fdd166ca5c7d44b48f43a254852cfd40d62937
https://warriorplus.com/o/view/nglgq9/affc_z191y7

29 KB
12 KB

594ms
593ms

Document
text/html

172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://warriorplus.com/o/view/nglgq9/affc_z191y7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash

Request headers

Referer: https://warriorplus.com/o2/a/z191y7/0/youtube
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7136b1efdad7690a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 10:13:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsKZQgpiQmuImXAwMzEw4xsm%2FhZSf8EjwOCyr%2FKZzUWd7OB01bvitPyfrtCjI8W2P6ha1I7DUY1nN0PIPUGWd%2FyDAQuOWeSUCz7jX8Hr032lRtVFTAw1DtLkeQ2hBQ%2BKTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7136b1ee3da1901e-FRA
content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 10:13:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /o/view/nglgq9/affc_z191y7
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfRIz4ahG6EmfpOVzRLkrb%2FZEaDW8ixMiiiG80spbrYzPaJ4nqEznBYi6ToQTyclrmtkTe5B9%2BG%2FmfSGvVMYJI9Pu6XdduJGYUZ8rq7Dbc2JJH5vdzheqeaeKwRxavu%2FoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3

POST
H2 200 rum
warriorplus.com/cdn-cgi/ 0
217 B 30ms
30ms XHR
text/plain 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://warriorplus.com/cdn-cgi/rum?

Requested by

Host: warriorplus.com
URL: https://warriorplus.com/o2/a/z191y7/0/youtube

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://warriorplus.com/o2/a/z191y7/0/youtube
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: application/json

Response headers

date: Mon, 30 May 2022 10:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://warriorplus.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 7136b1ee3da3901e-FRA
vary: Origin

POST rum
warriorplus.com/cdn-cgi/ 0
0

GET
H2 200 gtm.js
www.googletagmanager.com/ 154 KB
57 KB 89ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M

Requested by

Host: warriorplus.com
URL: https://warriorplus.com/o/view/nglgq9/affc_z191y7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57493
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:05 GMT

GET
H2 200 OneSignalSDK.js
cdn.onesignal.com/sdks/ 9 KB
3 KB 75ms
32ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: warriorplus.com
URL: https://warriorplus.com/o/view/nglgq9/affc_z191y7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 7136b1f478c2699f-FRA
date: Mon, 30 May 2022 10:13:05 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1121
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 02 Jun 2022 10:13:05 GMT

GET
H2

200

Primary Request / Show response
grabhijackd.com/exclusive/
Redirect Chain

https://grabhijackd.com/exclusive
https://grabhijackd.com/exclusive/

2 KB
873 B

177ms
177ms

Document
text/html

192.254.225.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://grabhijackd.com/exclusive/
Requested by: Host: warriorplus.com
URL: https://warriorplus.com/o/view/nglgq9/affc_z191y7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.225.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-225-179.unifiedlayer.com
Software: Apache /
Resource Hash: b84a6d31a28123a88ef31c4bbdf0ffee6299afd15e868f8d1ddcf2df4f005fdf

Request headers

Referer: https://warriorplus.com/o/view/nglgq9/affc_z191y7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 766
content-type: text/html
date: Mon, 30 May 2022 10:13:06 GMT
last-modified: Sun, 07 Nov 2021 15:00:58 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-length: 242
content-type: text/html; charset=iso-8859-1
date: Mon, 30 May 2022 10:13:05 GMT
location: https://grabhijackd.com/exclusive/
server: Apache

GET
H3 200 OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 283 KB
68 KB 346ms
73ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 7136b1f69d989238-FRA
date: Mon, 30 May 2022 10:13:05 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1120
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 02 Jun 2022 10:13:05 GMT

GET
H/1.1 200
OK roundtrip.js
s.adroll.com/j/ 49 KB
16 KB 240ms
26ms Script
text/javascript 2600:9000:2156:3a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: sheXpIV7HBYMVaU7JbFLL29rwPWoWBfK
Content-Encoding: gzip
Etag: W/"282858284eb90ea42ac68a61d5841cac"
Age: 439
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 May 2022 16:45:28 GMT
Server: AmazonS3
Date: Mon, 30 May 2022 10:05:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 1PoBPnqo1w5YCbSGoB9mHYUIBdbvzdyDmK96_NkNpx9v634q5xKaKA==

GET
H/1.1 200
OK 5265944071686a380300010a.js
tag.marinsm.com/serve/ 12 KB
4 KB 232ms
19ms Script
text/javascript 151.101.64.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/5265944071686a380300010a.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 10:13:05 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 417
X-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4017
X-Served-By: cache-hhn4050-HHN
Server: Cowboy
X-Timer: S1653905586.665191,VS0,VE0
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 230ms
18ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6837
date: Mon, 30 May 2022 08:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 30 May 2022 10:19:08 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 99 KB
27 KB 231ms
19ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: warriorplus.com
URL: https://warriorplus.com/o2/a/z191y7/0/youtube

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: n8E79QjD/vWpHZq8q+ZiW35Rq4Qes4j/dvhh3LHJgX71Mo0K7NVQSN+Az0BsrEclmayBxL8fr+YVBXRPR4n/Ng==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 30 May 2022 10:13:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5040118.js
js.hs-scripts.com/ 857 B
855 B 251ms
42ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5040118.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 57
cf-polished: origSize=964
x-hubspot-correlation-id: dea8c413-a66c-4f4b-bced-bdab793c6300
last-modified: Mon, 30 May 2022 10:12:08 GMT
server: cloudflare
x-trace: 2B3FA9F4DDEBC5C1CCEB4F2E4F89C6ED8DA85FE26A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://warriorplus.com
expires: Mon, 30 May 2022 10:14:05 GMT
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7136b1f67d8f6913-FRA
cf-bgj: minify

GET
H/1.1

200
OK

tagjs
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=406&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag

125 B
454 B

40ms
40ms

Script
text/javascript

52.211.231.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag
Protocol: HTTP/1.1
Server: 52.211.231.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-231-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H3 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
884 B 60ms
19ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 09:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 May 2022 10:27:42 GMT

GET
H3 200 661035823949763
connect.facebook.net/signals/config/ 305 KB
87 KB 123ms
102ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661035823949763?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: uh247nDr6pW2rye12TqTXFTtgmwNr9x2qmoQ1SNwxjKlgCYdnil7tE1/5B+wwu8Aydq4yQuz3o7JtOgL4Hwz1g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 30 May 2022 10:13:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653905585812
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

index.js
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/KD3RBGHXH5DG3PI3RBAUIR/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

42ms
20ms

Script
application/javascript

2600:9000:2156:3a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2156:3a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: QCXe6z8Ijv28a3Z6pj7cPKMX4fdClAik
Via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 59137
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Wed, 18 May 2022 19:09:46 GMT
Server: AmazonS3
Date: Sun, 29 May 2022 17:47:30 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: NIAVi2kSruj3M8_Kfb3zMoefqSqC2qlDRCPDvai_QrGwqrmKDKWAPw==

Redirect headers

Date: Sun, 29 May 2022 17:42:22 GMT
Via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
Age: 59443
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: TJKosoSOe7qXgsoB1_cEdwsToR89gI6ODdeVmC1rkJWYAqvxWOdUmQ==

GET
H/1.1

200
OK

index.js
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

26ms
25ms

Script
application/javascript

2600:9000:2156:3a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2156:3a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 53779
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Sun, 29 May 2022 19:16:49 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: E0YEsDbGzs4NutPPJdCn6TPEduXzqMEF8f3FnwstPIvMLJ2bBlM1RQ==

Redirect headers

Date: Sun, 29 May 2022 14:38:27 GMT
Via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
Age: 70477
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: SV3HN5KyzePM6ypLZ5cUiLma1YHInTVakTBgSQXBz6PRfNDQvoSV6w==

GET
H/1.1 200
OK index.js
s.adroll.com/j/pre/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/ 0
786 B 61ms
24ms Script
text/javascript 2600:9000:2156:3a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: umrXCEmkQfR6twN6lFLPejfZg96l7IPI
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 3268
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sat, 21 May 2022 11:33:29 GMT
Server: AmazonS3
Date: Mon, 30 May 2022 09:20:17 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: TbVBAdVL9BkrFGuMyYs7AECOX_QRtGRyxI53rH0e-dV8eIWsvgxgww==

GET
H2 200 5040118.js
js.hs-banner.com/ 59 KB
16 KB 85ms
43ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5040118.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5040118.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 226
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: FSB2AA0SC5VYS996
x-amz-id-2: yGUVfPpQOBgdNADZaAmurCOerbhwB/xexoRoryOfSJJQzc7LibqAuZ0bBMHQQGzNcR/zkFor3H8=
timing-allow-origin: *
last-modified: Fri, 27 May 2022 16:04:28 GMT
server: cloudflare
etag: W/"11f4e67fafd3e392d6fb1c5e58323f03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: CxZTOus6QPvM2kf3d0nvZKiFvEcwm8U4
access-control-allow-origin: https://warriorplus.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 7136b1f6fb516983-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 30 May 2022 10:14:19 GMT

GET
H2 200 5040118.js
js.hs-analytics.net/analytics/1653905400000/ 62 KB
20 KB 71ms
29ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1653905400000/5040118.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5040118.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:05 GMT
content-encoding: br
cf-cache-status: HIT
age: 127
x-amz-server-side-encryption: AES256
x-amz-request-id: WJ38CB80BFHRTWS5
x-amz-id-2: EuOfWPMLrekbzeRo5syNbOiS09QZF0zMYv1fXW8ZVVYEngSPJN2E1DKf2Need50dzM3x77Dghcg=
last-modified: Thu, 14 Apr 2022 15:24:02 GMT
server: cloudflare
etag: W/"c24eb6a212901a57ee009960cabbc355"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 7136b1f6fa7d9a05-FRA
expires: Mon, 30 May 2022 10:15:58 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
442 B 81ms
27ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-74776-7&cid=1153360372.1653905586&jid=203605657&gjid=662985705&_gid=870750564.1653905586&_u=aGBAgAAjAAAAAE~&z=1341784264

Requested by

Host: warriorplus.com
URL: https://warriorplus.com/o/view/nglgq9/affc_z191y7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://warriorplus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 30 May 2022 10:13:05 GMT
content-type: text/plain
access-control-allow-origin: https://warriorplus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1687319335&t=pageview&_s=1&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fnglgq9%2Faffc_z191y7&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=203605657&gjid=662985705&cid=1153360372.1653905586&tid=UA-74776-7&_gid=870750564.1653905586&gtm=2wg5p1WMGQ2M&z=1065879479

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 23:45:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37638
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web
onesignal.com/api/v1/sync/596afbc1-2014-4369-a904-3b25c9c36435/ 4 KB
2 KB 37ms
36ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/596afbc1-2014-4369-a904-3b25c9c36435/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 2125
cf-polished: origSize=4345
status: 200 OK
x-envoy-upstream-service-time: 30
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 66dbce31-b040-49a6-892f-b3be1c03d58a
x-runtime: 0.028907
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"1cad73baafca48a495b5ebca4a44fa6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 7136b1f73e6d699f-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 30 May 2022 11:13:05 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
958 B 204ms
154ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2252185681&v=1.1&a=5040118&r=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fz191y7%2F0%2Fyoutube&pu=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fnglgq9%2Faffc_z191y7&cts=1653905585798&vi=6d03e0ee815a955802d438eaaf59b416&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:05 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ba6601bc-373f-4b8c-a487-232be14d460c
cf-ray: 7136b1f798df5bed-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sj2vU5bguFdduq4wAY2UTHq1wc7icCwli3B1D4VlAbv0YfKU%2BBlOGfoVQ63jM4maLw%2B8S7HZRyx5IvBcZ801HpopAOuUvdQ5WAely2UnjnLnxMA3U6ylOQuaaYji0qtuQnOWlXMo%2Fhf9qdGLDKic"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 KD3RBGHXH5DG3PI3RBAUIR
d.adroll.com/consent/check/ 447 B
540 B 663ms
40ms Script
application/javascript 54.229.135.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/KD3RBGHXH5DG3PI3RBAUIR?arrfrr=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fnglgq9%2Faffc_z191y7&_s=1322e8cfab7a71195c64a2091149fdf2&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.135.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-135-46.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:06 GMT
server: nginx/1.20.0
content-length: 447
content-type: application/javascript

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 43ms
42ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 7136b1f78f289238-FRA
date: Mon, 30 May 2022 10:13:05 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1119
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 29 Jun 2022 10:13:05 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 629ms
44ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-74776-7&cid=1153360372.1653905586&jid=203605657&_u=aGBAgAAjAAAAAE~&z=2141230383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 635ms
42ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-74776-7&cid=1153360372.1653905586&jid=203605657&_u=aGBAgAAjAAAAAE~&z=2141230383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 553ms
19ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661035823949763&ev=PageView&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fnglgq9%2Faffc_z191y7&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fz191y7%2F0%2Fyoutube&if=false&ts=1653905585895&sw=1600&sh=1200&v=2.9.61&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1653905585892.2082466109&it=1653905585698&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 30 May 2022 10:13:06 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_FiJko7tNDJETrSM9h

43 B
355 B

613ms
129ms

Image
image/gif

104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_FiJko7tNDJETrSM9h

Protocol

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 30 May 2022 10:13:06 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 70c8afb6c7480ae03b4d7634a567b0a885f57bfc29eee5b92830bb28d01bfd15
content-length: 43

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_FiJko7tNDJETrSM9h
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_FiJko7tNDJETrSM9h&_origin=1
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_FiJko7tNDJETrSM9h&_origin=1&verify=true

0
121 B

24ms
24ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_FiJko7tNDJETrSM9h&_origin=1&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:06 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_FiJko7tNDJETrSM9h&_origin=1&verify=true
date: Mon, 30 May 2022 10:13:06 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_FiJko7tNDJETrSM9h

43 B
274 B

440ms
34ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_FiJko7tNDJETrSM9h
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/eecec1e /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:06 GMT
via: 1.1 google
server: OXGW/eecec1e
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_FiJko7tNDJETrSM9h
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_FiJko7tNDJETrSM9h

0
239 B

439ms
22ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_FiJko7tNDJETrSM9h
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_FiJko7tNDJETrSM9h
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfRmlKa283dE5ESkVUclNNOWg
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfRmlKa283dE5ESkVUclNNOWg&google_tc=
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

40ms
40ms

Image
image/gif

52.211.231.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Protocol: HTTP/1.1
Server: 52.211.231.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-231-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 117ms
117ms Image
image/gif 52.211.231.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=1083254&source=js_tag&a_id=406
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.231.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-231-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET

/
pixel-geo.prfct.co/seg/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=1083254
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D1083254
https://secure.adnxs.com/seg?add=695885&t=2
https://pixel-geo.prfct.co/seg/?add=695885

0
0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 41ms
18ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661035823949763&ev=Microdata&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fnglgq9%2Faffc_z191y7&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fz191y7%2F0%2Fyoutube&if=false&ts=1653905586398&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fgrabhijackd.com%2Fexclusive%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1653905585892.2082466109&it=1653905585698&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warriorplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 30 May 2022 10:13:06 GMT

GET
H2 200 lander.css
www.clickfunnels.com/assets/ 425 KB
70 KB 141ms
84ms Stylesheet
text/css 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickfunnels.com/assets/lander.css

Requested by

Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:06 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: W/"628ff6b7-6a514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 7136b1fcabd49b33-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 30 May 2022 10:33:06 GMT

GET
H2 200 dv9w9i55adoe9fw9.js Show response
static.clickfunnels.com/clickfunnels/landers/tmp/ 1 MB
86 KB 281ms
228ms Script
application/javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 727dddd03ba0a143ba07ea36de03ce621d2781adb0971b0e1a9ea70ba6913f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 27 Nov 2021 17:25:12 GMT
server: cloudflare
x-amz-request-id: G7132JPQ5V3X7Z4J
etag: W/"f15b96cb47175a3fad054f2788c89e18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 7136b1fca9f49b6e-FRA
x-amz-id-2: 1LyLtGNPrWZeLdAUscAeWBaV9yLeYJpLakt7NlN5oZQzX+5eo/NodQNMnftH/nHJ1gF4NzmtSzo=

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 14 KB
5 KB 108ms
67ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:06 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7136b1fda9915b2c-FRA

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
12 KB 76ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10793679
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: R6NH4GJ7K569R50W
x-amz-id-2: UMzeQ4xVVEzkt+nMXUeDEUQvy+wpjX5qBC4xjuMDX2OaDkyj9B0Hmp1pqTpRuUYIak+jxrdXODQ=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHbYSOywT%2FnohzrxTAJu%2BypACLMvuMT%2FaUgfWwqZUio9bx0tUh16EF782DSsaRGrILOk0doA1ad7jm3QFPauh0cqotwKvVB2n7LoAJQKkrG9OZbIlvosMuJTKKk%2FEhYYfqhMZOlvw82hFEC8PfPZoiqa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7136b1febb1c91f9-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
5 KB 74ms
32ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10793584
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RB5BPRT48JBAE6TP
x-amz-id-2: gCI0BCd4N0Ze41wUUC9fQ5XlRt+jkrB7evHnqcM8HM5N2U+Yr/0Hi6JfxMBuYiohKnNmeTq+oho=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PX73GWF4brEvs8qvZBHR%2FzCDRWSf6zdKR0PZafz1bU2CYQoV4RoAJ2cDjdo5gH5mKVqruL7zAJpIVY1y%2FjuQKa4qli0PXGA4s4DZuWJBtmr6lIsProg2iRy7DGdyyVPmXLrRm0YaY84R06v3qNpoHNGt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7136b1fecb2291f9-FRA

GET
H2 200 css
fonts.googleapis.com/ 45 KB
3 KB 78ms
28ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be649d327966b2a111b40dcce70e081e4275c13f9da6ed872d501e88d5b65687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:17:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 30 May 2022 10:13:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 May 2022 10:13:07 GMT

GET
H2 200 application.js Show response
www.clickfunnels.com/assets/userevents/ 5 KB
2 KB 69ms
68ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickfunnels.com/assets/userevents/application.js

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://grabhijackd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 616
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: W/"628ff6b7-1353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 7136b1fe7f849b33-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 30 May 2022 10:33:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 118ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-972589909

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a7a179c6d8adb63ef15269627a345e80f1a7ea56a181f9500d6199775fadeab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43194
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 123ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-611346400

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b823bf0551ce23882cc79e690edf7fa4967b34293d3db464a0b883fffec27ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43194
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:07 GMT

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
904 B 120ms
56ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.clickfunnels.com/images/closemodal.png

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 336087
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Mon, 23 May 2022 16:00:01 GMT
server: cloudflare
etag: "628baf81-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 30 Jun 2022 10:13:07 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7136b1ff797b9b33-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri

GET
H2 200 logo.png
images.clickfunnels.com/cc/243906ad564fb686abec753d7dd988/ 55 KB
55 KB 262ms
201ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/cc/243906ad564fb686abec753d7dd988/logo.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45af9dbaa50b25bb4a44c87364262e7bdf7115a1fdf8dd15ed70891bc5457e82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:30:15 GMT
server: cloudflare
x-amz-request-id: 2RGDFFJ5D8P3RHEB
etag: "cc3f983c81d3fe659c95c447f48ad5e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b1ff79729b33-FRA
content-length: 56117
x-amz-id-2: 1Yi6NrYhzS1BZs5Dpv+hZxa1dWYpTglqTP/qkbHXZEuJnJYswDZsIoy1VA5czkB+HaA2qwr1XIE=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 997ok.png
images.clickfunnels.com/5d/430de253544e6daacb7d6532f882e9/ 34 KB
34 KB 233ms
173ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/5d/430de253544e6daacb7d6532f882e9/997ok.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b850fe562be51a8a2bfd6150e8b3acfbb442515b7211085f1051b9df7ee3cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Fri, 12 Nov 2021 19:34:07 GMT
server: cloudflare
x-amz-request-id: 2RG11ASNBDKSJ8VN
etag: "2b4bcb0ae0b8b40b1e9cf58f8aff0897"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b1ff79699b33-FRA
content-length: 34696
x-amz-id-2: kS681PG1R4GuSw56SqHsxKzrKEfJMRv1uvcHqQcP7aiNQbSlM0JzZ+69Q6GV7GBlk/xU5szq864=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 1xbg0adl9u.jsonp Show response
fast.wistia.com/embed/medias/ 4 KB
2 KB 491ms
116ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/1xbg0adl9u.jsonp

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f691cd2d67c126b27827ac6e158975bde0a7f9879aec8f1c5d5de04f20c992ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 72478
x-cache: HIT, MISS
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length: 1540
x-request-id: b6d717ac8122259843238f814a0b8721
x-served-by: cache-iad-kjyo7100083-IAD, cache-hhn4052-HHN
x-runtime: 0.053555
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-timer: S1653905587.432304,VS0,VE96
etag: W/"f691cd2d67c126b27827ac6e158975bd"
x-download-options: noopen
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control: public, no-cache
x-browser: chrome
x-browser-version: 102
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 596 KB
110 KB 395ms
20ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ccefc61d30014c2f6224967681f3341693dd755ea38adbc4e207d2f57da87e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
content-encoding: br
vary: Accept-Encoding
age: 759
x-cache: HIT, HIT
content-length: 112573
x-served-by: cache-iad-kjyo7100030-IAD, cache-hhn4052-HHN
access-control-allow-origin: *
x-browser-version: 102
last-modified: Fri, 27 May 2022 17:55:10 GMT
x-timer: S1653905587.432254,VS0,VE0
etag: "6291107e-1b7bd"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 248

GET
H2 200 swatch
fast.wistia.com/embed/medias/1xbg0adl9u/ 4 KB
4 KB 494ms
120ms Image
image/jpeg 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/1xbg0adl9u/swatch

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

893ce7786b2e245b5b3e7bb6eba56f70d4291dc802679a3209509af0c840d5cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
access-control-request-method: *
age: 14809
x-cache: HIT, MISS
content-disposition: inline
content-length: 3936
x-served-by: cache-iad-kjyo7100137-IAD, cache-hhn4052-HHN
access-control-allow-origin: *, *
x-browser-version: 102
last-modified: Wed, 17 Nov 2021 16:39:43 UTC
x-timer: S1653905587.432231,VS0,VE101
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31161543
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 180day2.png
images.clickfunnels.com/6b/26ffffa6af4e708ea02d1a9ab721bc/ 209 KB
210 KB 100ms
41ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/6b/26ffffa6af4e708ea02d1a9ab721bc/180day2.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35ab9078d7be55dc3fed3ccf51acc9f5ad42c55f53d6f47c8fb589072df8e65c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: HIT
age: 4159
cf-polished: origFmt=png, origSize=237293
cf-ray: 7136b1ff796f9b33-FRA
last-modified: Sun, 09 May 2021 12:58:23 GMT
content-disposition: inline; filename="180day2.webp"
content-length: 214118
x-amz-id-2: MSUU6tFCiFO9tK98TBndRvHYP//NjW3MqFIeemjdycr+pk4yhsIX92kwPEcea/Ig7W8rayYadBo=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "488d51310cbe889df36d58b918b06d6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 7N3J5Y3NB99H05WS
cache-control: public, max-age=2073600
accept-ranges: bytes
content-type: image/webp
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 Screenshot-2021-11-02-at-17.05.03.png
images.clickfunnels.com/0b/e4d91731b94abd9c076e45ebbb65dd/ 77 KB
77 KB 271ms
212ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/0b/e4d91731b94abd9c076e45ebbb65dd/Screenshot-2021-11-02-at-17.05.03.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bda5cc778beb2ed8fff149d666f15d5e033b56b910c09baed31869972b844ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 17:10:06 GMT
server: cloudflare
x-amz-request-id: 2RGEH8XVEZTC3PM8
etag: "784df5154cd3d05c82cdf3b3799ba3a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b1ff796e9b33-FRA
content-length: 78896
x-amz-id-2: a2bxu69bMSQQoSE6C4cBAwhPt3q2MdJmrNbWuEl5lDqgASOkSTNpFdRYSnbmeBIceONjf3VSgJo=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 u2.jpg
images.clickfunnels.com/b2/356e1fcd624f0db488a34f4737c850/ 31 KB
31 KB 272ms
213ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/b2/356e1fcd624f0db488a34f4737c850/u2.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b020b916a55b9ff89f7acba207120eee845d62613756f1860425262dc22bf48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:06:05 GMT
server: cloudflare
x-amz-request-id: 2RGBKME0CYB3M1AJ
etag: "3799e2466bd0903ed87fb8ce86179953"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b1ff796c9b33-FRA
content-length: 31584
x-amz-id-2: EE6yvMysG63y4D7d38Nsp/9jL2J1AxFODRfjiMz6AdxwUfnWVtyfY9gZY8mMtxeSCI4KH0m4B7A=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 u3.jpg
images.clickfunnels.com/2b/49aff95b8d4d03a636c17bf8939e99/ 29 KB
29 KB 312ms
254ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/2b/49aff95b8d4d03a636c17bf8939e99/u3.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb25235d37888d0b5ccfe8acddebaa959ef03223529e40cdcfccf58207e7ba4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:06:09 GMT
server: cloudflare
x-amz-request-id: 2RG9D2RMYMGBZJVP
etag: "71ccb384e4dc5e1f7673e4115ef4bc6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b1ff79739b33-FRA
content-length: 29915
x-amz-id-2: Q9KcdgsQ0bqvxyWKvWILMJqJe01abjnPA6+8ddcOqZa4rNK5rEAN5ANNkU60gynk/Pdjc+rOY0M=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 Screenshot-2021-11-03-at-11.41.56-modified.png
images.clickfunnels.com/b4/7e97db175b41679c963d4d5268f6e6/ 525 KB
526 KB 217ms
216ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/b4/7e97db175b41679c963d4d5268f6e6/Screenshot-2021-11-03-at-11.41.56-modified.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7d5ab9e6935997321a8465c51ab99e66071bd08b69883922c14236b26507c8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 12:32:26 GMT
server: cloudflare
x-amz-request-id: 2RGB4CYZ0A3NW5EZ
etag: "99feb50aeaeacc564fe995d8eb38c8cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b1ffca069b33-FRA
content-length: 537391
x-amz-id-2: tW/dQUAyXvoL/8gZeuW7Vic1p6IFWJcGkFtplx5vBQAz5FAI8b12f4EiKW6yy2i9j7gI7iNJ4e8=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 5star.png
images.clickfunnels.com/a1/409158c81e4453b09a3ad306ff7c28/ 11 KB
11 KB 175ms
175ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/a1/409158c81e4453b09a3ad306ff7c28/5star.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d104b4954e4b977a10f1f53b150849273649e3c586f3d4c76ab0e3d5600d4006

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 74JJ1HEK0VWBTFPS
cf-polished: origFmt=png, origSize=21972
last-modified: Fri, 05 Mar 2021 14:29:33 GMT
content-disposition: inline; filename="5star.webp"
content-length: 10778
x-amz-id-2: E0v6GmyL8xCbrAtVGhCJ5WYmC6jiwLlYIcGwgPlOjiiyirxttf6IjVydQft3HBYK6JjlG+18aI4=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "6be7e908a349b8c10e85dd0bf75689f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2009c1b9b33-FRA
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 pr1.png
images.clickfunnels.com/26/cbfc9d64d84672b152f74c402c6af9/ 18 KB
18 KB 193ms
193ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/26/cbfc9d64d84672b152f74c402c6af9/pr1.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222f334d50a8bb0cb83ac32cc46e52c915c5cec8c5bf635741f9fe8cc1dd8aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 14:36:12 GMT
server: cloudflare
x-amz-request-id: 2RG5N5ENM88NC731
etag: "7da8c32bcfd35ad2aec48d31c0e58982"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b200cc819b33-FRA
content-length: 18139
x-amz-id-2: eAd0tY+E5e7smqzondS1vBCRR5wuNajIweuzeDykLRAaq/npOrVphdv1IzIjpWtbCpGhrKuSc0M=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 Screenshot-2021-11-03-at-11.40.57-modified.png
images.clickfunnels.com/6c/69032f5d85458a818acc1d724b876b/ 105 KB
105 KB 237ms
236ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/6c/69032f5d85458a818acc1d724b876b/Screenshot-2021-11-03-at-11.40.57-modified.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f238ada63e47c8f84ec34ea1bec4340430e85b2e899512f35daac2aba4a7898d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 12:32:23 GMT
server: cloudflare
x-amz-request-id: 2RG1V2YEDB9VPMZR
etag: "f13525101089f263e97fd17f15ae7fee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b200dcdd9b33-FRA
content-length: 107015
x-amz-id-2: JSYRF3DfUtNMCqDGa8uGOK+2GHQFenUQrDCEKRKuRi3XbPo97YbZ31vfT8/jyHtKEPetc7gw5m8=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 pr2.png
images.clickfunnels.com/7f/a7263688b24b9ab8a69a693be23c54/ 21 KB
21 KB 198ms
198ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/7f/a7263688b24b9ab8a69a693be23c54/pr2.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e877c13e66af1f84c2e730bcf788cd28ed9caaa04334b8e3082c513a59105e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 14:36:11 GMT
server: cloudflare
x-amz-request-id: 2RG5XXYEXCEJ3H50
etag: "777b0b256d5a308949d1bf2e140af2ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b200dce19b33-FRA
content-length: 21519
x-amz-id-2: QcoD8wRktazBBc38Nf+sfITZMM3tSAAFN356xpHupk5yFx803cJPYRH1mOGZb5rvU178DyUvjR4=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 Screenshot-2021-11-03-at-11.43.42-modified.png
images.clickfunnels.com/49/8f8e1002c44523bcf41f6a1a709e40/ 1 MB
1 MB 229ms
229ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/49/8f8e1002c44523bcf41f6a1a709e40/Screenshot-2021-11-03-at-11.43.42-modified.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa461399a57a3e7ffe03690138474107c12345f427a94482c7e5db09903f746e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 12:32:32 GMT
server: cloudflare
x-amz-request-id: 2RGBAVF859B3PSM5
etag: "5cea12a98d108b44a15285242f850231"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2011d6f9b33-FRA
content-length: 1376005
x-amz-id-2: XwTdYoRPZPCoTltu1KRkqyxoumurS4fdUgaN6DdD6aU/x7eRCyZYG/YH0M6CdRQnF9kwOa+UzLo=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 pr3.png
images.clickfunnels.com/23/248c99c6f24116b273212ec819bf4f/ 35 KB
35 KB 221ms
220ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/23/248c99c6f24116b273212ec819bf4f/pr3.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fccb7b11511cd75c1dcf92863b03e646c9643219db6fa0151db31e5b547ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 14:36:11 GMT
server: cloudflare
x-amz-request-id: 2RG34MGXX4FWVKPJ
etag: "60d9abcd2e24aae3de1d94bdb511b1b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2013da99b33-FRA
content-length: 35873
x-amz-id-2: 1jX3JOJGtLIFTebWIqpCBsNNeF75J6iiZOAypl9U5yP2EgdRq7BgGvjKJXS0os3UCU8Ayv5TULk=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 ppl.png
images.clickfunnels.com/78/402e50481041f699c71ea3a1a4c662/ 2 MB
2 MB 239ms
239ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/78/402e50481041f699c71ea3a1a4c662/ppl.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 172f10cc9bef601cab43ca7d5d70f97a3310480a4094788a49f41a41571208a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Sun, 31 Oct 2021 14:43:29 GMT
server: cloudflare
x-amz-request-id: 2RGD1QRYXTG5KCV1
etag: "657860a5dd77a426385e67a839bb175e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b201ae9a9b33-FRA
content-length: 1689624
x-amz-id-2: UBBr9H8pwSjapl64E22sXWQE/lQd+Bs1NS4YDgLMuj0wLJN+zfohwJYYlIGaz7duxCCg6lYA6f8=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 proofe1.png
images.clickfunnels.com/1a/761bdbd32644269c7faeacfbdafef2/ 487 KB
487 KB 198ms
197ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/1a/761bdbd32644269c7faeacfbdafef2/proofe1.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f2fc9ccec700f7f2b982edeb3958290f934448d3d25a3616a844d617f5e06e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 14:50:05 GMT
server: cloudflare
x-amz-request-id: 2RGACPXP9XTGJ81N
etag: "7303e36681e36acfc57fce52d2a27db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b201ff259b33-FRA
content-length: 498225
x-amz-id-2: Rvoyf6mAMbyaln3Ez5vlknMuWarU/fb90O3RI9YReENf9t/qmHx6la9v42lo1/Tz7iCK9LSUC9Q=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 steps-new1.png
images.clickfunnels.com/67/3f9024e83647afbce88dc042455dbe/ 107 KB
108 KB 50ms
50ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/67/3f9024e83647afbce88dc042455dbe/steps-new1.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a2870bab6939648e864651caad59455324f4ef6f947e84c2abb9138220b39f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: HIT
age: 6865
cf-polished: origFmt=png, origSize=127796
cf-ray: 7136b2021f649b33-FRA
last-modified: Tue, 30 Mar 2021 19:28:59 GMT
content-disposition: inline; filename="steps-new1.webp"
content-length: 109682
x-amz-id-2: +JCciJt+kdtkK1uR4rWNvZcuT6lDO4JEvv0Fie0NFxlHT4NmpH0mv6UtEfNDt8PqmNNc/RBwPA4=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b30ed9d7d007b555ad796fca81765023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: QD53XZCTH09A4GCB
cache-control: public, max-age=2073600
accept-ranges: bytes
content-type: image/webp
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 grab.png
images.clickfunnels.com/dc/8396d8e91844b38cb221e0e3aed5cf/ 12 KB
12 KB 256ms
256ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/dc/8396d8e91844b38cb221e0e3aed5cf/grab.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d250d022cc891940be6e017c68cdd14b132eda663b3bd3b8104c6307e4d695b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Mar 2021 12:26:12 GMT
server: cloudflare
x-amz-request-id: 2RG4YMBN7AABDY6V
etag: "f20b42044accf1fddd1c2db5be8597ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2025fdf9b33-FRA
content-length: 12010
x-amz-id-2: KwdammZykmSEGemyy8kMLVX34FO/9GPu1GUlfL5r1i36PvyCF65b1i+wMr9LtWPBKIhhc4qFa40=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 paste-link.png
images.clickfunnels.com/7b/cc7511b197475fb3d818919c0399d8/ 10 KB
10 KB 239ms
239ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/7b/cc7511b197475fb3d818919c0399d8/paste-link.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18a084ba5f1cb579f53180cd2b475d0935c1517b6cf5ce85334fdec7eb0a3854

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Mar 2021 12:31:50 GMT
server: cloudflare
x-amz-request-id: 2RG2G7SG9MJM6VWV
etag: "62cf1cf96d4a2eb2c1e65ab5ae8a79c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20268069b33-FRA
content-length: 9914
x-amz-id-2: 10A0dXkk+HQFVjhtaUFgE6X53p1ke7J2Ct6wEEGAIxrjm+tdduFAxErxZ+UXkMBlS0gS+cWW+Lk=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 click.png
images.clickfunnels.com/fd/cce8fc12994cde98d48f8203c7f612/ 13 KB
13 KB 225ms
225ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/fd/cce8fc12994cde98d48f8203c7f612/click.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7667694047c152e27d0b8404e78b7c159df915f260ea8ff9d705ccf5cbc5ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
cf-cache-status: MISS
last-modified: Mon, 29 Mar 2021 12:53:28 GMT
server: cloudflare
x-amz-request-id: 2RG7AZZGV9C53CN9
etag: "f44a6a92a9536728a001146ffcfe8fe9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b202985c9b33-FRA
content-length: 13205
x-amz-id-2: uifj9C6Wivg+XPpHnRH0rDyKXit310iVlxm3nT9o8NVj0xmjEyNfL8noRQixp901xuJ1zeJxpdE=
expires: Thu, 23 Jun 2022 10:13:07 GMT

GET
H2 200 paddue.png
images.clickfunnels.com/25/7856de758148bd80cd42e7067e490b/ 2 MB
2 MB 213ms
210ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/25/7856de758148bd80cd42e7067e490b/paddue.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82815ec0aa37acb58daa6db73822bd3cc1b83e135830ecc8c5d22683c92590f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Oct 2021 23:44:56 GMT
server: cloudflare
x-amz-request-id: 2RG5297F8H4HTGW0
etag: "5f5279fe38bf552397887572e3d745bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b203fb8e9b33-FRA
content-length: 1795116
x-amz-id-2: xIQ7MOo4FkAYDbcDn+D0+ERGQbDluZ8mOSb/dzctMKUGkTUGP2A/BIkUBm/0pKRK1vq+NFERJMw=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 step1.png
images.clickfunnels.com/3b/b2929596cd475aaa58fd872f40b8b1/ 30 KB
30 KB 198ms
197ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/3b/b2929596cd475aaa58fd872f40b8b1/step1.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68426f1628982dc430b54586c33fd4863ff767e08feb12650840ec96e7f8404e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 20:41:20 GMT
server: cloudflare
x-amz-request-id: 2RGBRWD0QR0HGTTS
etag: "e2556caf6446f44d1a3e72be930877e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b203fb8f9b33-FRA
content-length: 30836
x-amz-id-2: uoS/pIWC31RT+ba+Rvj6FRNpDgecqvim16BZDPioTomVLDsEQBAGsNoQVpj1DQXgfmuNrXaOF1U=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 step2.png
images.clickfunnels.com/16/987e843d46499f9f541e4dcaad732c/ 33 KB
33 KB 256ms
255ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/16/987e843d46499f9f541e4dcaad732c/step2.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc21ab9209a63dfb782f9b001b85e68c33246829e0fc24825023bf2318fb219a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 20:42:53 GMT
server: cloudflare
x-amz-request-id: 2RG52SZZJ16CJNX3
etag: "3a8a895862a62291290291dbfc88865e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b203fb919b33-FRA
content-length: 33475
x-amz-id-2: tzLeiIUjLto5Ryh5u9hJWQWdxHlXoMb2I09g/4uGPkhlt9Q9y3iYyANiIUKWsRP69Q+kM3MJN4U=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 step3.png
images.clickfunnels.com/b4/c0f82b544b479ba0578d36ef629745/ 33 KB
33 KB 198ms
197ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/b4/c0f82b544b479ba0578d36ef629745/step3.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 162b254dd04a69015a8d089558ec7fc0570938f739aa17bd77a434f2cde2e09b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 20:42:54 GMT
server: cloudflare
x-amz-request-id: 2RGA0B79FPYGB61R
etag: "4f5fbfa41ea11e911bf350dea0e411e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b203fb969b33-FRA
content-length: 33781
x-amz-id-2: Q41vLwV3DgfRVypQgTSsSrU6Pg2IUSJ2nE0BiD1+0h9D5qni9j0K0Dz/eIqKt4UW2KfjBuww9fE=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 u4.jpg
images.clickfunnels.com/bd/2f002b52cc4d72ac43585de4a93dc6/ 29 KB
29 KB 194ms
191ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/bd/2f002b52cc4d72ac43585de4a93dc6/u4.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 804765706e0b66fee13e03aa03c69343b79849c69d45c81175e35672375d4291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:06:10 GMT
server: cloudflare
x-amz-request-id: 2RG8T84KDNT3QB7B
etag: "2ad70fb1ac7341e7851468a21fd4407c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2040bbb9b33-FRA
content-length: 29780
x-amz-id-2: cmJspLRFwlS74vDrFN9AsTF/Ibhg1bqjwRhYtW5V7ZVcHK0J5iICyY6AK9Zj51uDQI5YYSkTzPA=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 997-income.png
images.clickfunnels.com/0d/0d77d3e1464910a7b3353110d7cf26/ 179 KB
180 KB 276ms
275ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/0d/0d77d3e1464910a7b3353110d7cf26/997-income.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa203228f23f80a39a2acfd2b51e12f487b283c34aa553a300fbbbb645a0ede1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 17:22:51 GMT
server: cloudflare
x-amz-request-id: 2RG8Y3W8ZHEBRBCN
etag: "55d0047f3447f5315cdde50d45ad2141"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2040bbe9b33-FRA
content-length: 183435
x-amz-id-2: VXtt13XQ8BXeFI4P3PDExYziz70zVHaw4xyXr4f1AvOqJ19hhwO9XDag6EvCnXDXbyOwU9rI6OE=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 fecker.png
images.clickfunnels.com/85/630d6674774f1d869eea8fc6bc3e0b/ 298 KB
298 KB 213ms
212ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/85/630d6674774f1d869eea8fc6bc3e0b/fecker.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9402f8aaf4cba1a887895bf579a914db8e31bd07047b1b3170b94e6677d81b13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 20:50:09 GMT
server: cloudflare
x-amz-request-id: QR6C9ZWCGSFAAMPN
etag: "740a05a6822da10d764bc3cde1f3940e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2054e509b33-FRA
content-length: 305015
x-amz-id-2: +pP+z51jyiHOww0e3y1fWNmXPRZA9HOlSe1E96AD3xq8bfuTfGjdrDY3BKy/FGReYUIj8Y0g7Ss=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 u5.jpg
images.clickfunnels.com/a1/02ce88465c4861abc52f449269d279/ 20 KB
21 KB 179ms
178ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/a1/02ce88465c4861abc52f449269d279/u5.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9d2eed87695edc56075a60c6b152f1b21d0023c37ace1cdc9d275ce7673a4fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
x-amz-request-id: QR680035FS0CQABP
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=GWFa4xghADev5XKGxgRm.NqZmQbdJc6IMkx1_ZWYvmI-1653905588-0-AZrR89_U2bJSpJtxcWFc-Kh62Jk27Fs-_HZB7X8-tWw7B04oe9KFEZiikLloBMkcDqCN-oxan1eubXPfHh07ssI
content-length: 20793
x-amz-id-2: e55UUlejGr7l62cKWezdNuhCDtYGGYyDNX7QGVSQwt6TkLoWbEiRs5qmS4JkbWOvApYACQPVkyg=
last-modified: Fri, 05 Nov 2021 16:06:06 GMT
server: cloudflare
etag: "1c57de6cb4ef3eda5ca23124ca7fc4d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2059f1a9b33-FRA
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 Screenshot-2021-11-02-at-17.23.29.png
images.clickfunnels.com/fc/59452e25d945f7a0e63bd89cea3491/ 37 KB
37 KB 169ms
166ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/fc/59452e25d945f7a0e63bd89cea3491/Screenshot-2021-11-02-at-17.23.29.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b5af2f5bf0a8e8d21389b96f5537fdc65ec420c2f6a1d227b8230772c5b45b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 17:28:36 GMT
server: cloudflare
x-amz-request-id: QR6615NCDVB4VX0Y
etag: "963dbb7aa33c6f348682824529b5b5a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b205af2c9b33-FRA
content-length: 37448
x-amz-id-2: O2zcJpH8gweqQ2ipgxzc4GGTwnQaw9rIlMZhbCT0HMYoikct2WN9/XvIHoVO+kTwiN91zjKUJSw=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 Screenshot-2021-11-07-at-13.18.23.png
images.clickfunnels.com/68/18308e348645608a2fd63b0848db5f/ 13 KB
13 KB 178ms
176ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/68/18308e348645608a2fd63b0848db5f/Screenshot-2021-11-07-at-13.18.23.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210151bced11c2b2e3a4de4dc2d5085c90f189a8c67e7ae94129b52a7e9f7bc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 07 Nov 2021 13:23:44 GMT
server: cloudflare
x-amz-request-id: QR6CS4TXKKM351S6
etag: "a84cb123f7b70e97057334ce01e28065"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b205af2f9b33-FRA
content-length: 12830
x-amz-id-2: 740Kn3LERI9JUoSGOkShAJoEhwnDwPnm+rIIHJ630qvfkjHwZ3/4wCJ+9YT4VguTViqDvNDHfnM=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 u14.jpg
images.clickfunnels.com/e2/8289d7219f42f4a18c6fdbafc965d5/ 30 KB
30 KB 183ms
182ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/e2/8289d7219f42f4a18c6fdbafc965d5/u14.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710a536730f04b132ed935d32b1cbab522dd665efb0568bdbe15fc88f442c499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:36:18 GMT
server: cloudflare
x-amz-request-id: QR6C85GQ0YJ2J6N5
etag: "90b4de00efc0ab5dc987332e3d430328"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b205cf949b33-FRA
content-length: 30426
x-amz-id-2: oNX4bcYDcSpiovegA0hc+ZsaexpnPi82pqQvC8uHi+tN3QYQU+BJySpHOziFue8azpeNMXlPRTY=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 feckersy.png
images.clickfunnels.com/25/269ff1d1a24451837e5e0501568171/ 1024 KB
1 MB 227ms
227ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/25/269ff1d1a24451837e5e0501568171/feckersy.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 490433fb27649efd39e31007e0cce77aa97361e9fe93110bd598f7fd914d1dc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:15:10 GMT
server: cloudflare
x-amz-request-id: QR641Y2A6N6QZV0G
etag: "a3765760ee07486a3cade2f05ea5124c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b206a9749b33-FRA
content-length: 1048278
x-amz-id-2: IjFKjYaHiCEJcDuXpEvwPPjFs/729VZ90I73wtTSKqNHkSBPqrxA5Z9cnQP6gfcbgaLHLuIr5gI=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 u6.jpg
images.clickfunnels.com/7a/124e2fc98943e1a0ce22e395fb1e20/ 25 KB
25 KB 190ms
181ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/7a/124e2fc98943e1a0ce22e395fb1e20/u6.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898a1634913d9b0f24a34adc1982a522b8adcfc9411e3d65b43b57463d6164dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:06:07 GMT
server: cloudflare
x-amz-request-id: QR625M77RP6GN3A2
etag: "f07cf3fad1b5b03d6df2842a0ce22d82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b206b9959b33-FRA
content-length: 25709
x-amz-id-2: tyUc2v66qHL6qzkp76qVhxNAcWinFNGtivB/pwz5AjS/w3qLELnfUSXcs/rORslB1BHjtYkDpak=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 proofe3.png
images.clickfunnels.com/44/6fe667834a49a08c70a6cf76c1ee0a/ 375 KB
375 KB 264ms
264ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/44/6fe667834a49a08c70a6cf76c1ee0a/proofe3.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e26cd727cff0bb1af59622be1c72d47d36e6bdf768825c74158e2d37054fb984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 15:03:42 GMT
server: cloudflare
x-amz-request-id: QR687SPMVA6TF395
etag: "c8bee3fb5e16c1f46f54184468f5224b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b206c9979b33-FRA
content-length: 383602
x-amz-id-2: 95juam2H/Kiz41Y4SbYePHE4gLzMtWGDxRm/TXppo/8LOo0P9oGhv7vUw7JRluPQolA15b2219E=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 proofe2.png
images.clickfunnels.com/d4/0845bc05d0411db807294ddda47c05/ 587 KB
587 KB 212ms
212ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/d4/0845bc05d0411db807294ddda47c05/proofe2.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7436192ff0de059ffbf6c00008a7a122c8af4dd7bf5311f116c3d4a6b117f1b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 14:55:51 GMT
server: cloudflare
x-amz-request-id: QR68S5FS722YCQX6
etag: "f99f81bcf7680660e2404011f0d857f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b206c99a9b33-FRA
content-length: 600580
x-amz-id-2: 7XO0DCD/OuIUKFQ7my/DYl+tOxuCFHaQrJqX2IuiVr2eC4SknksQ3ANVNGe9Ul4EZeuYiF7HPok=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 Screenshot-2021-11-02-at-18.55.14.png
images.clickfunnels.com/7a/240536b79d4701a7d5e156145e0913/ 28 KB
29 KB 181ms
181ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/7a/240536b79d4701a7d5e156145e0913/Screenshot-2021-11-02-at-18.55.14.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3bcd8c80a3393fd1c1a866d005b74769bbabb00dc0668d49c8c3b8d01e2ee18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 19:00:33 GMT
server: cloudflare
x-amz-request-id: QR66SE0G19M3KNGP
etag: "10d63b8d34d266a5de67339fa3c6a97a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b206f9e59b33-FRA
content-length: 29050
x-amz-id-2: AkGvqcj0yc9N8QwER9CSuBpz7ZM0rk72UOJJ7qXhljetaiXLsTFgeTUw6ddLn/0uBLOHsLQSLug=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 w1.png
images.clickfunnels.com/07/b8f3637600408890940affbe017e33/ 275 KB
276 KB 236ms
231ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/07/b8f3637600408890940affbe017e33/w1.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c7438d93ed019cf59d9863325f7ede3a9b2991780df53ac39cf31bfbfb0915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
x-amz-request-id: QR66PXWFCFTV7JCR
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=gRH640jXicLBCx5Fq7llJ3Q1FuVaaPNn0JUFIwLLxwU-1653905588-0-ARK_1vNRx3UqTXVLIIJ6KKSnd5vmCutAdVssc92uDFXE6W24MdknGyOYoR2LD5kVF_d5TWcHagVGbyzPvxn6gZU
content-length: 281651
x-amz-id-2: eQKsqyvVSEhCMqxyCENwnyc5OgpsNleLQTPZh8E4J7oRmZVX/pnocrStFeRAshAPOPPXL0u3WhQ=
last-modified: Sun, 24 Oct 2021 21:19:08 GMT
server: cloudflare
etag: "50d378ac8dd66785084da12db81ebf78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2074a879b33-FRA
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 w2.png
images.clickfunnels.com/d3/df6fa9f63642439fd7a74d16bf1283/ 332 KB
333 KB 235ms
235ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/d3/df6fa9f63642439fd7a74d16bf1283/w2.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 211644377254bb598ea84076be17e0e5ff821839e9e30a0dc4f069adbf5c6936

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:19:08 GMT
server: cloudflare
x-amz-request-id: QR68TYN2HQ6YTRPJ
etag: "5d6f9673a53b65dd5013bfc547a8ab2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b207ebfa9b33-FRA
content-length: 339930
x-amz-id-2: yb1XIhCs494jW1gGMhmRBerr9/eknCJExn9lTa1xEronyfJzHNUIYe5gkh+EgovOuZl0fNm5ReQ=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 w3.png
images.clickfunnels.com/bd/9e7d36c81140f1b3a2d935044347ea/ 288 KB
289 KB 243ms
242ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/bd/9e7d36c81140f1b3a2d935044347ea/w3.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c48857e0bc13cf8f088e94cb47af3c7dc9d45b8fbe19c8b5fa4b1be06a0dcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:19:09 GMT
server: cloudflare
x-amz-request-id: QR6EAH321B3HRXS9
etag: "042fcb73f1dfd31d35659a3d7b92b623"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2081c899b33-FRA
content-length: 295039
x-amz-id-2: +ZEp7umiOgtSX+bC7PPqYXsC/tFVOt1V5/V12pl4RoOhFjOf6gMtn7Hhf3P3TNblgzmlW+LLkQw=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 w4.png
images.clickfunnels.com/08/08aadc789e42a0a9984e7c024916fb/ 290 KB
290 KB 204ms
203ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/08/08aadc789e42a0a9984e7c024916fb/w4.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030a019720d1504681568e83f6ee9bead91802d0f881f43ace527d1566fb2d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:19:09 GMT
server: cloudflare
x-amz-request-id: QR63XV2GAEPAQECZ
etag: "eb49bc6528bec624f4eac72273730795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2086d5a9b33-FRA
content-length: 296714
x-amz-id-2: z6sAWKChfCYC/vBUEoMGOd8CW4LBde89fno6pWwQt5x4HihMTeTtUf+0kDcsSh0mQfxDbIjJtPY=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 w5.png
images.clickfunnels.com/39/1eb39381c44fdb85de192f3b254c6a/ 274 KB
274 KB 219ms
218ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/39/1eb39381c44fdb85de192f3b254c6a/w5.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae48ac55b032979a6caabaaa06e7c789f6a6163f593691dbd1803a9a6d6c903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
x-amz-request-id: QR60TJ9W6WS2CQAV
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ewxttu9e80RIB9W1.up_7SnY4kCwKG3xknPYHzEaeYo-1653905588-0-AeB1-P_nh190Z4j4mUmonew51_xMXtNwEkKwBE-G9K-Ghe2u3VaHbmhZDzQOZE_4BtqNDgkIn2WONV2lqBPmOIM
content-length: 280306
x-amz-id-2: jF31qYU8iGVO8vBwdhXcg9g6usBD04QpHRHnmkrvo8jBa61cezYNoL03h6Ctvg9wHma7Jn17/2c=
last-modified: Sun, 24 Oct 2021 21:19:09 GMT
server: cloudflare
etag: "273657ec5c24b6aeacc3426313189c6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2087d969b33-FRA
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 w6.png
images.clickfunnels.com/fe/5932e3979b4c01af7429739b07a41f/ 318 KB
319 KB 224ms
223ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/fe/5932e3979b4c01af7429739b07a41f/w6.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3c33cfefdb915a80c7dc4c550ab9307c3f734297545339f0bfb25c10d1ee11f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:19:08 GMT
server: cloudflare
x-amz-request-id: QR62P46E56ZB3ZJK
etag: "5b913222553847b2a49e35fb3e39ed80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b208cec99b33-FRA
content-length: 325706
x-amz-id-2: l5jo3CMdrbm7oIO8COqfdh7Eui+Jh+/uGPJtJwDr8a5WLjm3xTtxDpEhK9Pjpkhc2QNsw290who=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 mix1.png
images.clickfunnels.com/a7/acc9c04e6a45d3a8e99ba3ce68595b/ 1 MB
1 MB 260ms
259ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/a7/acc9c04e6a45d3a8e99ba3ce68595b/mix1.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fade8a3c7a116a5394e17a1001602fc863c21090ed5b3ec819fb4ac53f1eb53d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:30:28 GMT
server: cloudflare
x-amz-request-id: QR6FP9Q5HNRM9Y1D
etag: "d5f0851bb9db24c7c71a193f2dcc5c05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20958049b33-FRA
content-length: 1080672
x-amz-id-2: /pLf5Xxdvuv32gGAlneh8k9yRv9NGeAStDfrP1I97nDIGHKSMVi9wHjJMdyBKlJtZyqbVNXzBJ4=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 u1.jpg
images.clickfunnels.com/02/b98d7709b546108050db3a5bcbf488/ 28 KB
28 KB 424ms
423ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/02/b98d7709b546108050db3a5bcbf488/u1.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a02009438c9afe90449d9ef128d5dce38b477233e48d94f810f72a725bca5f33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 15:36:29 GMT
server: cloudflare
x-amz-request-id: QR67EGNP26Q36FSD
etag: "30fba9d5f271df725d0b3f78277a5499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b209a8939b33-FRA
content-length: 28456
x-amz-id-2: 16CRr2IJ3sQnraJWCbmqtAPyR153OHXJcACkNh+OkvVu4trefVLpWuN4352yajLkhXjUaygJ19w=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 Screenshot-2021-11-02-at-18.40.57.png
images.clickfunnels.com/05/ab164d02a3478e974e97b3a8fd0a0c/ 46 KB
46 KB 205ms
204ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/05/ab164d02a3478e974e97b3a8fd0a0c/Screenshot-2021-11-02-at-18.40.57.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 112ab4be77d318ceb30acd07fa1e295ef4bcf612734698908724ca4eeff9cf17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Tue, 02 Nov 2021 18:46:04 GMT
server: cloudflare
x-amz-request-id: QR66HE0SMWD1P7Z2
etag: "4793ab89acb81a3cf80cd112fbab6de8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b209a8989b33-FRA
content-length: 47113
x-amz-id-2: wLcPVMxHKGXG7slZIRLzLklxwbwuKDxC86Tw5ptWX4jGTMp9zrbX8jlrHoR9CQociXRijOe+w4U=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 proofe4.png
images.clickfunnels.com/75/aa1f6d829c483cae36e9f3732021d3/ 675 KB
676 KB 265ms
265ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/75/aa1f6d829c483cae36e9f3732021d3/proofe4.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5aa85cefb2802a9f60c964d8a8cd3247983ad0c530b95888f69ee8a2f70e102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 15:15:51 GMT
server: cloudflare
x-amz-request-id: QR6C49SH02BH332T
etag: "b63f7caaa2cb4b884e8d0577e90f7f7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b209b8d49b33-FRA
content-length: 690819
x-amz-id-2: mRCQ7Rn9I3iLV22LgjAbwlVzXLsSlT7POfs2hiID1j3eTcHp0EswjHmCHOvFBB+yI7HpUfqjfRg=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 Screenshot-2021-11-03-at-11.36.32-modified.png
images.clickfunnels.com/e3/f70ab9dadd40cfaa0af7c5c3032c71/ 1 MB
1 MB 237ms
237ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/e3/f70ab9dadd40cfaa0af7c5c3032c71/Screenshot-2021-11-03-at-11.36.32-modified.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f344769e64b9d6cc9b6d6357d690e238ee1b5317d612be0a68ea1b32fe8247f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 12:32:36 GMT
server: cloudflare
x-amz-request-id: QR6D38AV14M8BTTH
etag: "0cbafe8cc4b74eb83b1300aa9c3d5a1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b209f9499b33-FRA
content-length: 1303771
x-amz-id-2: f2567UfHDgDnRFCVCMvCr477/JuDRUbp7SFwFYE3TMIAYuZb/+727PH/8hhG6uEoYkgdO9KRnbM=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 pr4.png
images.clickfunnels.com/12/6c2dc5d5ca43ed87d712e10b306f52/ 22 KB
22 KB 192ms
192ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/12/6c2dc5d5ca43ed87d712e10b306f52/pr4.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d8d83bd9847018223f875a302e0c003d5d38ee71d8d92fe2cfdcb617076418d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 15:19:47 GMT
server: cloudflare
x-amz-request-id: QR6FHNN2WAGNXNCS
etag: "f847461d5fc008dc2b6ec7f4c0d4129e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20a5a2b9b33-FRA
content-length: 22362
x-amz-id-2: 3XtKMJvdFeVt6DiYVMidMoBaw4CAeCLbAqD0e9Tn1X2i4pKDkepAptVyt70EaRSDPteBQaNrUs8=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 Screenshot-2021-11-03-at-11.44.17-modified.png
images.clickfunnels.com/56/de9e0203bc4f92a3401e56a77560d1/ 529 KB
529 KB 252ms
252ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/56/de9e0203bc4f92a3401e56a77560d1/Screenshot-2021-11-03-at-11.44.17-modified.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 639b759dad1187a156c776b71dc28f9cece6b9575a1cf3353964c1327c5a7896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 12:32:25 GMT
server: cloudflare
x-amz-request-id: CKW0KD4TFMERA8HM
etag: "f31f7634ac3b4dea724cdc2f2893b621"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20aeb649b33-FRA
content-length: 541380
x-amz-id-2: j5QijqAGzDXK9gwyFW3tOUQ2zKjsfKWcxiKWo5ukWRSbqAt30zzhIsgrkXwfNMLBWslwHWv6t5M=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 pr5.png
images.clickfunnels.com/e8/544f4049c5452586552f89e9b4c496/ 35 KB
36 KB 204ms
203ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/e8/544f4049c5452586552f89e9b4c496/pr5.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc2d49ddf9ec8621aae8f7be3e68a4e583db342c66be8bfbe4025de7391ab024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 15:19:48 GMT
server: cloudflare
x-amz-request-id: CKW67GXJ26TAE1S4
etag: "d8a5bbcafc36b4558cb51508ba402c0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20b8c999b33-FRA
content-length: 36234
x-amz-id-2: cD0CxnnprECO82+H3SMqLG41ogkbROFWcTsQ0X6vcqsjgHswkZg/20qIshxj69Uvvl+5NiOdC3I=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 Screenshot-2021-11-03-at-11.39.58-modified.png
images.clickfunnels.com/8a/833baa69114bf2b384bd3883a85d9d/ 452 KB
452 KB 488ms
488ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/8a/833baa69114bf2b384bd3883a85d9d/Screenshot-2021-11-03-at-11.39.58-modified.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 12:32:26 GMT
server: cloudflare
x-amz-request-id: CKWD06RPAX9NYPHT
etag: "f96a05eb33d093fee722dff077c4f6c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20bacf49b33-FRA
content-length: 462361
x-amz-id-2: DbMNjVCouYI82nR0Ab3cPEjQc1C0SnHGLHw8cnH/Fi/W14+wVQKF/lQ46mWwZDzfmD5U2JcLohQ=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 pr6.png
images.clickfunnels.com/de/74e06c25164b88afb8eec9eae180d2/ 18 KB
18 KB 229ms
229ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/de/74e06c25164b88afb8eec9eae180d2/pr6.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9431b63bc479f3ae80171e42074368367d65f2d515790db00e73260f1b57376f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 15:19:47 GMT
server: cloudflare
x-amz-request-id: CKW0J3RTHVG1N4RT
etag: "1ba50d53ba1380d00969c522281520b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20c9fb19b33-FRA
content-length: 18461
x-amz-id-2: 7VMJYYE32nopTuvdDBZTOHrXMoW9zTHBTmZnEOgaaCSytNX4ow8yqxfos2Mr2qcaD3xxNeacVgE=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 u7.jpg
images.clickfunnels.com/84/80c9cc6fe144fbabd3629498aa1614/ 27 KB
27 KB 409ms
406ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/84/80c9cc6fe144fbabd3629498aa1614/u7.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79fa14617c23f2432f500890200dd2be8730c70de12fb9947fa0d98d7920495c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:06:09 GMT
server: cloudflare
x-amz-request-id: CKWFK8YYTJVQQ9MF
etag: "28d4ca390221cde91df726a99bb2d0f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20c9fb29b33-FRA
content-length: 27444
x-amz-id-2: LJbERPAgQelwof5JHsv38jO0cRbqgUc5YSksVPAAuDZUohsY6PF9ThasiDre/3plL4pDf/ugPPs=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 proofe5.png
images.clickfunnels.com/99/a4c9c8a35346758a0e3923a6d82fe1/ 150 KB
151 KB 244ms
242ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/99/a4c9c8a35346758a0e3923a6d82fe1/proofe5.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bd49c0f4acc03c1220faeb598072ad3d207f7d9c1b3544947c18a8aad514342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 15:30:12 GMT
server: cloudflare
x-amz-request-id: CKW30M7CWSK3MRZA
etag: "40028c9f5fd4e20c315e4234615e70ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20c9fb69b33-FRA
content-length: 154002
x-amz-id-2: 0RVAnH8BV6ujNu41mg18hKRqEp8qIfV1f8z6/7U86zIhPBn9YlAZuJ0qzQaxQRPmHY0UnSz4PlQ=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 u8.jpg
images.clickfunnels.com/7d/019f3305aa44a5926bf36510618bbe/ 23 KB
24 KB 224ms
223ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/7d/019f3305aa44a5926bf36510618bbe/u8.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f262cdef9456f81428602958962aab1756f7696cb5c8916f6d75a7f93824646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
x-amz-request-id: CKW69WFG990Y3001
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=AUyVv8sOuWlLsviNZd_wBIhBZcHZ6ruRj2kB2_9UD_4-1653905589-0-AYnnl8wcxQWYnChtZsaWWOa5m9oAXkPF9V1Nc8fjxL-dgwLTUQ3pw9YHHiNvC8IqptouFufF6oAurzBD3h0aQok
content-length: 23985
x-amz-id-2: EyEq1wYLd2SekMncWZ0URf2OPZaKyzYcLl8exh+Z5CmCSLCkzpJTw/RCbL3CxntH9g3OjPMcL+A=
last-modified: Fri, 05 Nov 2021 16:06:07 GMT
server: cloudflare
etag: "ff3783f5841633930fb53fa0f9b7b985"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20c9fb99b33-FRA
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 l1.png
images.clickfunnels.com/f1/95202a3b24427589b7238865cb689f/ 532 KB
533 KB 219ms
218ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/f1/95202a3b24427589b7238865cb689f/l1.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5792b027d31fcc0851f263532751a8c8f5095a184ca643416c68d18cb15a6d72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:50:04 GMT
server: cloudflare
x-amz-request-id: CKW7NYG7NVH9QEWA
etag: "64fe1944c9e7a386a2ab3b37f908ae9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20cd8289b33-FRA
content-length: 545123
x-amz-id-2: il/rUZhM1Q6BF+AJYXfC/42VpYM76hyTXVGLU8mwjenghZgeX6uSXJahVaTGFL9wWeWaChCYGKY=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 l2.png
images.clickfunnels.com/7e/80ca330473423a8b68aea3f0a40217/ 534 KB
534 KB 204ms
204ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/7e/80ca330473423a8b68aea3f0a40217/l2.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f11d353e7cbf4093e3afb091bb1c43d7bf5dd05eaaf393814b6bbcf5d324f621

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:50:03 GMT
server: cloudflare
x-amz-request-id: CKW40XT10KCJ146F
etag: "c2f0b66883d4d3a73d83fedafb98556d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20db9f09b33-FRA
content-length: 546482
x-amz-id-2: nZofJ9nVra9E8g6KyeUzzoCSaeG2bFVI4qUNr41/jni8iZEXRrtd0ccJoVfylbvLWceFhdW7J8Q=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 l3.png
images.clickfunnels.com/30/76321631054a9783b3ae049350235a/ 534 KB
535 KB 288ms
288ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/30/76321631054a9783b3ae049350235a/l3.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:50:04 GMT
server: cloudflare
x-amz-request-id: CKWC69A8MD25E3JM
etag: "538d5021a0d18441fb00ae3a3b9ceb1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20dfa7c9b33-FRA
content-length: 546889
x-amz-id-2: OVi/icUIc2cpKRLEsD7vI1gQjkZtH3BWR+Phcjk0+GNzvhe4Xo5UF8T7yRhqcazLD9UnkxtFBbw=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 l4.png
images.clickfunnels.com/8d/9661156175406baf90228371fc6cb6/ 539 KB
539 KB 203ms
202ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/8d/9661156175406baf90228371fc6cb6/l4.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:50:04 GMT
server: cloudflare
x-amz-request-id: CKWAB406EMW36JM9
etag: "959b5a18692bf9158df51172907f5940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20e1abe9b33-FRA
content-length: 551638
x-amz-id-2: 2ScTaNyty1kE8/RG3drdY4sFhgKvW7kpf9EFacYQiJKCL0O0QNDy69crpxGV/cGKsIQ+fVh97p0=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 l5.png
images.clickfunnels.com/63/30455bcf724c6d9e52281db19d5447/ 531 KB
532 KB 238ms
238ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/63/30455bcf724c6d9e52281db19d5447/l5.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:50:04 GMT
server: cloudflare
x-amz-request-id: CKW9FMZ1W3D8Z4YR
etag: "38bc615fc15869105ab9496e9bd65c79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20eabec9b33-FRA
content-length: 543808
x-amz-id-2: A+fioT60kqljDgx4yR7egilaU19gxciC1u7avo5ZMWErsbOGgHytTSK303ACZ34uxpkh+Ls/1lo=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 l6.png
images.clickfunnels.com/ef/fd42fc191c4aeabe2ee0af2bef43a0/ 538 KB
539 KB 188ms
180ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/ef/fd42fc191c4aeabe2ee0af2bef43a0/l6.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 21:50:04 GMT
server: cloudflare
x-amz-request-id: CKW2FMZW9MWT7W0D
etag: "44bdaf39df0f2f091031b26eed823e81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20f0cbf9b33-FRA
content-length: 551310
x-amz-id-2: wUMKq11dee552jJ/Bee4TweHlO+fTsxtNowSbpRitmxif4Z8/KcnqWKaOS4AKqegoy0ODtPxWhM=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 b1.png
images.clickfunnels.com/d3/3b3015972748238f580c65b3d708bb/ 427 KB
428 KB 214ms
213ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/d3/3b3015972748238f580c65b3d708bb/b1.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 22:27:22 GMT
server: cloudflare
x-amz-request-id: CKW8EVQWMTXDHRP7
etag: "34dbd0fa2b76cd408b0a236bde429f10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20f9dcf9b33-FRA
content-length: 437377
x-amz-id-2: tzKF5pMUtCa66jTX2+9unRWMNOjhlLllKLj1S/7XlTgVfvDWwDJkLJkoSBiavFcQS/0qd34DgXI=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 b2.png
images.clickfunnels.com/d9/48502582684ba3bcae542888214998/ 427 KB
428 KB 234ms
234ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/d9/48502582684ba3bcae542888214998/b2.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 22:27:22 GMT
server: cloudflare
x-amz-request-id: CKW4G5Z8MQPMMDJ9
etag: "b69b384647eaf6f0f6c6b2ae2d334dda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b20fadf79b33-FRA
content-length: 437724
x-amz-id-2: 8ETw+umxkcXnvwpaL9VjFwNP6xXu6m444wzfA89pP2ujWhZawigF7ZPN+oh4XD8XMuRRQ16AqsE=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 b3.png
images.clickfunnels.com/ab/c6d597733b4f41b74f037b943acd47/ 428 KB
428 KB 206ms
205ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/ab/c6d597733b4f41b74f037b943acd47/b3.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 22:27:22 GMT
server: cloudflare
x-amz-request-id: CKW4JJK4JET5NZJ2
etag: "daa86c511f6d81c30ce3632071a217ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2100eba9b33-FRA
content-length: 437926
x-amz-id-2: fiPUXeTFntLdVF17sSvTW6NEtSUYbaFx9mgt/+Hr31bDA1gEZyMLAMSLB064Gy2MxblpUaxPUZQ=
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 b4.png
images.clickfunnels.com/b3/dd217978cf4ca585da2ecabe6f0735/ 427 KB
428 KB 220ms
219ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/b3/dd217978cf4ca585da2ecabe6f0735/b4.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 22:26:47 GMT
server: cloudflare
x-amz-request-id: CKW913CWJB847JY4
etag: "689a3de426b47ae11819201b6a3c8cbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2104f959b33-FRA
content-length: 437740
x-amz-id-2: CNjd6JgwCZqVv968bfXml+fMxOKYM8I1//so9E6CPlwDwic7XBA08YHJozTEq+UjWJtV//5ybHo=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 box.png
images.clickfunnels.com/2e/c3d951b37842c583a34e9913b600f5/ 1 MB
1 MB 228ms
227ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/2e/c3d951b37842c583a34e9913b600f5/box.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 20:30:29 GMT
server: cloudflare
x-amz-request-id: CKW4Z9TY60RMRYAA
etag: "c1df19b91b031cf0382e6058c70a1256"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2106ff69b33-FRA
content-length: 1163267
x-amz-id-2: 71izb6bmALwyFWWIUVkX1jbuxjbviBCLuF0pIalUms3PdLUGUBdt2CRmrHHR4c8SG/wcpo9g1bU=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 christmas-sceeenshot.png
images.clickfunnels.com/06/5f75bbb0224e7fa4e99d461f922897/ 36 KB
36 KB 44ms
43ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/06/5f75bbb0224e7fa4e99d461f922897/christmas-sceeenshot.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: HIT
age: 3747
cf-polished: origFmt=png, origSize=48087
cf-ray: 7136b210781c9b33-FRA
last-modified: Tue, 01 Dec 2020 16:42:28 GMT
content-disposition: inline; filename="christmas-sceeenshot.webp"
content-length: 36622
x-amz-id-2: q1nyKifUAta7jwqV8h3x/57Fg3LRLdNLnWti3Q1rDZZXhTfHRTgrdsNUztZe3wHWRsY201wCyN4=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "1544fe7bd380f01bc75abc5fc6eb623b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 1AEMR9NKQYJ8ATVR
cache-control: public, max-age=2073600
accept-ranges: bytes
content-type: image/webp
expires: Thu, 23 Jun 2022 10:13:09 GMT

GET
H2 200 u9.jpg
images.clickfunnels.com/1f/ca1ba59a2d4b69bdb3abea665c2fa7/ 33 KB
33 KB 202ms
202ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/1f/ca1ba59a2d4b69bdb3abea665c2fa7/u9.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:06:09 GMT
server: cloudflare
x-amz-request-id: CKWFPZT01Y6STAN6
etag: "6f46b98a2f1ad49d7388df94bf4a2fe3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b210c8b79b33-FRA
content-length: 34059
x-amz-id-2: mj9QQhvvXLzaa7qJhFFAzrjCIh4YIC93Trab1Kmaqrc0yky8Pvi9t7rgQ1WYCB16ogwgj9fUw68=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 u10.jpg
images.clickfunnels.com/12/1c1bdc162149a3a65d63e02ef7b1d7/ 19 KB
19 KB 191ms
191ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/12/1c1bdc162149a3a65d63e02ef7b1d7/u10.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:06:06 GMT
server: cloudflare
x-amz-request-id: MZ4F7GR4BNH6BPEN
etag: "4a38c0d8563b9d99ad131679347c85fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b211196b9b33-FRA
content-length: 19695
x-amz-id-2: q4y71wKuaqZ+G0mN4IsfCG7wRpGOCnzZRtfA6wYOP0gUqVAghRzWP/o6M2B2jJM5UQbuj0kTmIg=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 box.png
images.clickfunnels.com/66/ac986cd8fd4f8f9dd548b43d202541/ 1 MB
1 MB 234ms
234ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/66/ac986cd8fd4f8f9dd548b43d202541/box.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Oct 2021 18:08:55 GMT
server: cloudflare
x-amz-request-id: MZ432KQTKQ946VPF
etag: "ae41e31963cc44c6f3d2b9a91b005114"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b21139d89b33-FRA
content-length: 1163267
x-amz-id-2: yKQi59fmhe1oHMpsHHx8Tu/cuC0i7QusjctVD5wLxOJKk+sYOzFKEQhHK68lJeTVnVtMB4tzXqg=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 u11.jpg
images.clickfunnels.com/ef/864c1c19864893930dc682e3340ddc/ 15 KB
16 KB 170ms
170ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/ef/864c1c19864893930dc682e3340ddc/u11.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:06:09 GMT
server: cloudflare
x-amz-request-id: MZ4FJJ2C4C8D2RMK
etag: "52f2ea1d09d101bdddc9201aa2d5434a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b211caf89b33-FRA
content-length: 15741
x-amz-id-2: QIKHrARUDR9qwHc9ozg3iY21GxlJzIBs0sxz07AxEbXZWbDpDNDpPctcIKJWGNQxcmHq5hq+S1A=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 u12.jpg
images.clickfunnels.com/6e/398e05b32f43aa945e7ff0aebb50bb/ 27 KB
27 KB 161ms
160ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/6e/398e05b32f43aa945e7ff0aebb50bb/u12.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:06:09 GMT
server: cloudflare
x-amz-request-id: MZ47BSBFMW4C351N
etag: "e11d98d25b357e6360cf34fd5f2a8a57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2120b6e9b33-FRA
content-length: 27319
x-amz-id-2: BLRXkcyazhjBVr1nZa/iZVOceDrTpTGnPRd9nlIsYXaFzCVDSpQKCIRLZzQlMQNc0QFxk9ahnnU=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 ipad.png
images.clickfunnels.com/c7/e0a88bf329422fad9788436734cb28/ 1 MB
1 MB 203ms
203ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/c7/e0a88bf329422fad9788436734cb28/ipad.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Oct 2021 00:45:16 GMT
server: cloudflare
x-amz-request-id: MZ49N8960JVN2ZM3
etag: "c2d9b9961277da19928764ce53a3d058"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2123be69b33-FRA
content-length: 1210928
x-amz-id-2: 9eLRNQGuCfiK+1zSc42A6jSxRIoayamowmN+fsaB31GyI7BRlBlMfJ7gdeR3j3ofV4eEMj5Z86w=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 money-back-guarantee.png
images.clickfunnels.com/b7/ca2e49631549aca55ef5d981223d7c/ 159 KB
159 KB 212ms
211ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/b7/ca2e49631549aca55ef5d981223d7c/money-back-guarantee.png
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Feb 2021 17:33:21 GMT
server: cloudflare
x-amz-request-id: MZ41SXJA51FW2NY9
etag: "14fa85043fa9a9ef07a8cf8d81157b7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2124c0c9b33-FRA
content-length: 162523
x-amz-id-2: pXOiBx6bTUZQ8WN+Y/Bmncb9Gb0NXkUnpAuipf5i42YSb0xp7dSdEL8K2OBKXLqlvdgDodVQklU=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 u13.jpg
images.clickfunnels.com/3f/110fed69b8406b8624ede4a8198991/ 24 KB
25 KB 180ms
180ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/3f/110fed69b8406b8624ede4a8198991/u13.jpg
Requested by: Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 16:06:09 GMT
server: cloudflare
x-amz-request-id: MZ4CD2TCM5NFW5VG
etag: "f38be7152ede26f4fcf8e8002dd7cc25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2125c359b33-FRA
content-length: 24985
x-amz-id-2: Gg0bBqo3rUVNH4domSOaQ1oO/NuUQhgtH0+W/Fe7mffGPBKCUlJ/fUSqgAjwAM8+eUBAtXL6L4k=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
769 B 76ms
40ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One%7CMontserrat%7CRoboto%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CMontserrat%7C

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cb1ea3f9db03c00b12315ba1f574dbe31f44f9d23f8ca188063442cdd481f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 May 2022 10:13:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 30 May 2022 10:13:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 May 2022 10:13:07 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
642 B 84ms
28ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:800|Poppins:800

Requested by

Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e1cbd89cbb16aa4ed21456fe7a43b9b618b2b922aa6bcbb2c06e8293ea2f480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 May 2022 10:13:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 30 May 2022 10:13:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 May 2022 10:13:07 GMT

GET
H2 200 lander.js Show response
www.clickfunnels.com/assets/ 2 MB
661 KB 53ms
53ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickfunnels.com/assets/lander.js

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

025e4337e3c0b187ad9311ba6245f342852379ba27ea3e0ed63b6ad2d13ceb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://grabhijackd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 708
last-modified: Thu, 26 May 2022 21:54:43 GMT
server: cloudflare
etag: W/"628ff723-238a19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 7136b1fe9fad9b33-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 30 May 2022 10:33:07 GMT

GET
H2 200 pushcrew.js Show response
app.clickfunnels.com/assets/ 637 B
759 B 91ms
80ms Script
application/x-javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/pushcrew.js

Requested by

Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 950
last-modified: Thu, 26 May 2022 21:52:54 GMT
server: cloudflare
etag: W/"628ff6b6-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 7136b1ffea5c9b6e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 30 May 2022 10:33:07 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 33ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: n8E79QjD/vWpHZq8q+ZiW35Rq4Qes4j/dvhh3LHJgX71Mo0K7NVQSN+Az0BsrEclmayBxL8fr+YVBXRPR4n/Ng==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 30 May 2022 10:13:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main3.png
images.clickfunnels.com/f8/ef4acb4b864019b2ef9a3af6b6f564/ 2 MB
2 MB 230ms
230ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/f8/ef4acb4b864019b2ef9a3af6b6f564/main3.png
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14cd216e74d1c3f34bec6171937ca0fcb3aaf568c728447da6053f01da7970b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sun, 31 Oct 2021 14:53:18 GMT
server: cloudflare
x-amz-request-id: 2RGAEMFDQ4TYRDM8
etag: "fe7b68eff7885d8b49ddcf8c3423ce4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2043c1e9b33-FRA
content-length: 1917891
x-amz-id-2: wiYuPBAQsAkIC/hZc7XxQPyyTvfoINtN3DnXh9RHyM3GijsRro/biWsjlG9oOZhivquxO3Gto10=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 headbg.png
images.clickfunnels.com/71/0863c6af034eb8b1442db17752f48e/ 10 KB
10 KB 229ms
228ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/71/0863c6af034eb8b1442db17752f48e/headbg.png
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53537efa5218c829f8cc1f30173eea1cb8c0fc536978df9e844e5cca2f7a8ba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 12:05:48 GMT
server: cloudflare
x-amz-request-id: 2RG92JM1NEVX4S2Q
etag: "428d314c56b63e08559163b2c216ec1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2043c239b33-FRA
content-length: 9825
x-amz-id-2: 5QGm9EEJ3FdQe6JLyTdmRw/UZFqij/m/m5OV1ObEIpypywdomYRdB48PUDB7kNIfjs4zJGzTz18=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 li.png
images.clickfunnels.com/2e/feab0b932b4bffbe9939274cce1fb1/ 2 KB
3 KB 160ms
160ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/2e/feab0b932b4bffbe9939274cce1fb1/li.png
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f17ebcce6e67a401c5b8a5b300af29b2235a84593af3d0cd05bae3556a0b1639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Oct 2021 21:07:44 GMT
server: cloudflare
x-amz-request-id: 2RG71M4E5DRBFZ0H
etag: "fc2dcabdd987b5ce98d2a66c8b0a6aca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2043c259b33-FRA
content-length: 2380
x-amz-id-2: aL2HXz6UwLYLEm7LfgxBirsklR24gYQLLzOx3V/XrJOwiy2OzPuZkfiWXEhYWjwHgBEO9YwCLy0=
expires: Thu, 23 Jun 2022 10:13:08 GMT

GET
H2 200 button-bg.png
images.clickfunnels.com/1b/4e616bf4344bc097796014e01ef3b7/ 5 KB
5 KB 228ms
228ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/1b/4e616bf4344bc097796014e01ef3b7/button-bg.png
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Mon, 24 May 2021 12:40:44 GMT
server: cloudflare
x-amz-request-id: MZ4APGTSR2BP9GA9
etag: "372e97d13d4763678ad8c313012bb8e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b212fd8a9b33-FRA
content-length: 5297
x-amz-id-2: kCmmEGXufWMu94O6TFHMdl8rAt/iblHW9H/jo/e18hC6Get4NfSPQhFI+V9PIlZj7KU7fZrV8lk=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 bg51-2.jpg
images.clickfunnels.com/20/b022ffbc1d4e69859cb7e72894b302/ 87 KB
87 KB 234ms
233ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/20/b022ffbc1d4e69859cb7e72894b302/bg51-2.jpg
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 16:01:35 GMT
server: cloudflare
x-amz-request-id: MZ4835XMYM5WFES2
etag: "ee4bc2e08cbe9e5ab612fa24f1eeae68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2130db99b33-FRA
content-length: 88908
x-amz-id-2: 5Y87U+lZMcnY3QRtizG/pGwXyR4MotsjLe4bXW3ZDqmL5/h3cHoao6hueDYKNZsGJbfr6ANZHnY=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 sep1.png
images.clickfunnels.com/90/1e4754b219475da22613e8a63ba771/ 17 KB
18 KB 188ms
188ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/90/1e4754b219475da22613e8a63ba771/sep1.png
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Sun, 31 Oct 2021 15:18:12 GMT
server: cloudflare
x-amz-request-id: MZ47GATJ6YT04JAF
etag: "2a93c4ad843ed4af3b559581d8473bca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b2137ea89b33-FRA
content-length: 17623
x-amz-id-2: 9x7+ovyjQYfbOvu4oe072xfbSYRWgZ9XUv86T88YYtmlYN4BT0MRdKqZsCcNB7LeJK/i9gMWd34=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 bg10.jpg
images.clickfunnels.com/4a/ee4eeca5994a3ab870cb6e01b4575f/ 85 KB
85 KB 221ms
215ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/4a/ee4eeca5994a3ab870cb6e01b4575f/bg10.jpg
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Oct 2021 19:21:35 GMT
server: cloudflare
x-amz-request-id: MZ467A9E0F07Y02R
etag: "883a89d967deb80ea3f03999fc91a0ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b21448479b33-FRA
content-length: 87233
x-amz-id-2: RZ2xeFzC+3jqUl4WpwcUJj5+nlrX/0lno7By4KEGpgD+v9e7cHtR+/kJ/lLphYH1s6BrqksHpmc=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 x-32.png
images.clickfunnels.com/60/97b47696294748b2d7921aa207d8f4/ 536 B
1 KB 60ms
58ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/60/97b47696294748b2d7921aa207d8f4/x-32.png
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: HIT
age: 3756
cf-polished: origFmt=png, origSize=861
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=4rAyWQAJltwmMDWU02vNQsO6enCuDhA2Jpk.rSfQTQU-1653905590-0-AbDekA0cOg4lRDmJWKI3aVUY2fuWgj9Ifi568tg20I7oeLUWRCnqxs3veMwp-K32F5LmLmhfeY4ij0cr1U-xnYI
last-modified: Wed, 14 Oct 2020 15:48:33 GMT
content-disposition: inline; filename="x-32.webp"
content-length: 536
x-amz-id-2: aqYV5SrN75fbj4chwkcmGkGnLKAhJQv9YKVghWxlJ77RAXH9tcDKB6Z3xQFdyG613xNBEi/LlS0=
cf-ray: 7136b21448579b33-FRA
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "d45010b407ae3506f67e906f96f9d5e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: KAFY5JJTVMDSAAJ6
cache-control: public, max-age=2073600
accept-ranges: bytes
content-type: image/webp
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 bg11.jpg
images.clickfunnels.com/77/be0ba346894b94ad2c657267aa00ef/ 95 KB
95 KB 238ms
237ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/77/be0ba346894b94ad2c657267aa00ef/bg11.jpg
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Oct 2021 21:03:47 GMT
server: cloudflare
x-amz-request-id: MZ4BVF3EGGVH3PZM
etag: "b39c53b7d99a7fda9081a96de8cc8cae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b214585b9b33-FRA
content-length: 97366
x-amz-id-2: y4HF/i2kv2b99QRTYNreBqc0cIBb+f6FQUYErViBTB7GP3CU+au88twZHPTZVxe6oXbfaZWL65g=
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET
H2 200 check-33.png
images.clickfunnels.com/3a/738de9baa54cb59a074a69c86fdb06/ 734 B
987 B 156ms
156ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/3a/738de9baa54cb59a074a69c86fdb06/check-33.png
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 20V1J0JF3N6N7GT0
cf-polished: origFmt=png, origSize=1144
last-modified: Sun, 24 Oct 2021 14:22:45 GMT
content-disposition: inline; filename="check-33.webp"
content-length: 734
x-amz-id-2: P3u72KwWA92x9cIvRJMzyGw92nEWpjxb76HLA8cbSrggka7cgr59Bu6TV4fau8CLmJDNm/TIElU=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "b28decfd2985c4cde592c22e0f280d2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b214586d9b33-FRA
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET bg4.jpg
images.clickfunnels.com/dc/afc4d57a0443459074757f42166c7a/ 0
0

GET 111111.png
images.clickfunnels.com/c3/456e8997a44143a3a9d055cd6f4289/ 0
0

GET
H2 200 przejscia.png
images.clickfunnels.com/bf/23898d19554409ab3c2ed48f704f84/ 7 KB
7 KB 159ms
157ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/bf/23898d19554409ab3c2ed48f704f84/przejscia.png
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
cf-cache-status: MISS
x-amz-request-id: MZ4E4PVQH1W92BB0
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=FgMnVlwFDePUMZhULTfyDcBM6HLSh1JwX6LXYtwMRFs-1653905590-0-AVKNrzU_Xs8zJ-EEgBCcR-9b8oZdB4403tqjirJnqeqL-LnQKbkEozFGKdrO9aw3dpj0iIiI4PN9wPzGN078Cjw
content-length: 7149
x-amz-id-2: M4o5E+Ipx1g/zCEpe0M0mg8CCZSzO7pHKi2XCxPAlNvnC5k/XCr8IhWhnC2z/Mxh/OFm/Cy/UzI=
last-modified: Wed, 13 Oct 2021 18:40:42 GMT
server: cloudflare
etag: "ab58d5b6ab5ba649e0a45f23fecf9c65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2073600
accept-ranges: bytes
cf-ray: 7136b214b93d9b33-FRA
expires: Thu, 23 Jun 2022 10:13:10 GMT

GET bg3.png
images.clickfunnels.com/58/d5e7bf34704a8aae78902c46127437/ 0
0

GET bg12.jpg
images.clickfunnels.com/6b/b7368d0c1241fe938c8aecf8fd79fe/ 0
0

GET bg70.jpg
images.clickfunnels.com/0b/bd2ea6f9ae4a1896094c3a3e68efcd/ 0
0

GET bg35-2.jpg
images.clickfunnels.com/f2/68814488174211b2255343bbc2d8bb/ 0
0

GET check-32.png
images.clickfunnels.com/0e/3da9e68f5d41ab99d259b859100e5d/ 0
0

GET bg2.jpg
images.clickfunnels.com/cb/0cbdb027124ca393f7c1ede860c91a/ 0
0

GET bg13.jpg
images.clickfunnels.com/00/eb510e0b7b42cdbd4da60b40341286/ 0
0

GET bg14.jpg
images.clickfunnels.com/73/6c729b7bbe4205b0021aa63a960348/ 0
0

GET bg15.jpg
images.clickfunnels.com/53/7c76ae941c42f3864dc2e17560336e/ 0
0

GET bg16.jpg
images.clickfunnels.com/43/412e6bf62e40749007c37795de8f67/ 0
0

GET bg17.jpg
images.clickfunnels.com/7a/c726e46cca42bc93cd1d1e04f9774f/ 0
0

GET bg55.jpg
images.clickfunnels.com/f3/6788b6792a47b48f47aa496ad3884a/ 0
0

GET bg56.jpg
images.clickfunnels.com/0f/72c44a8c8e444795336062fd61f9c6/ 0
0

GET bg18.jpg
images.clickfunnels.com/2c/321e75ac794c97a9e2052462b57d6a/ 0
0

GET bg19.jpg
images.clickfunnels.com/3b/4b69c611734587a225570b5849a9e0/ 0
0

GET bg58.jpg
images.clickfunnels.com/6d/f110a885664c97b21d3886d94dfb70/ 0
0

GET bg20.jpg
images.clickfunnels.com/61/cd8ca0a9824a8d9cc482a39f8bc245/ 0
0

GET bg21.jpg
images.clickfunnels.com/d9/a9eb4e4a06476fbaa2eacf2bb9d072/ 0
0

GET main.png
images.clickfunnels.com/c0/6b408a4c65473fa9bef04ade33f57d/ 0
0

GET bg22-2.jpg
images.clickfunnels.com/e7/2626d9f8db44e99aa34bcc317717b0/ 0
0

GET bg36-2.jpg
images.clickfunnels.com/d5/6d9b7f689d43f0840478f08ad74707/ 0
0

GET bg37.jpg
images.clickfunnels.com/1a/b2d88f2339414ea2e24cad5737119e/ 0
0

GET bg23.jpg
images.clickfunnels.com/83/215fafe82b4cf087767d76cbcd31b3/ 0
0

GET bg24.jpg
images.clickfunnels.com/75/c7985d437f46519a1cc8f185ff378f/ 0
0

GET bg25.jpg
images.clickfunnels.com/1e/961de5d4ea4d90ae90899c941ce555/ 0
0

GET bg26.jpg
images.clickfunnels.com/bb/19fb4678c8457c96e82d5ed47c9918/ 0
0

GET bg27.jpg
images.clickfunnels.com/b8/ce812136944d15912babd3cf504205/ 0
0

GET bg28-2.jpg
images.clickfunnels.com/0a/37e3c2b50f40b8bf4ebadefb903290/ 0
0

GET bg29.jpg
images.clickfunnels.com/fe/90281a9c3c4449bc789414c06fb752/ 0
0

GET bg30-23.jpg
images.clickfunnels.com/8e/826905142e4db0b2c6fa4b8c2d6233/ 0
0

GET bg21.png
images.clickfunnels.com/5b/e0543746474e6baf0b5ecb60c3bf8b/ 0
0

GET bg6.jpg
images.clickfunnels.com/45/47177f77744b289ab99b177eeaf1c4/ 0
0

GET white-bg1.png
images.clickfunnels.com/d5/169ec8017e4fbaabe62d5903495af4/ 0
0

GET bg33.jpg
images.clickfunnels.com/e3/095b60ef4347a08099469e3f27257f/ 0
0

GET bg31.jpg
images.clickfunnels.com/96/b5d931ef7b4f5386eb54c475102e83/ 0
0

GET bg38.jpg
images.clickfunnels.com/03/605047546b43c5b0703cf890a379e6/ 0
0

GET bg4.jpg
images.clickfunnels.com/ba/fd3ced41cd4312b6fb4a1808b5bdf1/ 0
0

GET bg39.jpg
images.clickfunnels.com/13/8de7c57b7249ce8fffc478f47c03bc/ 0
0

GET sep2.png
images.clickfunnels.com/4b/30c4a3f72e4e8ea5858e534cea5293/ 0
0

GET bg40.jpg
images.clickfunnels.com/9f/91e74eaebd4896b2f62730d50ab51c/ 0
0

GET bg1.jpg
images.clickfunnels.com/91/137d60b13347d09de392d4a682488c/ 0
0

GET bg1.png
images.clickfunnels.com/26/af73197628412cb770b2976c71cff9/ 0
0

GET bg41.jpg
images.clickfunnels.com/31/ac10bcd59d4d2a899c2c3689be6e52/ 0
0

GET bg42.jpg
images.clickfunnels.com/10/8c3cffacb94230800cd5fe95e85c70/ 0
0

GET bg4-2.jpg
images.clickfunnels.com/dc/2a0ffad4574e7190490e5000820b98/ 0
0

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ 12 KB
13 KB 88ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One%7CMontserrat%7CRoboto%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CMontserrat%7CMontserrat%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grabhijackd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:13:57 GMT
x-content-type-options: nosniff
age: 493150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12708
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:13:57 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 74 KB
74 KB 289ms
224ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://grabhijackd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:07 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2RG46TC7G4NPNNH3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75440
x-amz-id-2: nY4f6kkhIW+TxFsfIgHVqxrUodzjTS1PeUOQ2+J3PbBZGS19K9fqvbSc6sVqSqePzxW2EOmluLs=
last-modified: Wed, 30 Jun 2021 15:48:27 GMT
server: cloudflare
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmri6oYbr1kylJpVmws6RRQBaCzEjEmhAkDQRifhdBui9JYCPz%2FViLR4ipJW04d2uzKrMLY8fVExl3LZYtuxRVEP6Xr6iO7NL3WE5d6azjQ%2FaOd21ibg76NTWCVZe02iscyeXcQTRsHfl4jBpoo33f%2BV"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7136b2017ad59b9a-FRA

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 86ms
30ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grabhijackd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 523645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:45:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 98ms
43ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grabhijackd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 572712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 19:07:55 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ 13 KB
13 KB 60ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr73w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:800|Poppins:800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89f9d0e9273b2b164d63820d5591775fc9f3e04374581dfe4aef1f271666eefc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grabhijackd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 17:22:21 GMT
x-content-type-options: nosniff
age: 492646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 17:22:21 GMT

GET
H2

200

cf.js Show response
www.clickfunnels.com/
Redirect Chain

https://app.clickfunnels.com/cf.js
https://www.clickfunnels.com/cf.js

18 KB
5 KB

87ms
86ms

Script
application/x-javascript

2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickfunnels.com/cf.js

Requested by

Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/

Protocol

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3824
last-modified: Thu, 26 May 2022 21:52:55 GMT
server: cloudflare
etag: W/"628ff6b7-476a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7136b20d18ac9b33-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

Redirect headers

date: Mon, 30 May 2022 10:13:08 GMT
cf-cache-status: HIT
access-control-allow-origin: *
server: cloudflare
age: 1093
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
location: https://www.clickfunnels.com/cf.js
access-control-allow-credentials: true
strict-transport-security: max-age=0
cf-ray: 7136b206ad279b6e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H3 200 1287857651305444 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 72ms
72ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1287857651305444?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95fe7cbba05c1ff2acf73460c8f37ffd8b094abfd9ac1c7089af2a7c0b878d64

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: JrUS2G+vfwZ9hk2BvqjUonlPqvQw+DYDOasEDZF2hlhWTZLr8lVNNu31r6JpaUV8KUOx2BkzroYtzcYiu8zSpg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 30 May 2022 10:13:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653905588332
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
332 B 796ms
748ms XHR
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=emx3bFVtcjhlUlRhSkFmYnIzK2Y0dz09LS04K20yWjBtcFZsc1h1dHI2enIyRVV3PT0%3D--e55f4dccf1093d3da4937389dc35bfce1d82d873&page_id=TGMzSHlIZHZNYlc0WUFQQ3dBRHkvQT09LS15Zk1MMGNTcnhMaDZWbGdDZjk1WkZnPT0%3D--aa10507a602daf47e549246fb17eda968d2ccb81&funnel_step_id=MnlCY2R0MzdnR012Q2hZQ2I5UEtsdz09LS1xOWJBdWR5KzdRbkk4WW12SmFxVjVRPT0%3D--90416d3ff9f0cdfcc190f618ec1879b7c7a7fd55&user_id=QVNEUWpBOGZhbys2SnViUFpEZXBDZz09LS1QeTV2WlQyNlhvL3JscEl4SWFQZFJnPT0%3D--0d4e07b1a91c1074759118dba8621e3c4bcbb4ac&account_id=QU5teGR1WjRqUnVXblFEZ2FPNUxIUT09LS12dTV1SUczZzJxM3cvMEcxazVuaHB3PT0%3D--72167d09282369c3001bdf7a0c5ce42d3dba8d9e&page_code=NTEyNjUwNjA%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=6e8d499f-4fae-41cb-a2f3-a0fc638a34d3&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 8e3e9aa732fa90459e9c5f88fd3216c8
x-runtime: 0.084440
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7136b2088f199b7c-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
813 B 257ms
216ms XHR
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=emx3bFVtcjhlUlRhSkFmYnIzK2Y0dz09LS04K20yWjBtcFZsc1h1dHI2enIyRVV3PT0%3D--e55f4dccf1093d3da4937389dc35bfce1d82d873&page_id=TGMzSHlIZHZNYlc0WUFQQ3dBRHkvQT09LS15Zk1MMGNTcnhMaDZWbGdDZjk1WkZnPT0%3D--aa10507a602daf47e549246fb17eda968d2ccb81&funnel_step_id=MnlCY2R0MzdnR012Q2hZQ2I5UEtsdz09LS1xOWJBdWR5KzdRbkk4WW12SmFxVjVRPT0%3D--90416d3ff9f0cdfcc190f618ec1879b7c7a7fd55&user_id=QVNEUWpBOGZhbys2SnViUFpEZXBDZz09LS1QeTV2WlQyNlhvL3JscEl4SWFQZFJnPT0%3D--0d4e07b1a91c1074759118dba8621e3c4bcbb4ac&account_id=QU5teGR1WjRqUnVXblFEZ2FPNUxIUT09LS12dTV1SUczZzJxM3cvMEcxazVuaHB3PT0%3D--72167d09282369c3001bdf7a0c5ce42d3dba8d9e&page_code=NTEyNjUwNjA%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=75f40157-ce9c-4ff9-ba69-c8a6db1c1671&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 11a5d30454bbf15da9c08b196ba786f1
x-runtime: 0.036119
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7136b2088f1c9b7c-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
310 B 258ms
227ms XHR
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=emx3bFVtcjhlUlRhSkFmYnIzK2Y0dz09LS04K20yWjBtcFZsc1h1dHI2enIyRVV3PT0%3D--e55f4dccf1093d3da4937389dc35bfce1d82d873&page_id=TGMzSHlIZHZNYlc0WUFQQ3dBRHkvQT09LS15Zk1MMGNTcnhMaDZWbGdDZjk1WkZnPT0%3D--aa10507a602daf47e549246fb17eda968d2ccb81&funnel_step_id=MnlCY2R0MzdnR012Q2hZQ2I5UEtsdz09LS1xOWJBdWR5KzdRbkk4WW12SmFxVjVRPT0%3D--90416d3ff9f0cdfcc190f618ec1879b7c7a7fd55&user_id=QVNEUWpBOGZhbys2SnViUFpEZXBDZz09LS1QeTV2WlQyNlhvL3JscEl4SWFQZFJnPT0%3D--0d4e07b1a91c1074759118dba8621e3c4bcbb4ac&account_id=QU5teGR1WjRqUnVXblFEZ2FPNUxIUT09LS12dTV1SUczZzJxM3cvMEcxazVuaHB3PT0%3D--72167d09282369c3001bdf7a0c5ce42d3dba8d9e&page_code=NTEyNjUwNjA%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=e8c44f43-da9f-4046-bc80-e96180175173&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: f4d86fbe8a088b4c9743ecc98995693d
x-runtime: 0.032778
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7136b2088f1a9b7c-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 200 exitsplash.php
instantecomfunnels.com/ 2 KB
958 B 826ms
233ms Script
text/html 192.254.225.179
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://instantecomfunnels.com/exitsplash.php?tc=3399cc&ua=1&uh=none&ad=none&sh=no&hv=no&bh=22&fs=12&lf=Arial&at=Powered%20by%20ExitSplash&_=1653905588775
Requested by: Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.225.179 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-225-179.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
content-encoding: gzip
server: Apache
content-length: 861
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-439749027&_=1653905588777

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0b81ac71d12a2835c825195f2c1167e8bc6d84bde41bc28f90b86b5d8d0806a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43200
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 89ms
38ms Script
text/javascript 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

439bb68e4b99a7037363e3c9671380459a2e0aa1c8276fb1c68823da04608a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14847
x-xss-protection: 0
server: cafe
etag: 14193202862953550909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-439749027&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f934c4911e2d8c664fb66b811596fa1642f707c46424172e4cd81132ad025354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43212
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 152 KB
56 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-313468456&_=1653905588802

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca894202810df3a20186c61d0a7b7416ec4e37003281ce25519951b9bc17bdcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57564
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 152 KB
56 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-313468456&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2948745eed8c4da19dc817319de1d319eeb6d57f4a12b6c1a1aebc80948759a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57576
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-312977837&_=1653905588803

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2643045bd791705f3335b257ce9736679bef18578c94ed9d2e97c5cb70be17d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43195
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-312977837&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

522f795374aebde583657542d5448c730fe90b76f040aed72c39815fae60337b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43213
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-315335645&_=1653905588804

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1f4f1cedcab9260d79adf2c3315632c23922f58c8234ef2fb94a1eba991d7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43196
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-315335645&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ea7291ba895b1fd0e03487dedb555ca4a6d0834b7295237db6b4e6792705c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43212
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-315237516&_=1653905588806

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

235cc90e56825e40602607bf665e5e4ca6bb4a8110037c9146c35b77c6d6c5ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43195
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-315237516&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c800fe028ec6492893ce0695a3b99dca1cc7f9737bf43557067036571b25601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43212
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-306712238&_=1653905588807

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bbec1d1e5c06d61ec67d08848e54f8d6e96df83914aacf0d5bf01b3f8a74a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43196
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 69ms
69ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-306712238&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c486b5426f255de37cb2838ce85515d3fd057dcbed0a451d5db53f7170eec6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43214
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 74ms
74ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-310405018&_=1653905588808

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

833a915c2ef1d4b97fba5802374041024c5617ccef4a67f80af78d490628a5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43193
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-310405018&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fcd483e12575ba9886e397b65f9e5cfb75ba1aa96df022272e309bb73b2964b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43211
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 80ms
79ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-472761657&_=1653905588809

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f45746be7d3ffbab2586d655b981f2ad28c4d454464de06bed180c846ef2404b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43195
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-472761657&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73f0237678929cad16366f69216c9e0b50468296a872c7163f0b43e354316660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43211
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 152 KB
56 KB 75ms
75ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-568369358&_=1653905588811

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7172dae3c470e008c1fb1a8236dadbbdac5547f89ef7bad4873e0a2a420efd30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57507
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 152 KB
56 KB 83ms
82ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-568369358&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebb3bd9f09cf3c95c35b9661193fadfa1ec2baee314656b066b49e04981222db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57503
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 83ms
83ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-308753853&_=1653905588812

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff1ecf9f1e1a0376394648c581a3b2e26d83ad067d8a3ff99b398d8f59cabe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43197
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 83ms
83ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-308753853&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cd691737cf9c1f97b92ed2fa435664d08298884b145d3f88d1fa37035b470df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43214
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 85ms
85ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10776127526&_=1653905588814

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e506a6b0780fb654518c8d48e3e834490a650f5de6cfb3ecd23ce0a142e2972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43219
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 108 KB
42 KB 86ms
85ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10776127526&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43212
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/4RT76HY4CVCEVPHEANWH4P/ 60 KB
19 KB 22ms
22ms Script
text/javascript 2600:9000:2156:3a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/4RT76HY4CVCEVPHEANWH4P/roundtrip.js
Requested by: Host: warriorplus.com
URL: https://warriorplus.com/o2/a/z191y7/0/youtube
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36872adc1c3a69b11f40e67a0a577c3c133c850498468284031e326096e834a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: zHucgonIyRdKdjgwuiXy3nYZPdhiRoKC
Content-Encoding: gzip
Etag: W/"820b687ef5dc18f08a135b8e5b21ae35"
Age: 2254
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 May 2022 04:09:38 GMT
Server: AmazonS3
Date: Mon, 30 May 2022 09:39:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: BbGZgvnKGnoRJ0uK6byuqs3Ixo0k3yV2YaoPBy5CkANf9dq5Lx0czg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 89ms
88ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-854830418&_=1653905588818

Requested by

Host: www.clickfunnels.com
URL: https://www.clickfunnels.com/assets/lander.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5ed2c7262b9599d6ff762c198ce87aa4bdd5033da6998e65d28877b51004203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43196
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 94ms
94ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-854830418&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-972589909

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

769582936cd4e9d4e4b1f0c4fa0da94869e0bb14d2b09b7fda2a4cda36d1baa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43212
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 May 2022 10:13:08 GMT

GET
H2

200

arrow-flash-small.gif
images.clickfunnels.com/old-public-templates/listhacking-sales/images/
Redirect Chain

https://assets.clickfunnels.com/templates/listhacking-sales/images/arrow-flash-small.gif
https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif

462 B
894 B

62ms
61ms

Image
image/webp

2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H2
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8312763f657406a0328d9901f05e3c28611700e3408a56a5ec993acdd70f2aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: HIT
age: 398378
cf-polished: origFmt=gif, origSize=494
cf-ray: 7136b20db9e79b33-FRA
last-modified: Fri, 14 Aug 2015 19:43:23 GMT
content-disposition: inline; filename="arrow-flash-small.webp"
content-length: 462
x-amz-id-2: 1lpJuDMcXAuVq04Sl7zG2x9jEJaoG8AhDBZcKVab8bM58vKBTj0XiWjvxnZ4Qs+KfqFJH+Lm1Ww=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "64a7dd71d7bdc6a7200c52ce9b36701a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: MSKA00W2HPB8944R
cache-control: public, max-age=2678400
accept-ranges: bytes
content-type: image/webp
expires: Thu, 30 Jun 2022 10:13:09 GMT

Redirect headers

date: Mon, 30 May 2022 10:13:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1131288
server: cloudflare
location: https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
cf-ray: 7136b20b1bb19b33-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 30 Jun 2022 10:13:09 GMT

GET
H3 200 279489
warriorplus.com/o2/btn/pn100011001/ryh37n/nglgq9/ 24 KB
25 KB 571ms
570ms Image
image/png 172.67.68.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warriorplus.com/o2/btn/pn100011001/ryh37n/nglgq9/279489
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.68.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash: 260bc11fafb3b86f522d2666309c334a7ae8d0f94b1518315eef52871a560d0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:09 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 30 May 2022 10:13:09 GMT
server: cloudflare
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcfO2iNzSBMw9Gqte2wD9YqfRJFDE0oxKm5y%2F04j51UikcRHNUSN5coMeaAGfEAnfmTGKmJdoOapE3SsH0DDHAJFBBsLyLsE%2FVqtGzfXMpVXaMTP0wMOOE1lfiQm5bhu5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7136b20b190d690a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET /
track.addevent.com/atc/ 0
0

GET
H2 200 wistia-mux.js
fast.wistia.com/assets/external/ 128 KB
32 KB 35ms
34ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
content-encoding: br
vary: Accept-Encoding
age: 761
x-cache: HIT, HIT
content-length: 32611
x-served-by: cache-iad-kiad7000067-IAD, cache-hhn4052-HHN
access-control-allow-origin: *
x-browser-version: 102
last-modified: Fri, 27 May 2022 17:55:10 GMT
x-timer: S1653905590.508721,VS0,VE0
etag: "6291107e-7f63"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 161

GET
H2 200 videoThumbnail.js
fast.wistia.com/assets/external/ 69 KB
19 KB 25ms
24ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/videoThumbnail.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
content-encoding: br
vary: Accept-Encoding
age: 746
x-cache: HIT, HIT
content-length: 19672
x-served-by: cache-iad-kjyo7100040-IAD, cache-hhn4052-HHN
access-control-allow-origin: *
x-browser-version: 102
last-modified: Fri, 27 May 2022 17:55:10 GMT
x-timer: S1653905590.705808,VS0,VE0
etag: "6291107e-4cd8"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 7

GET
H3 200 532016764393104
connect.facebook.net/signals/config/ 305 KB
87 KB 62ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/532016764393104?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: wtJu0hYaIPrPe2p9pFuQ7zQ+AdNCBHwH/Tl1eZB43CcZB4QLyAJ8Mb3pdx7ckd5o3jUntG28SiPZ0SUTA5cjXQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 30 May 2022 10:13:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1653905589791
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 19ms
19ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1287857651305444&ev=PageView&dl=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&rl=https%3A%2F%2Fwarriorplus.com%2F&if=false&ts=1653905589737&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653905589736.1386178822&it=1653905588278&coo=false&exp=p1&rqm=GET

Requested by

Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 30 May 2022 10:13:09 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/611346400/ 2 KB
2 KB 442ms
65ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/611346400/?random=1653905589865&cv=9&fst=1653905589865&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/972589909/ 2 KB
1 KB 450ms
77ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972589909/?random=1653905589870&cv=9&fst=1653905589870&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/4RT76HY4CVCEVPHEANWH4P/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

24ms
23ms

Script
application/javascript

2600:9000:2156:3a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: grabhijackd.com
URL: https://grabhijackd.com/exclusive/
Protocol: HTTP/1.1
Server: 2600:9000:2156:3a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-Amz-Version-Id: QCXe6z8Ijv28a3Z6pj7cPKMX4fdClAik
Via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 59142
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Wed, 18 May 2022 19:09:46 GMT
Server: AmazonS3
Date: Sun, 29 May 2022 17:47:36 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: SWNL9xLlPGE-pXoHW1gCznZBb6TzvBVOte4bJZ8nOmufh1rMg-BwQA==

Redirect headers

Date: Mon, 30 May 2022 06:31:09 GMT
Via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Age: 13321
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: xqg2RzNV1nh7GW9ASUEO2vKNJJAyvldMwLVvQhzCCLfieYwwNSPEcA==

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/439749027/ 2 KB
1 KB 118ms
68ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/439749027/?random=1653905590194&cv=9&fst=1653905590194&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1094
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/313468456/ 2 KB
0 206ms
84ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/313468456/?random=1653905590195&cv=9&fst=1653905590195&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/312977837/ 2 KB
0 198ms
75ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/312977837/?random=1653905590198&cv=9&fst=1653905590198&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1094
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/315335645/ 2 KB
0 160ms
38ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/315335645/?random=1653905590200&cv=9&fst=1653905590200&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/315237516/ 2 KB
0 199ms
77ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/315237516/?random=1653905590201&cv=9&fst=1653905590201&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1091
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/306712238/ 2 KB
0 200ms
79ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/306712238/?random=1653905590205&cv=9&fst=1653905590205&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1090
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/310405018/ 2 KB
0 195ms
74ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/310405018/?random=1653905590206&cv=9&fst=1653905590206&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1094
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/472761657/ 2 KB
0 162ms
41ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/472761657/?random=1653905590208&cv=9&fst=1653905590208&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/568369358/ 2 KB
0 202ms
80ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/568369358/?random=1653905590210&cv=9&fst=1653905590210&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/308753853/ 2 KB
0 191ms
70ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/308753853/?random=1653905590212&cv=9&fst=1653905590212&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/10776127526/ 2 KB
0 160ms
39ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10776127526/?random=1653905590214&cv=9&fst=1653905590214&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1095
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4RT76HY4CVCEVPHEANWH4P
d.adroll.com/consent/check/ 449 B
541 B 176ms
176ms Script
application/javascript 54.229.135.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/4RT76HY4CVCEVPHEANWH4P?arrfrr=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&_s=68237619d49a0089e84948f116867116&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/4RT76HY4CVCEVPHEANWH4P/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.135.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-135-46.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 10:13:10 GMT
server: nginx/1.20.0
content-length: 449
content-type: application/javascript

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/854830418/ 2 KB
0 324ms
324ms Script
text/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854830418/?random=1653905590296&cv=9&fst=1653905590296&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grabhijackd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 10:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://grabhijackd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET /
www.google.com/pagead/1p-user-list/611346400/ 0
0

GET /
www.google.de/pagead/1p-user-list/611346400/ 0
0

GET /
www.google.com/pagead/1p-user-list/439749027/ 0
0

GET /
www.google.de/pagead/1p-user-list/439749027/ 0
0

GET 3675953079184354
connect.facebook.net/signals/config/ 0
0

GET /
www.facebook.com/tr/ 0
0

GET hls_video.js
fast.wistia.com/assets/external/engines/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: warriorplus.com
URL: https://warriorplus.com/cdn-cgi/rum?

Domain: pixel-geo.prfct.co
URL: https://pixel-geo.prfct.co/seg/?add=695885

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/dc/afc4d57a0443459074757f42166c7a/bg4.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/c3/456e8997a44143a3a9d055cd6f4289/111111.png

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/58/d5e7bf34704a8aae78902c46127437/bg3.png

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/6b/b7368d0c1241fe938c8aecf8fd79fe/bg12.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/0b/bd2ea6f9ae4a1896094c3a3e68efcd/bg70.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/f2/68814488174211b2255343bbc2d8bb/bg35-2.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/0e/3da9e68f5d41ab99d259b859100e5d/check-32.png

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/cb/0cbdb027124ca393f7c1ede860c91a/bg2.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/00/eb510e0b7b42cdbd4da60b40341286/bg13.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/73/6c729b7bbe4205b0021aa63a960348/bg14.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/53/7c76ae941c42f3864dc2e17560336e/bg15.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/43/412e6bf62e40749007c37795de8f67/bg16.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/7a/c726e46cca42bc93cd1d1e04f9774f/bg17.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/f3/6788b6792a47b48f47aa496ad3884a/bg55.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/0f/72c44a8c8e444795336062fd61f9c6/bg56.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/2c/321e75ac794c97a9e2052462b57d6a/bg18.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/3b/4b69c611734587a225570b5849a9e0/bg19.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/6d/f110a885664c97b21d3886d94dfb70/bg58.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/61/cd8ca0a9824a8d9cc482a39f8bc245/bg20.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/d9/a9eb4e4a06476fbaa2eacf2bb9d072/bg21.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/c0/6b408a4c65473fa9bef04ade33f57d/main.png

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/e7/2626d9f8db44e99aa34bcc317717b0/bg22-2.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/d5/6d9b7f689d43f0840478f08ad74707/bg36-2.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/1a/b2d88f2339414ea2e24cad5737119e/bg37.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/83/215fafe82b4cf087767d76cbcd31b3/bg23.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/75/c7985d437f46519a1cc8f185ff378f/bg24.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/1e/961de5d4ea4d90ae90899c941ce555/bg25.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/bb/19fb4678c8457c96e82d5ed47c9918/bg26.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/b8/ce812136944d15912babd3cf504205/bg27.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/0a/37e3c2b50f40b8bf4ebadefb903290/bg28-2.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/fe/90281a9c3c4449bc789414c06fb752/bg29.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/8e/826905142e4db0b2c6fa4b8c2d6233/bg30-23.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/5b/e0543746474e6baf0b5ecb60c3bf8b/bg21.png

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/45/47177f77744b289ab99b177eeaf1c4/bg6.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/d5/169ec8017e4fbaabe62d5903495af4/white-bg1.png

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/e3/095b60ef4347a08099469e3f27257f/bg33.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/96/b5d931ef7b4f5386eb54c475102e83/bg31.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/03/605047546b43c5b0703cf890a379e6/bg38.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/ba/fd3ced41cd4312b6fb4a1808b5bdf1/bg4.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/13/8de7c57b7249ce8fffc478f47c03bc/bg39.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/4b/30c4a3f72e4e8ea5858e534cea5293/sep2.png

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/9f/91e74eaebd4896b2f62730d50ab51c/bg40.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/91/137d60b13347d09de392d4a682488c/bg1.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/26/af73197628412cb770b2976c71cff9/bg1.png

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/31/ac10bcd59d4d2a899c2c3689be6e52/bg41.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/10/8c3cffacb94230800cd5fe95e85c70/bg42.jpg

Domain: images.clickfunnels.com
URL: https://images.clickfunnels.com/dc/2a0ffad4574e7190490e5000820b98/bg4-2.jpg

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=7f881009-0ca0-4e5e-7989-b3e1e1da9fd4&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&cache=1653905588967

Domain: www.google.com
URL: https://www.google.com/pagead/1p-user-list/611346400/?random=1653905589865&cv=9&fst=1653904800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&async=1&fmt=3&is_vtc=1&random=502784791&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/611346400/?random=1653905589865&cv=9&fst=1653904800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&async=1&fmt=3&is_vtc=1&random=502784791&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: www.google.com
URL: https://www.google.com/pagead/1p-user-list/439749027/?random=1653905590194&cv=9&fst=1653904800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&async=1&fmt=3&is_vtc=1&random=256473856&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/439749027/?random=1653905590194&cv=9&fst=1653904800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&ref=https%3A%2F%2Fwarriorplus.com%2F&tiba=Hijack%27d%20Official%20Site%20%2B%20Review%20%2B%20DISCOUNT%20%2B%20DEMO%20%2B%20BONUS&async=1&fmt=3&is_vtc=1&random=256473856&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/3675953079184354?v=2.9.61&r=stable

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=532016764393104&ev=PageView&dl=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&rl=https%3A%2F%2Fwarriorplus.com%2F&if=false&ts=1653905590755&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653905589736.1386178822&it=1653905588278&coo=false&exp=p1&rqm=GET

Domain: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Verdicts & Comments Add Verdict or Comment

264 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
grabhijackd.com/exclusive	1969-12-31 23:59:59	Name: split_test_dv9w9i55adoe9fw9 Value: lander_control
warriorplus.com/	1969-12-31 23:59:59	Name: warriorplus Value: s990dbmvj7qt8tc47cmfhcs901
warriorplus.com/	1970-01-20 03:26:31	Name: rqtok Value: a63a0a9a8b8677648fcc
warriorplus.com/	1970-01-20 12:10:41	Name: wpg Value: gf34l0kr3tw7wp25
warriorplus.com/	1970-01-20 04:08:17	Name: affo_nglgq9 Value: 384623151
warriorplus.com/	1970-01-20 04:08:17	Name: affo2_139469 Value: 384623151
.warriorplus.com/	1970-01-20 05:34:41	Name: _gcl_au Value: 1.1.1241159997.1653905585
.warriorplus.com/	1970-01-20 20:56:17	Name: _ga Value: GA1.2.1153360372.1653905586
.warriorplus.com/	1970-01-20 03:26:31	Name: _gid Value: GA1.2.870750564.1653905586
.warriorplus.com/	1970-01-20 03:25:05	Name: _dc_gtm_UA-74776-7 Value: 1
.warriorplus.com/	1970-01-20 07:44:17	Name: __hstc Value: 187387127.6d03e0ee815a955802d438eaaf59b416.1653905585795.1653905585795.1653905585795.1
.warriorplus.com/	1970-01-20 07:44:17	Name: hubspotutk Value: 6d03e0ee815a955802d438eaaf59b416
.warriorplus.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.warriorplus.com/	1970-01-20 03:25:07	Name: __hssc Value: 187387127.1.1653905585795
.prfct.co/	1970-01-20 20:56:17	Name: pa_uid Value: pa_FiJko7tNDJETrSM9h
.warriorplus.com/	1970-01-20 05:34:41	Name: _fbp Value: fb.1.1653905585892.2082466109
.prfct.co/	1970-01-20 20:56:17	Name: pa_twitter_ts Value: 1653905585924
.prfct.co/	1970-01-20 20:56:17	Name: pa_yahoo_ts Value: 1653905585965
.hubspot.com/	1970-01-20 03:25:07	Name: __cf_bm Value: zWom3iWuBl03Ap6Dg_uWy_EShd0m48p3JCjvu_fRrOE-1653905585-0-AUI0Q3ln3qsTAnfLzQHbCWyWahz62JHx3E2ipgYOo42aXVos7qLEbvVt7JJa9GC/ihVbTFqCC94+svOiUHlZkDw=
.prfct.co/	1970-01-20 20:56:17	Name: pa_openx_ts Value: 1653905586002
.prfct.co/	1970-01-20 20:56:17	Name: pa_rubicon_ts Value: 1653905586007
.prfct.co/	1970-01-20 20:56:17	Name: pa_google_ts Value: 1653905586010
.yahoo.com/	1970-01-20 12:11:03	Name: A3 Value: d=AQABBLKYlGICEJTv1uXQeZPEIqkZzgH1leQFEgEBAQHqlWKeYgAAAAAA_eMAAA&S=AQAAAmEKhp3CkuvCD0kAez_arEg
.adnxs.com/	1970-01-20 05:34:41	Name: uuid2 Value: 968805736438928622
.analytics.yahoo.com/	1970-01-20 12:10:41	Name: IDSYNC Value: 18z4~256a
.doubleclick.net/	1970-01-20 12:46:41	Name: IDE Value: AHWqTUlR6Mrudm3XKfugjoClSVYPv8Km0l6eU-IUcIVNZGE8PubBUSUlw_CUQ8xYouk
.adnxs.com/	1970-01-20 05:34:41	Name: anj Value: dTM7k!M4/8D>6NRF']wIg2In5iC=g[!fss0=Ir4A3KL9D3I?-x`4![M
.twitter.com/	1970-01-20 20:56:17	Name: personalization_id Value: "v1_jVtHLQqeSlkGut1/LZhPbg=="
.clickfunnels.com/	1970-01-20 03:25:07	Name: __cf_bm Value: STac8HXNpTTHuTM4wwdRyfrL1a5gyktDJEtxjOzyrUA-1653905586-0-AT/hKO4WzgC2bBhjpEa6wxnw0WUV8Es8VFhgvw4SBO1+seAuTyuet6vXYOdQQfr/tBGCupI3UNN90dJ7vzegP2UnDHycmWg/FSBpW9USHN+R

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.clickfunnels.com/assets/userevents/application.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.clickfunnels.com/assets/userevents/application.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/dv9w9i55adoe9fw9.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.clickfunnels.com/assets/lander.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=7f881009-0ca0-4e5e-7989-b3e1e1da9fd4&url=https%3A%2F%2Fgrabhijackd.com%2Fexclusive%2F&cache=1653905588967 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
app.clickfunnels.com
assets.clickfunnels.com
cdn.onesignal.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
glynnkosky.com
googleads.g.doubleclick.net
grabhijackd.com
images.clickfunnels.com
instantecomfunnels.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
onesignal.com
pixel-geo.prfct.co
pixel.rubiconproject.com
s.adroll.com
static.clickfunnels.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tag.marinsm.com
track.addevent.com
track.hubspot.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
warriorplus.com
www.clickfunnels.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
connect.facebook.net
fast.wistia.com
images.clickfunnels.com
pixel-geo.prfct.co
track.addevent.com
warriorplus.com
www.facebook.com
www.google.com
www.google.de
104.244.42.3
142.250.185.194
142.250.186.98
151.101.64.65
172.67.68.35
18.156.0.31
192.254.225.179
2600:9000:2156:3a00:6:9280:1080:93a1
2606:4700:4400::6812:21ab
2606:4700:440e::6812:2fe6
2606:4700::6810:10c2
2606:4700::6810:fc2
2606:4700::6811:47b0
2606:4700::6811:d5cc
2606:4700::6812:e234
2606:4700::6813:9b53
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c1b::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::622
2a06:98c1:3120::3
35.244.159.8
52.211.231.175
54.229.135.46
69.173.144.139
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
025e4337e3c0b187ad9311ba6245f342852379ba27ea3e0ed63b6ad2d13ceb17
030a019720d1504681568e83f6ee9bead91802d0f881f43ace527d1566fb2d93
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
112ab4be77d318ceb30acd07fa1e295ef4bcf612734698908724ca4eeff9cf17
162b254dd04a69015a8d089558ec7fc0570938f739aa17bd77a434f2cde2e09b
172f10cc9bef601cab43ca7d5d70f97a3310480a4094788a49f41a41571208a3
18a084ba5f1cb579f53180cd2b475d0935c1517b6cf5ce85334fdec7eb0a3854
1cb1ea3f9db03c00b12315ba1f574dbe31f44f9d23f8ca188063442cdd481f13
210151bced11c2b2e3a4de4dc2d5085c90f189a8c67e7ae94129b52a7e9f7bc2
211644377254bb598ea84076be17e0e5ff821839e9e30a0dc4f069adbf5c6936
222f334d50a8bb0cb83ac32cc46e52c915c5cec8c5bf635741f9fe8cc1dd8aa1
235cc90e56825e40602607bf665e5e4ca6bb4a8110037c9146c35b77c6d6c5ab
260bc11fafb3b86f522d2666309c334a7ae8d0f94b1518315eef52871a560d0c
2948745eed8c4da19dc817319de1d319eeb6d57f4a12b6c1a1aebc80948759a5
2bda5cc778beb2ed8fff149d666f15d5e033b56b910c09baed31869972b844ff
2d250d022cc891940be6e017c68cdd14b132eda663b3bd3b8104c6307e4d695b
2d8d83bd9847018223f875a302e0c003d5d38ee71d8d92fe2cfdcb617076418d
2e1cbd89cbb16aa4ed21456fe7a43b9b618b2b922aa6bcbb2c06e8293ea2f480
35ab9078d7be55dc3fed3ccf51acc9f5ad42c55f53d6f47c8fb589072df8e65c
36872adc1c3a69b11f40e67a0a577c3c133c850498468284031e326096e834a8
39b850fe562be51a8a2bfd6150e8b3acfbb442515b7211085f1051b9df7ee3cf
3a2870bab6939648e864651caad59455324f4ef6f947e84c2abb9138220b39f6
3a7a179c6d8adb63ef15269627a345e80f1a7ea56a181f9500d6199775fadeab
3c486b5426f255de37cb2838ce85515d3fd057dcbed0a451d5db53f7170eec6f
3c800fe028ec6492893ce0695a3b99dca1cc7f9737bf43557067036571b25601
439bb68e4b99a7037363e3c9671380459a2e0aa1c8276fb1c68823da04608a3d
45af9dbaa50b25bb4a44c87364262e7bdf7115a1fdf8dd15ed70891bc5457e82
490433fb27649efd39e31007e0cce77aa97361e9fe93110bd598f7fd914d1dc2
49b5af2f5bf0a8e8d21389b96f5537fdc65ec420c2f6a1d227b8230772c5b45b
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b020b916a55b9ff89f7acba207120eee845d62613756f1860425262dc22bf48
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
522f795374aebde583657542d5448c730fe90b76f040aed72c39815fae60337b
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
53537efa5218c829f8cc1f30173eea1cb8c0fc536978df9e844e5cca2f7a8ba9
5554712b78169bc70648e1d18dc38d67fc19576f4f04ab21947310ea6942b854
5792b027d31fcc0851f263532751a8c8f5095a184ca643416c68d18cb15a6d72
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
5ea7291ba895b1fd0e03487dedb555ca4a6d0834b7295237db6b4e6792705c8b
639b759dad1187a156c776b71dc28f9cece6b9575a1cf3353964c1327c5a7896
64c7438d93ed019cf59d9863325f7ede3a9b2991780df53ac39cf31bfbfb0915
68426f1628982dc430b54586c33fd4863ff767e08feb12650840ec96e7f8404e
6bbec1d1e5c06d61ec67d08848e54f8d6e96df83914aacf0d5bf01b3f8a74a88
6bd49c0f4acc03c1220faeb598072ad3d207f7d9c1b3544947c18a8aad514342
6f344769e64b9d6cc9b6d6357d690e238ee1b5317d612be0a68ea1b32fe8247f
6fcd483e12575ba9886e397b65f9e5cfb75ba1aa96df022272e309bb73b2964b
710a536730f04b132ed935d32b1cbab522dd665efb0568bdbe15fc88f442c499
7172dae3c470e008c1fb1a8236dadbbdac5547f89ef7bad4873e0a2a420efd30
727dddd03ba0a143ba07ea36de03ce621d2781adb0971b0e1a9ea70ba6913f1f
73e877c13e66af1f84c2e730bcf788cd28ed9caaa04334b8e3082c513a59105e
73f0237678929cad16366f69216c9e0b50468296a872c7163f0b43e354316660
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7436192ff0de059ffbf6c00008a7a122c8af4dd7bf5311f116c3d4a6b117f1b2
769582936cd4e9d4e4b1f0c4fa0da94869e0bb14d2b09b7fda2a4cda36d1baa8
79fa14617c23f2432f500890200dd2be8730c70de12fb9947fa0d98d7920495c
7f262cdef9456f81428602958962aab1756f7696cb5c8916f6d75a7f93824646
804765706e0b66fee13e03aa03c69343b79849c69d45c81175e35672375d4291
82815ec0aa37acb58daa6db73822bd3cc1b83e135830ecc8c5d22683c92590f3
833a915c2ef1d4b97fba5802374041024c5617ccef4a67f80af78d490628a5f6
893ce7786b2e245b5b3e7bb6eba56f70d4291dc802679a3209509af0c840d5cb
898a1634913d9b0f24a34adc1982a522b8adcfc9411e3d65b43b57463d6164dc
89f9d0e9273b2b164d63820d5591775fc9f3e04374581dfe4aef1f271666eefc
8cd691737cf9c1f97b92ed2fa435664d08298884b145d3f88d1fa37035b470df
8e506a6b0780fb654518c8d48e3e834490a650f5de6cfb3ecd23ce0a142e2972
9402f8aaf4cba1a887895bf579a914db8e31bd07047b1b3170b94e6677d81b13
9431b63bc479f3ae80171e42074368367d65f2d515790db00e73260f1b57376f
95fe7cbba05c1ff2acf73460c8f37ffd8b094abfd9ac1c7089af2a7c0b878d64
9ae48ac55b032979a6caabaaa06e7c789f6a6163f593691dbd1803a9a6d6c903
a02009438c9afe90449d9ef128d5dce38b477233e48d94f810f72a725bca5f33
a0b81ac71d12a2835c825195f2c1167e8bc6d84bde41bc28f90b86b5d8d0806a
a2643045bd791705f3335b257ce9736679bef18578c94ed9d2e97c5cb70be17d
a5ed2c7262b9599d6ff762c198ce87aa4bdd5033da6998e65d28877b51004203
aa461399a57a3e7ffe03690138474107c12345f427a94482c7e5db09903f746e
b14cd216e74d1c3f34bec6171937ca0fcb3aaf568c728447da6053f01da7970b
b1c48857e0bc13cf8f088e94cb47af3c7dc9d45b8fbe19c8b5fa4b1be06a0dcc
b7d5ab9e6935997321a8465c51ab99e66071bd08b69883922c14236b26507c8b
b823bf0551ce23882cc79e690edf7fa4967b34293d3db464a0b883fffec27ec3
b84a6d31a28123a88ef31c4bbdf0ffee6299afd15e868f8d1ddcf2df4f005fdf
bc21ab9209a63dfb782f9b001b85e68c33246829e0fc24825023bf2318fb219a
be649d327966b2a111b40dcce70e081e4275c13f9da6ed872d501e88d5b65687
c0f2fc9ccec700f7f2b982edeb3958290f934448d3d25a3616a844d617f5e06e
c3bcd8c80a3393fd1c1a866d005b74769bbabb00dc0668d49c8c3b8d01e2ee18
ca894202810df3a20186c61d0a7b7416ec4e37003281ce25519951b9bc17bdcf
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
ccefc61d30014c2f6224967681f3341693dd755ea38adbc4e207d2f57da87e55
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cd7667694047c152e27d0b8404e78b7c159df915f260ea8ff9d705ccf5cbc5ff
d104b4954e4b977a10f1f53b150849273649e3c586f3d4c76ab0e3d5600d4006
e1f4f1cedcab9260d79adf2c3315632c23922f58c8234ef2fb94a1eba991d7d6
e26cd727cff0bb1af59622be1c72d47d36e6bdf768825c74158e2d37054fb984
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c33cfefdb915a80c7dc4c550ab9307c3f734297545339f0bfb25c10d1ee11f
e8312763f657406a0328d9901f05e3c28611700e3408a56a5ec993acdd70f2aa
e9d2eed87695edc56075a60c6b152f1b21d0023c37ace1cdc9d275ce7673a4fd
ebb3bd9f09cf3c95c35b9661193fadfa1ec2baee314656b066b49e04981222db
f11d353e7cbf4093e3afb091bb1c43d7bf5dd05eaaf393814b6bbcf5d324f621
f17ebcce6e67a401c5b8a5b300af29b2235a84593af3d0cd05bae3556a0b1639
f238ada63e47c8f84ec34ea1bec4340430e85b2e899512f35daac2aba4a7898d
f45746be7d3ffbab2586d655b981f2ad28c4d454464de06bed180c846ef2404b
f5aa85cefb2802a9f60c964d8a8cd3247983ad0c530b95888f69ee8a2f70e102
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f691cd2d67c126b27827ac6e158975bde0a7f9879aec8f1c5d5de04f20c992ee
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f934c4911e2d8c664fb66b811596fa1642f707c46424172e4cd81132ad025354
fa203228f23f80a39a2acfd2b51e12f487b283c34aa553a300fbbbb645a0ede1
fade8a3c7a116a5394e17a1001602fc863c21090ed5b3ec819fb4ac53f1eb53d
fb25235d37888d0b5ccfe8acddebaa959ef03223529e40cdcfccf58207e7ba4b
fc2d49ddf9ec8621aae8f7be3e68a4e583db342c66be8bfbe4025de7391ab024
fccb7b11511cd75c1dcf92863b03e646c9643219db6fa0151db31e5b547ab9e8
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff1ecf9f1e1a0376394648c581a3b2e26d83ad067d8a3ff99b398d8f59cabe74

grabhijackd.com Open in urlscan Pro 192.254.225.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

256 Requests

73 %HTTPS

66 %IPv6

31 Domains

39 Subdomains

32 IPs

5 Countries

29230 kBTransfer

36369 kBSize

29 Cookies

2 Outgoing links

Page URL History

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

grabhijackd.com Open in urlscan Pro
192.254.225.179 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

73 %
HTTPS

66 %
IPv6

31
Domains

39
Subdomains

32
IPs

5
Countries

29230 kB
Transfer

36369 kB
Size

29
Cookies

256 HTTP transactions
1 data transactions