betterbutterspreader.com Open in urlscan Pro
3.16.97.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/betterbutter008/74859611.html
Effective URL:
https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=...
Submission Tags: falconsandbox
Submission: On March 03 via api (March 3rd 2021, 8:38:31 pm UTC) from US

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 17 domains to perform 50 HTTP transactions. The main IP is 3.16.97.65, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is betterbutterspreader.com.
TLS certificate: Issued by R3 on February 8th 2021. Valid for: 3 months.

This is the only time betterbutterspreader.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:82a::2010	15169 (GOOGLE) (GOOGLE)
1 1	72.9.145.115 72.9.145.115	30277 (DFW-DATAC...) (DFW-DATACENTER)
2	23.229.9.133 23.229.9.133	55286 (SERVER-MANIA) (SERVER-MANIA)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:f400:10:b308:84c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.24.114 13.32.24.114	16509 (AMAZON-02) (AMAZON-02)
2	34.203.99.241 34.203.99.241	14618 (AMAZON-AES) (AMAZON-AES)
16	3.16.97.65 3.16.97.65	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	208.118.62.69 208.118.62.69	7296 (ALCHEMYNET) (ALCHEMYNET)
50	19

1 2a00:1450:4001:82a::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.9.145.115 (United States) 1 redirects

ASN30277 (DFW-DATACENTER, US)

aediates.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.229.9.133 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
PTR: mta4.galeriaseldorado.com

greyvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:f400:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.bouncepilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.24.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-24-114.fra56.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.203.99.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-99-241.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 3.16.97.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-97-65.us-east-2.compute.amazonaws.com

betterbutterspreader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com

anijs.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (United States) 1 redirects

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.118.62.69 (United States)

ASN7296 (ALCHEMYNET, US)

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	betterbutterspreader.com betterbutterspreader.com	296 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	gstatic.com fonts.gstatic.com	44 KB
4	googletagmanager.com www.googletagmanager.com	151 KB
3	jsdelivr.net cdn.jsdelivr.net	47 KB
3	traversedlp.com static.traversedlp.com api.traversedlp.com	4 KB
2	facebook.com www.facebook.com	706 B
2	facebook.net connect.facebook.net	94 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com	811 B
2	greyvisit.com greyvisit.com	6 KB
2	googleapis.com storage.googleapis.com fonts.googleapis.com	2 KB
1	upsellit.com www.upsellit.com	10 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	30 KB
1	github.io anijs.github.io	7 KB
1	bouncepilot.com static.bouncepilot.com	31 KB
1	aediates.eu 1 redirects aediates.eu	527 B
50	17

	Domain	Requested by
16	betterbutterspreader.com	greyvisit.com betterbutterspreader.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com betterbutterspreader.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagmanager.com	greyvisit.com betterbutterspreader.com www.googletagmanager.com
3	cdn.jsdelivr.net	betterbutterspreader.com
2	www.facebook.com	betterbutterspreader.com
2	connect.facebook.net	storage.googleapis.com connect.facebook.net
2	cdn.mouseflow.com	1 redirects betterbutterspreader.com
2	api.traversedlp.com	static.traversedlp.com
2	greyvisit.com	greyvisit.com
1	www.upsellit.com	storage.googleapis.com
1	cdnjs.cloudflare.com	betterbutterspreader.com
1	code.jquery.com	betterbutterspreader.com
1	fonts.googleapis.com	betterbutterspreader.com
1	anijs.github.io	betterbutterspreader.com
1	static.traversedlp.com	www.googletagmanager.com
1	static.bouncepilot.com	storage.googleapis.com
1	aediates.eu	1 redirects
1	storage.googleapis.com
50	19

This site contains no links.

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.bouncepilot.com Amazon	`2020-07-21` - `2021-08-21`	a year	crt.sh
*.traversedlp.com Go Daddy Secure Certificate Authority - G2	`2020-12-29` - `2022-01-30`	a year	crt.sh
betterbutterspreader.com R3	`2021-02-08` - `2021-05-09`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-09-14`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.upsellit.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2022-11-01`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Frame ID: 349253C1833182A146C0FD99FAE371CE
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://storage.googleapis.com/betterbutter008/74859611.html Page URL
http://aediates.eu/03dgraqc.htm?od=1vct603f7612e1b7aojc.oL33M.Yzzzyrfflmwc7a111_zr883.fflmwd3d3... HTTP 302
http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_other... Page URL
https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669... Page URL

Page Statistics

50
Requests

92 %
HTTPS

58 %
IPv6

17
Domains

19
Subdomains

19
IPs

3
Countries

750 kB
Transfer

8835 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/betterbutter008/74859611.html Page URL
http://aediates.eu/03dgraqc.htm?od=1vct603f7612e1b7aojc.oL33M.Yzzzyrfflmwc7a111_zr883.fflmwd3d3d3gxZHJsbmdh0e2MvS HTTP 302
http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y Page URL
https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://aediates.eu/03dgraqc.htm?od=1vct603f7612e1b7aojc.oL33M.Yzzzyrfflmwc7a111_zr883.fflmwd3d3d3gxZHJsbmdh0e2MvS HTTP 302
http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y

Request Chain 21

https://cdn.mouseflow.com/projects/8bfcc96c-d2f1-43be-9db2-6ee1ea798e97.js HTTP 301
https://cdn.mouseflow.com/projects/8bfcc96c-d2f1-43be-9db2-6ee1ea798e97_eu.js

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 74859611.html Show response
storage.googleapis.com/betterbutter008/ 158 B
743 B 147ms
127ms Document
text/html 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/betterbutter008/74859611.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f164b2693627fca5a7094b072ac6eb2779ada558baa8a4d573ee51d423251d6d

Request headers

:method: GET
:authority: storage.googleapis.com
:scheme: https
:path: /betterbutter008/74859611.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-guploader-uploadid: ABg5-UzB3Mq11IDr0F5O4winAKN7LJhu7wEI4xzfaiADE-Br-rXqRBOZxrzCiQpIdYIiGXG_U9Cl4DxAXTHxfxf_o3bjZDCEQg
expires: Wed, 03 Mar 2021 21:38:12 GMT
date: Wed, 03 Mar 2021 20:38:12 GMT
last-modified: Wed, 03 Mar 2021 11:54:29 GMT
etag: "d809fa699d9e54b95eb90ddbc9d11131"
x-goog-generation: 1614772469474969
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 158
content-type: text/html
x-goog-hash: crc32c=/Bhe0A== md5=2An6aZ2eVLleuQ3bydERMQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 158
server: UploadServer
cache-control: public, max-age=3600
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

/ Show response
greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/
Redirect Chain

http://aediates.eu/03dgraqc.htm?od=1vct603f7612e1b7aojc.oL33M.Yzzzyrfflmwc7a111_zr883.fflmwd3d3d3gxZHJsbmdh0e2MvS
http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&si...

6 KB
6 KB

243ms
215ms

Document
text/html

23.229.9.133
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y
Protocol: HTTP/1.1
Server: 23.229.9.133 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS: mta4.galeriaseldorado.com
Software: nginx / PHP/7.3.26
Resource Hash: 04066ea00efcf5b9ad25c320376161a7a3819f1d9804117aa8ed2ac5c2380dc3

Request headers

Host: greyvisit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://storage.googleapis.com/betterbutter008/74859611.html

Response headers

Server: nginx
Date: Wed, 03 Mar 2021 20:45:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.26

Redirect headers

Date: Wed, 03 Mar 2021 20:38:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.2.17
Location: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
30 KB 55ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59aa1a8e029d67b27d4f634a60b5bc66a11774a792f0308a2af233121935fe73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30236
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 19:57:28 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Mar 2021 20:38:13 GMT

POST
H/1.1 200
OK fp.php
greyvisit.com/ 258 B
459 B 324ms
324ms XHR
text/html 23.229.9.133
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://greyvisit.com/fp.php
Requested by: Host: greyvisit.com
URL: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y
Protocol: HTTP/1.1
Server: 23.229.9.133 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS: mta4.galeriaseldorado.com
Software: nginx / PHP/7.3.26
Resource Hash

Request headers

Referer: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 03 Mar 2021 20:45:03 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 31 KB
31 KB 44ms
6ms Script
application/javascript 2600:9000:211e:f400:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/betterbutter008/74859611.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:f400:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 017febff1383f7bde113bf7d51281a041ce19123db0819fd6ee3fc8f5a89a45c

Request headers

Referer: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 06:49:54 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 16:37:13 GMT
server: AmazonS3
age: 51575
etag: "e4459d5ee0d79ec73e5bd540bde127e2"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 31264
x-amz-cf-id: uhvlz6xQIUHE3lcJvLoecgzi1gzpXhMNMtcwsCbRZY1DuUwpxmB85A==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 141ms
54ms Script
application/javascript 13.32.24.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.24.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-24-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d88e33f01165a7085114a365de792cbda138af8875ab3e481750e24b0fb86eed

Request headers

Referer: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hS0GYDvxGey0vcXHihG.XaTLcBqaSSz8
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jan 2021 07:05:18 GMT
Server: AmazonS3
Age: 5492
ETag: W/"ff8e77b524c13c390e9fccf4ddba5ec9"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Wed, 03 Mar 2021 19:45:24 GMT
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: -ALrrjmCarZcxECzu61k3ufctnbmdR_CbxjPviOcMecy6gHIz0DhBw==

GET
H2 200 cookie
api.traversedlp.com/retargeting/v1/ 18 B
402 B 377ms
114ms XHR
application/json 34.203.99.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-99-241.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Referer: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:14 GMT
server: nginx/1.18.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://greyvisit.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

GET
H/1.1 200
OK Primary Request index2.php Show response
betterbutterspreader.com/news/ 32 KB
9 KB 612ms
121ms Document
text/html 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Requested by: Host: greyvisit.com
URL: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1292b1520eea1a1b14d413e98f96cc86048e49ab9674248144569fc9713ce1ba

Request headers

Host: betterbutterspreader.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://greyvisit.com/af8ef6c5c62a407bbc749adafa95dba1c/?sid1=932xy38hyv3vc88319pv6m&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y&sid2=ee_others|wwwwx|fflmw&sid3=vct603f7612e1b7aojc&sid4=1drlnga|15814|zzzyrfflmw|Y/ee_others-wwwwx-fflmw-vct603f7612e1b7aojc/1drlnga-15814-zzzyrfflmw-Y

Response headers

Date: Wed, 03 Mar 2021 20:38:14 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8524
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ 0
0 334ms
114ms Other
text/html 34.203.99.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Server: 34.203.99.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-99-241.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://greyvisit.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 03 Mar 2021 20:38:14 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.18.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://greyvisit.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

POST enqueue
api.traversedlp.com/retargetinginclusion/ 0
0

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/css/ 150 KB
22 KB 23ms
6ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/css/bootstrap.min.css

Requested by

Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0267260045096457f26914277f49eef5da5ec54ac6aee8579be4810332e518b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://betterbutterspreader.com
Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1892342
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 22599
etag: W/"25617-q3SIoVyTmtfFSq15BDC3uaLXfq4"
x-served-by: cache-fra19137-FRA, cache-hhn4043-HHN
date: Wed, 03 Mar 2021 20:38:14 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK style.css
betterbutterspreader.com/news/css/ 45 KB
6 KB 121ms
120ms Stylesheet
text/css 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/css/style.css?v=1.0.0
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 85163e5b93d9bdbf3dcb17a46bd8718fc7a11c24ce860e2526b565d636bfeff8

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 20:38:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Feb 2021 19:00:15 GMT
Server: Apache/2.4.38 (Debian)
ETag: "b2e4-5bb64989b6dc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5984

GET
H2 200 anicollection.css
anijs.github.io/lib/anicollection/ 104 KB
7 KB 195ms
124ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://anijs.github.io/lib/anicollection/anicollection.css
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 84d8829ba7369669e4335e352c21dc6c6cc3542534a8019bec797394f47a016a

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 68b12a280b17bb13fa6707f488da631498761f64
date: Wed, 03 Mar 2021 20:38:14 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 6978
x-served-by: cache-cph20625-CPH
access-control-allow-origin: *
last-modified: Mon, 02 Sep 2019 15:27:01 GMT
server: GitHub.com
x-github-request-id: 11AE:A124:99492B:9D9649:603FF23C
x-timer: S1614803895.898730,VS0,VE98
etag: W/"5d6d34c5-1a0d7"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Wed, 03 Mar 2021 20:37:36 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 0

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 35ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,700&display=swap

Requested by

Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e91ba063274d0ff0772254f9a8ab1646414316800d4eea36102aceaa42f5fb02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 20:38:14 GMT
server: ESF
date: Wed, 03 Mar 2021 20:38:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 20:38:14 GMT

GET
H/1.1 200
OK magnific-popup.css
betterbutterspreader.com/news/css/ 7 KB
2 KB 249ms
127ms Stylesheet
text/css 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/css/magnific-popup.css
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 20:38:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Feb 2021 19:00:15 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1b27-5bb64989b6dc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1816

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 64ms
49ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174362897-9

Requested by

Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5b61c4ddc58f8ab028483cb8e64e75b3af7baf5a69299b1952de7fe1eecf6d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39360
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 19:57:28 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Mar 2021 20:38:15 GMT

GET
H/1.1 200
OK logo.png
betterbutterspreader.com/news/images/ 9 KB
9 KB 133ms
132ms Image
image/png 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betterbutterspreader.com/news/images/logo.png
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 9ccb35518fd949a75ca54f3732f94fc8991db514456eb830a9ab7ba69a4e6756

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 20:38:15 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:16 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2288-5bb6498aab000"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8840

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 29ms
12ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:15 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1614803895.dop206.fr8.t,1614803895.cds276.fr8.hc,1614803895.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 26ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://betterbutterspreader.com
Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 596791
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
cf-request-id: 089b691b1d000016e6a2a34000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cCOlQ3oUqjapp%2BQ%2FH76eYwCvkVlh2UffbL77DN78WKebAASKCEMxBUiMuXugo4BzRDG9WcF8RP00g5UQrIr75EVspgah%2BGvLu6Xr3j2D8c1QW9ZVavdKgO%2FbDUQbFj%2B%2F5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62a5aad829fc16e6-FRA
expires: Mon, 21 Feb 2022 20:38:15 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/js/ 79 KB
22 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta1/dist/js/bootstrap.bundle.min.js

Requested by

Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://betterbutterspreader.com
Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1892342
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 22099
etag: W/"13bb5-zUKjci8NkL/tAMsum+NysHqoVi8"
x-served-by: cache-fra19121-FRA, cache-hhn4043-HHN
date: Wed, 03 Mar 2021 20:38:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK jquery.magnific-popup.js Show response
betterbutterspreader.com/news/js/ 41 KB
13 KB 135ms
133ms Script
application/javascript 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/js/jquery.magnific-popup.js
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 20:38:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Feb 2021 19:00:15 GMT
Server: Apache/2.4.38 (Debian)
ETag: "a302-5bb64989b6dc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 12489

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.1/dist/ 7 KB
3 KB 24ms
8ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.3.1/dist/lazyload.min.js

Requested by

Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6a23e6a3399b52a5576c28b2236b48953949793fc17f2c733d35b084d7a0085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1892132
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 2683
etag: W/"1d61-wcBCP//7m5LJeuNOb3Rtiff9UGo"
x-served-by: cache-fra19149-FRA, cache-hhn4057-HHN
date: Wed, 03 Mar 2021 20:38:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

8bfcc96c-d2f1-43be-9db2-6ee1ea798e97_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/8bfcc96c-d2f1-43be-9db2-6ee1ea798e97.js
https://cdn.mouseflow.com/projects/8bfcc96c-d2f1-43be-9db2-6ee1ea798e97_eu.js

764 B
659 B

65ms
64ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/8bfcc96c-d2f1-43be-9db2-6ee1ea798e97_eu.js
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:15 GMT
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 18:33:40 GMT
server: NetDNA-cache/2.2
etag: W/"cae6aa3d499d71:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

location: https://cdn.mouseflow.com/projects/8bfcc96c-d2f1-43be-9db2-6ee1ea798e97_eu.js
date: Wed, 03 Mar 2021 20:38:15 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
content-type: text/html

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
30 KB 62ms
48ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MLNS7JZ

Requested by

Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

769032ae1468e56bb8c284f9bf208a1261b55bef1439e05869335a32e2ea3068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29822
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 19:57:28 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Mar 2021 20:38:15 GMT

GET
H/1.1 200
OK copyright_area_bg.jpg
betterbutterspreader.com/news/images/ 9 KB
9 KB 257ms
137ms Image
image/jpeg 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betterbutterspreader.com/news/images/copyright_area_bg.jpg
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/css/style.css?v=1.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a1f6f59cb67947e3a127a74e224efb439a47dc3e92f43f2d57bdb20a006c9923

Request headers

Referer: https://betterbutterspreader.com/news/css/style.css?v=1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 20:38:15 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:15 GMT
Server: Apache/2.4.38 (Debian)
ETag: "24c9-5bb64989b6dc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9417

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://betterbutterspreader.com
Referer: https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 490356
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://betterbutterspreader.com
Referer: https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 09:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 559203
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 25 Feb 2022 09:18:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://betterbutterspreader.com
Referer: https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:56:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:08 GMT
server: sffe
age: 6130
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11012
x-xss-protection: 0
expires: Thu, 03 Mar 2022 18:56:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 34ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://betterbutterspreader.com
Referer: https://fonts.googleapis.com/css2?family=Poppins:wght@600&family=Roboto:ital,wght@0,400;0,500;0,700;0,900;1,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 05:52:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 485141
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 05:52:34 GMT

GET
H/1.1 206
Partial Content regular-knife.mp4
betterbutterspreader.com/news/images/ 32 KB
0 175ms
137ms Media
video/mp4 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/images/regular-knife.mp4
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 03 Mar 2021 20:38:15 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:30 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2fa496-5bb6499804f80"
Content-Type: video/mp4
Content-Range: bytes 0-3122325/3122326
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3122326

GET
H/1.1 206
Partial Content demo-gif.mp4
betterbutterspreader.com/news/images/ 32 KB
0 295ms
121ms Media
video/mp4 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/images/demo-gif.mp4
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 03 Mar 2021 20:38:15 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:26 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1cddbc-5bb6499434680"
Content-Type: video/mp4
Content-Range: bytes 0-1891771/1891772
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1891772

GET
H/1.1 206
Partial Content smilling.mp4
betterbutterspreader.com/news/images/ 32 KB
0 298ms
120ms Media
video/mp4 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/images/smilling.mp4
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 03 Mar 2021 20:38:15 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:28 GMT
Server: Apache/2.4.38 (Debian)
ETag: "239223-5bb649961cb00"
Content-Type: video/mp4
Content-Range: bytes 0-2331170/2331171
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2331171

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
53 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q9JBKWYKW8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLNS7JZ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4798e5b2c3fbe527b34d95a1651e422a19fb331664df31857f39b0813aaf11c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53735
x-xss-protection: 0
expires: Wed, 03 Mar 2021 20:38:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/betterbutter008/74859611.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: 9YO/jc5G5P3uLEMjW825ZyZPViKuvMzI0+DnGL7joSX8shR3qIT4mFYLQhZAy/l0vdEs0AUkCq0tsRjTTV6lfw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 03 Mar 2021 20:38:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK hero-product2.jpg
betterbutterspreader.com/news/images/ 146 KB
146 KB 300ms
118ms Image
image/jpeg 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betterbutterspreader.com/news/images/hero-product2.jpg
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 307754a8a8b35068161afb578c634d182a3c4a48817257faede75efd903f24c8

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 20:38:15 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2470d-5bb6498c93480"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 149261

GET
H2 200 3697118060369314 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 71ms
71ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3697118060369314?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3c9b5515d362b1badf25ac8ef95b6a21ccc2d728becebfd94e2b58a3647aa45

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: QPZaYoGjDfF6JAT+c1borMMRh5cnjxoBFr/ml2IlZ0Ws20IilbMep8WCeszlD08wYisdCGoZUZjYj/qn+QVzvw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Mar 2021 20:38:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
177 B 32ms
13ms Other
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Q9JBKWYKW8&gtm=2oe2h0&_p=1297675362&sr=1600x1200&ul=en-us&cid=1474063277.1614803895&_s=1&dl=https%3A%2F%2Fbetterbutterspreader.com%2Fnews%2Findex2.php%3FaffId%3D2B8799FC%26pub%3D107562%26clickid%3D37fade31bfd4e3938758b38669410478%26aff_sub%3D%26cid%3D27814&dr=http%3A%2F%2Fgreyvisit.com%2Faf8ef6c5c62a407bbc749adafa95dba1c%2F%3Fsid1%3D932xy38hyv3vc88319pv6m%26sid2%3Dee_others%7Cwwwwx%7Cfflmw%26sid3%3Dvct603f7612e1b7aojc%26sid4%3D1drlnga%7C15814%7Czzzyrfflmw%7CY%26sid2%3Dee_others%7Cwwwwx%7Cfflmw%26sid3%3Dvct603f7612e1b7aojc%26sid4%3D1drlnga%7C15814%7Czzzyrfflmw%7CY%2Fee_others-wwwwx-fflmw-vct603f7612e1b7aojc%2F1drlnga-15814-zzzyrfflmw-Y&dt=DotCom%20Product&sid=1614803895&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q9JBKWYKW8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 20:38:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://betterbutterspreader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174362897-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2139
date: Wed, 03 Mar 2021 20:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 03 Mar 2021 22:02:36 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
73 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1297675362&t=pageview&_s=1&dl=https%3A%2F%2Fbetterbutterspreader.com%2Fnews%2Findex2.php%3FaffId%3D2B8799FC%26pub%3D107562%26clickid%3D37fade31bfd4e3938758b38669410478%26aff_sub%3D%26cid%3D27814&dr=http%3A%2F%2Fgreyvisit.com%2Faf8ef6c5c62a407bbc749adafa95dba1c%2F%3Fsid1%3D932xy38hyv3vc88319pv6m%26sid2%3Dee_others%7Cwwwwx%7Cfflmw%26sid3%3Dvct603f7612e1b7aojc%26sid4%3D1drlnga%7C15814%7Czzzyrfflmw%7CY%26sid2%3Dee_others%7Cwwwwx%7Cfflmw%26sid3%3Dvct603f7612e1b7aojc%26sid4%3D1drlnga%7C15814%7Czzzyrfflmw%7CY%2Fee_others-wwwwx-fflmw-vct603f7612e1b7aojc%2F1drlnga-15814-zzzyrfflmw-Y&ul=en-us&de=UTF-8&dt=DotCom%20Product&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=2057196061&gjid=1540291376&cid=1474063277.1614803895&tid=UA-174362897-9&_gid=965962078.1614803895&_r=1&gtm=2ou2h0&z=1549957144

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 20:38:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://betterbutterspreader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 7ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1297675362&t=pageview&_s=2&dl=https%3A%2F%2Fbetterbutterspreader.com%2Fnews%2Findex2.php%3FaffId%3D2B8799FC%26pub%3D107562%26clickid%3D37fade31bfd4e3938758b38669410478%26aff_sub%3D%26cid%3D27814&dr=http%3A%2F%2Fgreyvisit.com%2Faf8ef6c5c62a407bbc749adafa95dba1c%2F%3Fsid1%3D932xy38hyv3vc88319pv6m%26sid2%3Dee_others%7Cwwwwx%7Cfflmw%26sid3%3Dvct603f7612e1b7aojc%26sid4%3D1drlnga%7C15814%7Czzzyrfflmw%7CY%26sid2%3Dee_others%7Cwwwwx%7Cfflmw%26sid3%3Dvct603f7612e1b7aojc%26sid4%3D1drlnga%7C15814%7Czzzyrfflmw%7CY%2Fee_others-wwwwx-fflmw-vct603f7612e1b7aojc%2F1drlnga-15814-zzzyrfflmw-Y&ul=en-us&de=UTF-8&dt=DotCom%20Product&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=&gjid=&cid=1474063277.1614803895&tid=UA-174362897-9&_gid=965962078.1614803895&gtm=2ou2h0&z=1970683585

Requested by

Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:36:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43315
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3697118060369314&ev=pageview&dl=https%3A%2F%2Fbetterbutterspreader.com%2Fnews%2Findex2.php%3FaffId%3D2B8799FC%26pub%3D107562%26clickid%3D37fade31bfd4e3938758b38669410478%26aff_sub%3D%26cid%3D27814&rl=http%3A%2F%2Fgreyvisit.com%2Faf8ef6c5c62a407bbc749adafa95dba1c%2F%3Fsid1%3D932xy38hyv3vc88319pv6m%26sid2%3Dee_others%7Cwwwwx%7Cfflmw%26sid3%3Dvct603f7612e1b7aojc%26sid4%3D1drlnga%7C15814%7Czzzyrfflmw%7CY%26sid2%3Dee_others%7Cwwwwx%7Cfflmw%26sid3%3Dvct603f7612e1b7aojc%26sid4%3D1drlnga%7C15814%7Czzzyrfflmw%7CY%2Fee_others-wwwwx-fflmw-vct603f7612e1b7aojc%2F1drlnga-15814-zzzyrfflmw-Y&if=false&ts=1614803895381&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614803895379.553271823&it=1614803895273&coo=false&rqm=GET

Requested by

Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Mar 2021 20:38:15 GMT

GET
H/1.1 206
Partial Content regular-knife.mp4
betterbutterspreader.com/news/images/ 41 KB
41 KB 123ms
122ms Media
video/mp4 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/images/regular-knife.mp4
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: d1c351d03c3f1f8348f3630d5bd46949613847377d6dc5afbb45d40121fd4f0d

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=3080192-

Response headers

Date: Wed, 03 Mar 2021 20:38:15 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:30 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2fa496-5bb6499804f80"
Content-Type: video/mp4
Content-Range: bytes 3080192-3122325/3122326
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 42134

GET
H/1.1 206
Partial Content demo-gif.mp4
betterbutterspreader.com/news/images/ 23 KB
24 KB 126ms
126ms Media
video/mp4 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/images/demo-gif.mp4
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: c5515a00069e8323a352d3dcdc2fef1106e4733dae5ed4accbfbeed129c7ea3d

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=1867776-

Response headers

Date: Wed, 03 Mar 2021 20:38:15 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:26 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1cddbc-5bb6499434680"
Content-Type: video/mp4
Content-Range: bytes 1867776-1891771/1891772
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 23996

GET smilling.mp4
betterbutterspreader.com/news/images/ 0
0

GET
H/1.1 206
Partial Content regular-knife.mp4
betterbutterspreader.com/news/images/ 3 MB
0 367ms
121ms Media
video/mp4 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/images/regular-knife.mp4
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=32768-

Response headers

Date: Wed, 03 Mar 2021 20:38:16 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:30 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2fa496-5bb6499804f80"
Content-Type: video/mp4
Content-Range: bytes 32768-3122325/3122326
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3089558

GET
H/1.1 206
Partial Content demo-gif.mp4
betterbutterspreader.com/news/images/ 2 MB
0 369ms
124ms Media
video/mp4 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/images/demo-gif.mp4
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=32768-

Response headers

Date: Wed, 03 Mar 2021 20:38:16 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:26 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1cddbc-5bb6499434680"
Content-Type: video/mp4
Content-Range: bytes 32768-1891771/1891772
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1859004

GET
H/1.1 206
Partial Content smilling.mp4
betterbutterspreader.com/news/images/ 37 KB
37 KB 358ms
120ms Media
video/mp4 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/images/smilling.mp4
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8df7804232e45d6bbff4ac5b24d50cb8a7536e71e811f5dd39fc2b88cbfa47bb

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=2293760-

Response headers

Date: Wed, 03 Mar 2021 20:38:16 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:28 GMT
Server: Apache/2.4.38 (Debian)
ETag: "239223-5bb649961cb00"
Content-Type: video/mp4
Content-Range: bytes 2293760-2331170/2331171
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37411

GET
H/1.1 206
Partial Content smilling.mp4
betterbutterspreader.com/news/images/ 2 MB
0 125ms
125ms Media
video/mp4 3.16.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterbutterspreader.com/news/images/smilling.mp4
Requested by: Host: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.16.97.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-16-97-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=32768-

Response headers

Date: Wed, 03 Mar 2021 20:38:16 GMT
Last-Modified: Mon, 15 Feb 2021 19:00:28 GMT
Server: Apache/2.4.38 (Debian)
ETag: "239223-5bb649961cb00"
Content-Type: video/mp4
Content-Range: bytes 32768-2331170/2331171
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2298403

GET
H2 200 betterbutterspreader.jsp Show response
www.upsellit.com/active/ 28 KB
10 KB 817ms
168ms Script
application/x-javascript 208.118.62.69
ALCHEMYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upsellit.com/active/betterbutterspreader.jsp
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/betterbutter008/74859611.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.118.62.69 , United States, ASN7296 (ALCHEMYNET, US),
Reverse DNS
Software: nginx /
Resource Hash: bcdfd13aad82dce5389f41ee2d8223f3e41dfcb56f7a64ec25014abdd3b31574

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:17 GMT
content-encoding: gzip
expires: Thu, 04 Mar 2021 20:38:17 GMT
server: nginx
cache-control: max-age=86400
content-type: application/x-javascript;charset=ISO-8859-1

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3697118060369314&ev=Microdata&dl=https%3A%2F%2Fbetterbutterspreader.com%2Fnews%2Findex2.php%3FaffId%3D2B8799FC%26pub%3D107562%26clickid%3D37fade31bfd4e3938758b38669410478%26aff_sub%3D%26cid%3D27814&rl=http%3A%2F%2Fgreyvisit.com%2Faf8ef6c5c62a407bbc749adafa95dba1c%2F%3Fsid1%3D932xy38hyv3vc88319pv6m%26sid2%3Dee_others%7Cwwwwx%7Cfflmw%26sid3%3Dvct603f7612e1b7aojc%26sid4%3D1drlnga%7C15814%7Czzzyrfflmw%7CY%26sid2%3Dee_others%7Cwwwwx%7Cfflmw%26sid3%3Dvct603f7612e1b7aojc%26sid4%3D1drlnga%7C15814%7Czzzyrfflmw%7CY%2Fee_others-wwwwx-fflmw-vct603f7612e1b7aojc%2F1drlnga-15814-zzzyrfflmw-Y&if=false&ts=1614803896885&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22DotCom%20Product%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614803895379.553271823&it=1614803895273&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 20:38:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Mar 2021 20:38:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.traversedlp.com
URL: https://api.traversedlp.com/retargetinginclusion/enqueue

Domain: betterbutterspreader.com
URL: https://betterbutterspreader.com/news/images/smilling.mp4

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.betterbutterspreader.com/	1970-01-19 18:42:59	Name: _fbp Value: fb.1.1614803895379.553271823
.betterbutterspreader.com/	1970-01-19 16:33:23	Name: _gat_gtag_UA_174362897_9 Value: 1
.betterbutterspreader.com/	1970-01-19 16:34:50	Name: _gid Value: GA1.2.965962078.1614803895
.betterbutterspreader.com/	1970-01-20 10:04:35	Name: _ga Value: GA1.2.1474063277.1614803895
.betterbutterspreader.com/	1970-01-20 10:04:35	Name: _ga_Q9JBKWYKW8 Value: GS1.1.1614803895.1.0.1614803895.0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814(Line 527) Message: [object Object]
console-api	log	URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814(Line 486) Message: 1614803895259 🔑 ENTERED images/hero-product2.jpg
console-api	log	URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814(Line 486) Message: 1614803895259 ⌚ LOADING images/hero-product2.jpg
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - You are sending a non-standard event 'pageview'. The preferred way to send these events is using trackCustom. See 'https://developers.facebook.com/docs/ads-for-websites/pixel-events/#events' for more information.
console-api	log	URL: https://betterbutterspreader.com/news/index2.php?affId=2B8799FC&pub=107562&clickid=37fade31bfd4e3938758b38669410478&aff_sub=&cid=27814(Line 486) Message: 1614803895870 👍 LOADED images/hero-product2.jpg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aediates.eu
anijs.github.io
api.traversedlp.com
betterbutterspreader.com
cdn.jsdelivr.net
cdn.mouseflow.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
greyvisit.com
static.bouncepilot.com
static.traversedlp.com
storage.googleapis.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.upsellit.com
api.traversedlp.com
betterbutterspreader.com
13.32.24.114
185.199.108.153
2001:4de0:ac19::1:b:3b
208.118.62.69
23.111.9.38
23.229.9.133
2600:9000:211e:f400:10:b308:84c0:93a1
2606:4700::6810:135e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
3.16.97.65
34.203.99.241
72.9.145.115
017febff1383f7bde113bf7d51281a041ce19123db0819fd6ee3fc8f5a89a45c
0267260045096457f26914277f49eef5da5ec54ac6aee8579be4810332e518b6
04066ea00efcf5b9ad25c320376161a7a3819f1d9804117aa8ed2ac5c2380dc3
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1292b1520eea1a1b14d413e98f96cc86048e49ab9674248144569fc9713ce1ba
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
307754a8a8b35068161afb578c634d182a3c4a48817257faede75efd903f24c8
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4798e5b2c3fbe527b34d95a1651e422a19fb331664df31857f39b0813aaf11c6
59aa1a8e029d67b27d4f634a60b5bc66a11774a792f0308a2af233121935fe73
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
769032ae1468e56bb8c284f9bf208a1261b55bef1439e05869335a32e2ea3068
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d8829ba7369669e4335e352c21dc6c6cc3542534a8019bec797394f47a016a
85163e5b93d9bdbf3dcb17a46bd8718fc7a11c24ce860e2526b565d636bfeff8
886a0d1005f4d663e11473c81ea20b2b9d618372313df55223d2c571dffc5698
8df7804232e45d6bbff4ac5b24d50cb8a7536e71e811f5dd39fc2b88cbfa47bb
9ccb35518fd949a75ca54f3732f94fc8991db514456eb830a9ab7ba69a4e6756
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a1f6f59cb67947e3a127a74e224efb439a47dc3e92f43f2d57bdb20a006c9923
a5b61c4ddc58f8ab028483cb8e64e75b3af7baf5a69299b1952de7fe1eecf6d2
bcdfd13aad82dce5389f41ee2d8223f3e41dfcb56f7a64ec25014abdd3b31574
c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c
c5515a00069e8323a352d3dcdc2fef1106e4733dae5ed4accbfbeed129c7ea3d
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d1c351d03c3f1f8348f3630d5bd46949613847377d6dc5afbb45d40121fd4f0d
d88e33f01165a7085114a365de792cbda138af8875ab3e481750e24b0fb86eed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9b5515d362b1badf25ac8ef95b6a21ccc2d728becebfd94e2b58a3647aa45
e6a23e6a3399b52a5576c28b2236b48953949793fc17f2c733d35b084d7a0085
e91ba063274d0ff0772254f9a8ab1646414316800d4eea36102aceaa42f5fb02
f164b2693627fca5a7094b072ac6eb2779ada558baa8a4d573ee51d423251d6d
f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12

betterbutterspreader.com Open in urlscan Pro 3.16.97.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

50 Requests

92 %HTTPS

58 %IPv6

17 Domains

19 Subdomains

19 IPs

3 Countries

750 kBTransfer

8835 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

betterbutterspreader.com Open in urlscan Pro
3.16.97.65 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

92 %
HTTPS

58 %
IPv6

17
Domains

19
Subdomains

19
IPs

3
Countries

750 kB
Transfer

8835 kB
Size

5
Cookies

50 HTTP transactions
0 data transactions