Submitted URL: http://mw.primelink.website/index.php/campaigns/pm724zoxqd978/track-url/yh261wye3zc63/6ace51054f730cef00fa41ead3b7ceaddbab251e
Effective URL: https://offerclosed.convertri.com/aichannel
Submission: On May 07 via automatic, source phishtank — Scanned from DE

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 21 HTTP transactions. The main IP is 35.240.1.10, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is offerclosed.convertri.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 14th 2024. Valid for: a year.
This is the only time offerclosed.convertri.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 172.105.155.178 63949 (AKAMAI-LI...)
1 1 167.235.217.27 24940 (HETZNER-AS)
1 5 172.66.40.88 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2602:816:5001... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 35.240.1.10 396982 (GOOGLE-CL...)
3 169.150.247.33 60068 (CDN77 _)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.210.157.92 14618 (AMAZON-AES)
2 2a04:4e42:600... 54113 (FASTLY)
21 11
Apex Domain
Subdomains
Transfer
6 convertri.com
offerclosed.convertri.com
cdn.convertri.com — Cisco Umbrella Rank: 153572
snowplow.convertri.com — Cisco Umbrella Rank: 161029
148 KB
5 warriorplus.com
warriorplus.com — Cisco Umbrella Rank: 505844
41 KB
3 logikalink.com
logikalink.com
7 KB
2 imgix.net
convertri.imgix.net — Cisco Umbrella Rank: 178019
15 KB
2 gstatic.com
fonts.gstatic.com
50 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 636
30 KB
1 qltrk.com
rebecca.qltrk.com
2 KB
1 primelink.website
mw.primelink.website
612 B
0 nr-data.net Failed
bam.nr-data.net Failed
21 11
Domain Requested by
5 warriorplus.com 1 redirects warriorplus.com
static.cloudflareinsights.com
3 cdn.convertri.com offerclosed.convertri.com
3 logikalink.com 1 redirects
2 convertri.imgix.net offerclosed.convertri.com
2 fonts.gstatic.com offerclosed.convertri.com
2 offerclosed.convertri.com 1 redirects warriorplus.com
2 static.cloudflareinsights.com warriorplus.com
1 snowplow.convertri.com offerclosed.convertri.com
1 www.googletagmanager.com warriorplus.com
1 js-agent.newrelic.com warriorplus.com
1 rebecca.qltrk.com 1 redirects
1 mw.primelink.website 1 redirects
0 bam.nr-data.net Failed warriorplus.com
21 13

This site contains links to these domains. Also see Links.

Domain
softprolab.tawk.help
Subject Issuer Validity Valid
www.logikalink.com
R3
2024-04-26 -
2024-07-25
3 months crt.sh
warriorplus.com
E1
2024-04-04 -
2024-07-03
3 months crt.sh
cloudflareinsights.com
GTS CA 1P5
2024-03-10 -
2024-06-08
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-21 -
2025-04-22
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.convertri.com
Sectigo RSA Domain Validation Secure Server CA
2024-03-14 -
2025-04-14
a year crt.sh
cdn.convertri.com
R3
2024-04-01 -
2024-06-30
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
snowplow.convertri.com
Amazon RSA 2048 M02
2023-12-27 -
2025-01-25
a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-12-07 -
2025-01-07
a year crt.sh

This page contains 1 frames:

Primary Page: https://offerclosed.convertri.com/aichannel
Frame ID: 50DB4D38AB6C5C4E952101EB21F81B57
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Closed

Page URL History Show full URLs

  1. http://mw.primelink.website/index.php/campaigns/pm724zoxqd978/track-url/yh261wye3zc63/6ace51054f730cef00... HTTP 307
    https://mw.primelink.website/index.php/campaigns/pm724zoxqd978/track-url/yh261wye3zc63/6ace51054f730cef00... HTTP 301
    https://logikalink.com/go HTTP 301
    https://logikalink.com/go/ Page URL
  2. http://rebecca.qltrk.com/r/group1 HTTP 307
    https://rebecca.qltrk.com/r/group1 HTTP 302
    https://warriorplus.com/o2/a/dt55fs/0 Page URL
  3. https://warriorplus.com/o2/a/dt55fs/0?nonce=12ebdcb4cbf48ea032068d9c427e6b2a369f0ca0 HTTP 302
    https://warriorplus.com/o/view/ds3cg4/affc_dt55fs Page URL
  4. https://offerclosed.convertri.com/aichannel Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

86 %
HTTPS

45 %
IPv6

11
Domains

13
Subdomains

11
IPs

3
Countries

296 kB
Transfer

1123 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mw.primelink.website/index.php/campaigns/pm724zoxqd978/track-url/yh261wye3zc63/6ace51054f730cef00fa41ead3b7ceaddbab251e HTTP 307
    https://mw.primelink.website/index.php/campaigns/pm724zoxqd978/track-url/yh261wye3zc63/6ace51054f730cef00fa41ead3b7ceaddbab251e HTTP 301
    https://logikalink.com/go HTTP 301
    https://logikalink.com/go/ Page URL
  2. http://rebecca.qltrk.com/r/group1 HTTP 307
    https://rebecca.qltrk.com/r/group1 HTTP 302
    https://warriorplus.com/o2/a/dt55fs/0 Page URL
  3. https://warriorplus.com/o2/a/dt55fs/0?nonce=12ebdcb4cbf48ea032068d9c427e6b2a369f0ca0 HTTP 302
    https://warriorplus.com/o/view/ds3cg4/affc_dt55fs Page URL
  4. https://offerclosed.convertri.com/aichannel Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mw.primelink.website/index.php/campaigns/pm724zoxqd978/track-url/yh261wye3zc63/6ace51054f730cef00fa41ead3b7ceaddbab251e HTTP 307
  • https://mw.primelink.website/index.php/campaigns/pm724zoxqd978/track-url/yh261wye3zc63/6ace51054f730cef00fa41ead3b7ceaddbab251e HTTP 301
  • https://logikalink.com/go HTTP 301
  • https://logikalink.com/go/
Request Chain 1
  • http://rebecca.qltrk.com/r/group1 HTTP 307
  • https://rebecca.qltrk.com/r/group1 HTTP 302
  • https://warriorplus.com/o2/a/dt55fs/0
Request Chain 6
  • https://warriorplus.com/o2/a/dt55fs/0?nonce=12ebdcb4cbf48ea032068d9c427e6b2a369f0ca0 HTTP 302
  • https://warriorplus.com/o/view/ds3cg4/affc_dt55fs
Request Chain 19
  • https://offerclosed.convertri.com/favicon.ico HTTP 307
  • https://cdn.convertri.com/favicon.ico

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
logikalink.com/go/
Redirect Chain
  • http://mw.primelink.website/index.php/campaigns/pm724zoxqd978/track-url/yh261wye3zc63/6ace51054f730cef00fa41ead3b7ceaddbab251e
  • https://mw.primelink.website/index.php/campaigns/pm724zoxqd978/track-url/yh261wye3zc63/6ace51054f730cef00fa41ead3b7ceaddbab251e
  • https://logikalink.com/go
  • https://logikalink.com/go/
274 B
565 B
Document
General
Full URL
https://logikalink.com/go/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.105.155.178 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
mx.logikalink.com
Software
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
680e90eb895772d7c07e359fb9f5b7a4892bf5e78d1a8668a5f8505d5b57a744

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
200
Content-Type
text/html
Date
Tue, 07 May 2024 19:21:56 GMT
ETag
"112-5d30ac7d03cc0-gzip"
Keep-Alive
timeout=5, max=99
Last-Modified
Mon, 13 Dec 2021 17:55:39 GMT
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
234
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 07 May 2024 19:21:56 GMT
Keep-Alive
timeout=5, max=100
Location
https://logikalink.com/go/
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
0
warriorplus.com/o2/a/dt55fs/
Redirect Chain
  • http://rebecca.qltrk.com/r/group1
  • https://rebecca.qltrk.com/r/group1
  • https://warriorplus.com/o2/a/dt55fs/0
51 KB
19 KB
Document
General
Full URL
https://warriorplus.com/o2/a/dt55fs/0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2fd4f828c1349ab78ca07f6fd6d61d50775168c838c1cd97a4ed20d50401ff9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://logikalink.com/go/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8803937888ea0bcd-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 May 2024 19:21:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gMtQAdiZWT%2FIUv7BDVjH%2FknmL7AH52chgZfCNYqfWh6sa0QfqHRcvmkjr75z%2Bggs3wjtz0Qvmvs8Hw%2FY3o13K62790O87Z%2BIX7wRsZeOaW8IG9fOPJFo%2BEnOXoS03gEfrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY

Redirect headers

cache-control
no-cache, private no-store, no-cache, must-revalidate, max-age=0
content-type
text/html; charset=UTF-8
date
Tue, 07 May 2024 19:21:57 GMT
location
https://warriorplus.com/o2/a/dt55fs/0
pragma
no-cache
server
nginx
x-powered-by
PHP/7.4.33
x-ratelimit-limit
101
x-ratelimit-remaining
100
favicon.ico
logikalink.com/
66 KB
6 KB
Other
General
Full URL
https://logikalink.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.105.155.178 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
mx.logikalink.com
Software
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 19:21:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jan 2019 23:01:58 GMT
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
ETag
"1083e-57f7308228580-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
image/x-icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5955
vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o2/a/dt55fs/0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://warriorplus.com/
Origin
https://warriorplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:21:58 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.4.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8803937b8a0c35fe-FRA
nr-full-1.258.0.min.js
js-agent.newrelic.com/
92 KB
30 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-full-1.258.0.min.js
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o2/a/dt55fs/0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://warriorplus.com/
Origin
https://warriorplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
8WR6PIgycWg8_iTK36yZnzjnEITD_yDC
content-encoding
br
via
1.1 varnish
date
Tue, 07 May 2024 19:21:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
BHDF8M2QT3FP7HTP
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
30005
x-amz-id-2
gRx5vb4eZeG42VkXp12Gx3ctvtQ7E5e4kWrTUvdBEL0L3ccZkQLDzpWlGD+bzJDzogJmyoz4xRNh+qUCvk94yaxJ/iG6XSrY
x-served-by
cache-mxp6960-MXP
last-modified
Mon, 29 Apr 2024 21:02:59 GMT
server
AmazonS3
etag
"b67defeacef46d51d50390276571c8bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
58185
rum
warriorplus.com/cdn-cgi/
0
141 B
XHR
General
Full URL
https://warriorplus.com/cdn-cgi/rum?
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o2/a/dt55fs/0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID
VQcDWVBRCBABUVJTAQEHUFUF
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
Referer
https://warriorplus.com/o2/a/dt55fs/0
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:21:58 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://warriorplus.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8803937c3cab0bcd-AMS
affc_dt55fs
warriorplus.com/o/view/ds3cg4/
Redirect Chain
  • https://warriorplus.com/o2/a/dt55fs/0?nonce=12ebdcb4cbf48ea032068d9c427e6b2a369f0ca0
  • https://warriorplus.com/o/view/ds3cg4/affc_dt55fs
52 KB
19 KB
Document
General
Full URL
https://warriorplus.com/o/view/ds3cg4/affc_dt55fs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://warriorplus.com/o2/a/dt55fs/0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8803937e4ec30bcd-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 May 2024 19:21:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLjNqzAcq%2BBhTUNwfwljNQZOrrKSxgalC08Qh0%2FgU4%2FSK4ZVyzYwqM71asg7tvkhUaLf5qgr1siQ8HvDuVHMoEImno4W%2BwlcWSI4c38O7rD0JXNC3nvOXgZ2Z2zFMa%2BG2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8803937c3cb40bcd-AMS
content-type
text/html; charset=UTF-8
date
Tue, 07 May 2024 19:21:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/o/view/ds3cg4/affc_dt55fs
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iin3IbBzH3uVAZqMgk3cPTlXMXJSLWfvvMGAo6xStVXQZNKYqDpLJ4jrJfWjoy2N2xtdQmDMPnC0qx%2FxCmTBC%2BeNrqMI1XFJ7l1WlsQasCyHS9tTvdjwM6tF39XS19QNig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
favicon.ico
warriorplus.com/
1 KB
1 KB
Other
General
Full URL
https://warriorplus.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://warriorplus.com/o2/a/dt55fs/0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:21:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 May 2024 14:53:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6561
etag
W/"47e-61779c56cfdc0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7330%2Fp64fVGUXIpq3weYdsRR6lBB5X4ZJFg00OABy4VOmfoJY7NEys6HrqpcQgoSGhhyVh4qN0W9AP1miDdmGcv9g4tn1EQueMBhzggrCOWAu7vHAdiniCeL2hEdQKu7hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cf-ray
8803937c3cb10bcd-AMS
alt-svc
h3=":443"; ma=86400
undefined
bam.nr-data.net/1/
0
0

rum
warriorplus.com/cdn-cgi/
0
0

vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
static.cloudflareinsights.com/beacon.min.js/
19 KB
0
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o/view/ds3cg4/affc_dt55fs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://warriorplus.com/
Origin
https://warriorplus.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:21:58 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.4.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8803937b8a0c35fe-FRA
gtm.js
www.googletagmanager.com/
125 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o/view/ds3cg4/affc_dt55fs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://warriorplus.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:21:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87706
x-xss-protection
0
last-modified
Tue, 07 May 2024 18:35:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 May 2024 19:21:59 GMT
Primary Request aichannel
offerclosed.convertri.com/
126 KB
20 KB
Document
General
Full URL
https://offerclosed.convertri.com/aichannel
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o/view/ds3cg4/affc_dt55fs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.240.1.10 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.1.240.35.bc.googleusercontent.com
Software
/
Resource Hash
742eacdff81cedfec4a340972f41345e7f07c0e5c3b70758b0c18837318be6fe

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://warriorplus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 07 May 2024 19:21:59 GMT
vary
Accept-Encoding
jquery-1.12.2.min.js
cdn.convertri.com/
393 KB
115 KB
Script
General
Full URL
https://cdn.convertri.com/jquery-1.12.2.min.js?v=2023-12-19-09-32-48
Requested by
Host: offerclosed.convertri.com
URL: https://offerclosed.convertri.com/aichannel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.33 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-33.bunnyinfra.net
Software
BunnyCDN-DE1-1076 /
Resource Hash
592e43252d016f384776187b747facf1b631dc566ef55bb22dc511da4c0d0f3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offerclosed.convertri.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:21:59 GMT
content-encoding
br
cdn-edgestorageid
1075
x-amz-request-id
EBC21BZGMP4N3TN7
x-amz-server-side-encryption
AES256
cdn-cachedat
05/07/2024 08:50:25
cdn-pullzone
408079
x-amz-id-2
WYNYxp4ZEHLYZigfZMs/nth7YO468eAaxOJuW66xLw4aQB4U7i1/6KdKKAs942Km3IRIKsKQHz4=
last-modified
Tue, 07 May 2024 08:30:42 GMT
server
BunnyCDN-DE1-1076
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"a16a0a6a2c16739e47632f5cd41c29f8"
vary
Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
max-age=604800
cdn-requestid
63e9ddff153093612f28aa6d3f46fbf0
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
fonts.gstatic.com/s/sourcesanspro/v22/
34 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
Requested by
Host: offerclosed.convertri.com
URL: https://offerclosed.convertri.com/aichannel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
314fd3741f6250f7623e080a4d4e4638a71be001fa4e2af2b81d03dda5a367a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offerclosed.convertri.com/
Origin
https://offerclosed.convertri.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 11:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19166
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 11:02:18 GMT
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fAZ9hjQ.ttf
fonts.gstatic.com/s/inter/v13/
61 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuI6fAZ9hjQ.ttf
Requested by
Host: offerclosed.convertri.com
URL: https://offerclosed.convertri.com/aichannel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfdc991f67cdd56c0e75b20c50799a8a10d41b9c9ee61230498fcb6a6de11d9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offerclosed.convertri.com/
Origin
https://offerclosed.convertri.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 18:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31685
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 18:51:19 GMT
cdn.min.css
cdn.convertri.com/
67 KB
9 KB
Stylesheet
General
Full URL
https://cdn.convertri.com/cdn.min.css?v=2023-12-19-09-32-48
Requested by
Host: offerclosed.convertri.com
URL: https://offerclosed.convertri.com/aichannel
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.33 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-33.bunnyinfra.net
Software
BunnyCDN-DE1-1076 /
Resource Hash
4a9e5fa6d886f98d64d71b026e6e5fe57a3c207da288bbb63ee8a19803ec09f6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offerclosed.convertri.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:21:59 GMT
content-encoding
br
cdn-edgestorageid
1078
x-amz-request-id
EBC7BDAPC4TGWKQ9
x-amz-server-side-encryption
AES256
cdn-cachedat
05/07/2024 08:50:25
cdn-pullzone
408079
x-amz-id-2
uvgTxMt8IGM9pHcZE8ti46C9aZjcRAUfYY5uBLJ04dkjb8JSk4LsiaqnRqlcQJr8jTP5U+iE61M=
last-modified
Tue, 07 May 2024 08:30:46 GMT
server
BunnyCDN-DE1-1076
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"91bf7fad9eda26930ae8c633102e65e0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=604800
cdn-requestid
7ddf16ba4f25e82af6bfe0c97c0ab62b
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
i
snowplow.convertri.com/
43 B
336 B
Image
General
Full URL
https://snowplow.convertri.com/i?stm=1715109719787&e=pv&url=https%3A%2F%2Fofferclosed.convertri.com%2Faichannel&page=Closed&refr=https%3A%2F%2Fwarriorplus.com%2F&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=Europe%2FBerlin&lang=de-DE&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=4f9bf0ef-2e8d-4e6d-b9ac-755626f75ed1&dtm=1715109719787&vp=1600x1200&ds=1600x1200&vid=1&sid=69317eed-eba9-4393-9493-3aee5abf87b0&duid=04048676-296d-4997-863b-6e36edcb5452&fp=1187562409
Requested by
Host: offerclosed.convertri.com
URL: https://offerclosed.convertri.com/aichannel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.157.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-157-92.compute-1.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offerclosed.convertri.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 07 May 2024 19:22:00 GMT
access-control-allow-credentials
true
content-type
image/gif
server
spray-can/1.3.3
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
4da13923-2b58-11ed-aeb6-06deec350f13%2F3eb78a5569f37d47f400024c66226592971fa375%2FRed%20We%20Are%20Closed%20Notification%20Instagram%20Post.png
convertri.imgix.net/
8 KB
8 KB
Image
General
Full URL
https://convertri.imgix.net/4da13923-2b58-11ed-aeb6-06deec350f13%2F3eb78a5569f37d47f400024c66226592971fa375%2FRed%20We%20Are%20Closed%20Notification%20Instagram%20Post.png?auto=compress,format&fit=scale&w=494&h=436
Requested by
Host: offerclosed.convertri.com
URL: https://offerclosed.convertri.com/aichannel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
3d1b68634e015037761d50a0e91142a31255c81bab378562ec221beb93d0fa03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offerclosed.convertri.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:22:00 GMT
x-content-type-options
nosniff
age
92400
x-cache
HIT, MISS
x-imgix-id
44a058758e9665381581c5c66001f93594c73371
cross-origin-resource-policy
cross-origin
content-length
8209
x-served-by
cache-sjc10077-SJC, cache-mxp6949-MXP
last-modified
Mon, 06 May 2024 17:41:59 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
Group%20166%403x.png
convertri.imgix.net/d106fe32-1e97-11e6-829d-066a9bd5fb79/26b27681742c81c759e6a86eca644a23b4f4c81d/
6 KB
7 KB
Image
General
Full URL
https://convertri.imgix.net/d106fe32-1e97-11e6-829d-066a9bd5fb79/26b27681742c81c759e6a86eca644a23b4f4c81d/Group%20166%403x.png?auto=compress,format&fit=clip&w=1600
Requested by
Host: offerclosed.convertri.com
URL: https://offerclosed.convertri.com/aichannel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
078c150a5e05fbb0cc6ed2f6d2a9c336bbea5a96efb98e427e63b6e845dce02b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offerclosed.convertri.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 19:22:00 GMT
x-content-type-options
nosniff
age
1253596
x-cache
HIT, MISS
x-imgix-id
98015169d73aeedd01a386e0a5eadcab9dca095e
cross-origin-resource-policy
cross-origin
content-length
6343
x-served-by
cache-sjc10062-SJC, cache-mxp6949-MXP
last-modified
Tue, 23 Apr 2024 07:08:43 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
favicon.ico
cdn.convertri.com/
Redirect Chain
  • https://offerclosed.convertri.com/favicon.ico
  • https://cdn.convertri.com/favicon.ico
2 KB
3 KB
Other
General
Full URL
https://cdn.convertri.com/favicon.ico
Protocol
H2
Server
169.150.247.33 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-33.bunnyinfra.net
Software
BunnyCDN-DE1-1076 /
Resource Hash
c79c14bf58a56fb450588a775ea6e0b231f4c8f6977c6334b650795162e14e79

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offerclosed.convertri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Tue, 07 May 2024 19:22:00 GMT
cdn-edgestorageid
1047
x-amz-request-id
M8P0AEB1416AG9NS
cdn-cachedat
05/07/2024 08:31:01
cdn-pullzone
408079
content-length
2425
x-amz-id-2
/VkfrlF4k66fLVYogltoEN5lOsKV0rehaNMw2gTLabC219Z43qFT0WBIRgKpxGcDQJo01KqDYuc=
last-modified
Tue, 11 Sep 2018 10:57:55 GMT
server
BunnyCDN-DE1-1076
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"542a6c950dc11dfdcc8262df4185b767"
content-type
image/png
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
max-age=604800
cdn-requestid
8939e15cb8277fb564871655255125c2
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

location
https://cdn.convertri.com/favicon.ico
date
Tue, 07 May 2024 19:22:00 GMT
content-length
73
vary
Accept-Encoding
content-type
text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/undefined?a=undefined&v=1.258.0&t=Unnamed%20Transaction&rst=1856&ck=0&s=9da82376ee7ca0f9&ref=https://warriorplus.com/o2/a/dt55fs/0&af=err,xhr,stn,ins&be=1399&fe=248&dc=247&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1715109716766,%22n%22:0,%22f%22:1000,%22dn%22:1002,%22dne%22:1013,%22c%22:1013,%22s%22:1013,%22ce%22:1064,%22rq%22:1064,%22rp%22:1400,%22rpe%22:1443,%22di%22:1450,%22ds%22:1646,%22de%22:1646,%22dc%22:1646,%22l%22:1646,%22le%22:1647%7D,%22navigation%22:%7B%7D%7D
Domain
warriorplus.com
URL
https://warriorplus.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentClassList object| CONVERTRI_CONSTANTS object| convertriParameters object| warningMessages object| submitMessages object| dataLayer object| ConvertriScriptConsent string| _cvt_gsi function| needsJQuery function| convertriLoadDeferredStyles function| raf function| managePopovers function| Popover object| FormValidator object| UrlUtils function| CheckoutValidationErrorRenderer function| AnalyticsUtils function| ClickAnalyticsEventBuilder function| OpenCheckoutAnalyticsEventBuilder function| PurchaseAnalyticsEventBuilder function| PurchaseAnalyticsLegacyEventBuilder function| SubmitFormAnalyticsEventBuilder function| GmtDataLayerTracker function| AnalyticsEvent function| ClickAnalyticsEvent function| OpenCheckoutAnalyticsEvent function| PurchaseAnalyticsLegacyEvent function| PurchaseAnalyticsEvent function| SubmitFormAnalyticsEvent function| convertriCheckoutApiFactory function| convertriFormApiFactory function| convertriCheckoutFormApiFactory function| convertriCheckoutFormValidatorFactory function| jQueryToPromise function| orderDataFactory function| PaypalBasePaymentButton function| PaypalException function| PaypalOneTimePaymentButtonConfigFactory function| PaypalOneTimePaymentButton function| convertToPaypalOrder function| PaypalButtonConfigFactory function| PaypalSubscriptionButtonConfigFactory function| PaypalSubscriptionButton function| ShippingZonesHelper function| StripeElements function| CheckoutModalCustomValidatorFactory function| uniqueSelector function| visibilityChanged function| yall object| ConvertriCheckoutCurrencies object| ConvertriCheckoutEvents object| ConvertriCheckoutModalEvents object| ConvertriProductSelectionModalEvents function| ConvertriAnalytics object| CheckoutCoupons object| ConvertriAbandonedCartHandler object| ConvertriCheckoutController object| formWidgetCartInfo object| BlankFormValidator object| CheckoutHelpers object| PromiseHelpers object| ConvertriCheckoutPaymentDetailsForm object| ConvertriCheckoutModal object| ConvertriPreCheckoutProductSelection object| ConvertriCheckoutModalRenderer object| ConvertriCheckoutModalPreviewRenderer object| MobileDetector object| QueryArgBag function| ViewportResizer object| GlobalSnowplowNamespace function| ConvertriAnalyticsSnowplow function| Cookies object| doT function| ES6Promise function| $ function| jQuery object| Snowplow function| UAParser object| fbEventInfo object| fbPixelProxy function| getPresentCoupon function| handleCheckoutResponse object| match object| jQuery112207249864037710378

14 Cookies

Domain/Path Name / Value
mw.primelink.website/ Name: mwsid
Value: 0e1dddf691d99dee9eafbee9bce99822
.qltrk.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlhXdDRteXBNK25FYmU0VWMxUVJia1E9PSIsInZhbHVlIjoiek80OWJUcmpTV08yMWE2U3Y3OElXZWF3c2FlSUR4UVY4MTNsT2twbHJPZjVrcnJDa1N1czFNMDVLSXZEeXFFSk5aWFR4bmZkSU5oQ0RTMjBUUDAzK1pjM21yOTdPU1Bwckl5LzkxdWhBTTd0Vi81RjFGcGdTRzJwUkwzaUdsOWwiLCJtYWMiOiI4YzRiZjNmNDFjOTJiZjQ2NWVmNjA1MzNhYmRiZTVjMjZmZTc0NGY0NzE3NjhlZmIxNTI4ZWUwNzcxMTU4NGI1In0%3D
.qltrk.com/ Name: qlikersession
Value: eyJpdiI6IklFTmxMNWI2R0crdGtMYUlsV2JUVXc9PSIsInZhbHVlIjoiUkVDNy9GaTVTWVZVZEVMdHNVU0xTbERlUGtVYWJhcVBwcWN0UVNkajAvUEMyeDRPcE0rMEJVd3hCRUxjeVhLMThoUk8rRFg0amdseGJ2MDRYaXI1cFdwUW1lYm9ZVnJUeGcvQ1hMN0hkRDdrUnZ0TFdDVERiMWxYRGtEY2xpNEciLCJtYWMiOiJhMzBlYmI4NzJhYzY4NzFhNmQzMWIwZTcwNDY0OTZlOTg3NTAyYzE1ZjAzNGIzN2VmYWVlNmQzOTBhM2VlMDUxIn0%3D
.qltrk.com/ Name: rn
Value: eyJpdiI6IjM5bHlUaUZsdUtkTEwwc1AvWUVKMUE9PSIsInZhbHVlIjoiL2JDTWVQRzBjaE5GYmVsRWgxZFE5UDNpQk1iaXlrK2dFRFUrUGw1cDhJWVI0ZnpFdEN0cHh3VC8yOVQwdmQ3TGI4Um9VMk9FY01TWU5lSktvV1NRREpRNjltSnFQdzJpaDJiUERhNEhwUVE9IiwibWFjIjoiMDM0ODdiMmNmZTUwM2U4YjRmMTQ0OGM5NmQ0MTFmZjAzNjVlZTEwODRmZjkwYTNhMTE3ZDdmMmE3ZmM3MjM0ZiJ9
.qltrk.com/ Name: rnl
Value: eyJpdiI6Ik9tK29jUTh2Z0VCMkRxZnZHeVNoYVE9PSIsInZhbHVlIjoieUZIZHlqTGJDQVdZTzRjM2hoL2hJMTd6cTZtWTFjS1loSTNLSUorVGQ2ZVVXUkc0VDZJNFo5dFpvU2hGTEpneHh0MHBCU2F6R2dtam5Ic1VUMlRZZ2R4dnFjT1Vmc2hvNjEyWUJHTWxEZkk9IiwibWFjIjoiNWVlMzU2ZTQ5ZjE1ZjEzZTdkMzZlZDM2ZDk3ZmE1OWZlZWU1MzI2YzE2MWJjZDY4OTNkNWM2MTU2OTg4OTQxMCJ9
rebecca.qltrk.com/ Name: QLAPI
Value: 1a6843d5db3a8621a2ad83a537f07f43|Zjp/W|Zjp/W
warriorplus.com/ Name: warriorplus
Value: qaot3q20ucl27ttfd27el0sju7
warriorplus.com/ Name: rqtok
Value: e4b86771a25f069be2ac
warriorplus.com/ Name: affo_ds3cg4
Value: 554287297
warriorplus.com/ Name: affo2_185051
Value: 554287297
warriorplus.com/ Name: wpg
Value: gllq8ct6j0zf0pb4
offerclosed.convertri.com/ Name: _sp_ses.b262
Value: *
offerclosed.convertri.com/ Name: _sp_id.b262
Value: 04048676-296d-4997-863b-6e36edcb5452.1715109720.1.1715109720.1715109720.69317eed-eba9-4393-9493-3aee5abf87b0
.convertri.com/ Name: _CVTa
Value: 6ef928e1-2e86-4a89-9c42-d452af601b6c

2 Console Messages

Source Level URL
Text
javascript error URL: https://warriorplus.com/o2/a/dt55fs/0
Message:
Access to XMLHttpRequest at 'https://bam.nr-data.net/1/undefined?a=undefined&v=1.258.0&t=Unnamed%20Transaction&rst=1856&ck=0&s=9da82376ee7ca0f9&ref=https://warriorplus.com/o2/a/dt55fs/0&af=err,xhr,stn,ins&be=1399&fe=248&dc=247&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1715109716766,%22n%22:0,%22f%22:1000,%22dn%22:1002,%22dne%22:1013,%22c%22:1013,%22s%22:1013,%22ce%22:1064,%22rq%22:1064,%22rp%22:1400,%22rpe%22:1443,%22di%22:1450,%22ds%22:1646,%22de%22:1646,%22dc%22:1646,%22l%22:1646,%22le%22:1647%7D,%22navigation%22:%7B%7D%7D' from origin 'https://warriorplus.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bam.nr-data.net/1/undefined?a=undefined&v=1.258.0&t=Unnamed%20Transaction&rst=1856&ck=0&s=9da82376ee7ca0f9&ref=https://warriorplus.com/o2/a/dt55fs/0&af=err,xhr,stn,ins&be=1399&fe=248&dc=247&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1715109716766,%22n%22:0,%22f%22:1000,%22dn%22:1002,%22dne%22:1013,%22c%22:1013,%22s%22:1013,%22ce%22:1064,%22rq%22:1064,%22rp%22:1400,%22rpe%22:1443,%22di%22:1450,%22ds%22:1646,%22de%22:1646,%22dc%22:1646,%22l%22:1646,%22le%22:1647%7D,%22navigation%22:%7B%7D%7D
Message:
Failed to load resource: net::ERR_FAILED