jhrte0qwyr-staging.onrocket.site Open in urlscan Pro
2606:4700::6810:966c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jhrte0qwyr-staging.onrocket.site/
Submission: On June 24 via api (June 24th 2024, 11:43:08 am UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 2606:4700::6810:966c, located in United States and belongs to CLOUDFLARENET, US. The main domain is jhrte0qwyr-staging.onrocket.site.
TLS certificate: Issued by E1 on May 26th 2024. Valid for: 3 months.

This is the only time jhrte0qwyr-staging.onrocket.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700::68... 2606:4700::6810:966c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.16.150.108 104.16.150.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::42 2620:1ec:bdf::42	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	() ()
1 1	2a01:111:202c... 2a01:111:202c::237	() ()
21	6

3 2606:4700::6810:966c (United States)

ASN13335 (CLOUDFLARENET, US)

jhrte0qwyr-staging.onrocket.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.16.150.108 (None, )

ASN13335 (CLOUDFLARENET, US)

jhrte0qwyr-staging.onrocket.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::42 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (None, ) 1 redirects

ASN- ()

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:111:202c::237 (None, ) 1 redirects

ASN- ()

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	onrocket.site jhrte0qwyr-staging.onrocket.site	255 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 r.clarity.ms — Cisco Umbrella Rank: 7784 c.clarity.ms	28 KB
1	bing.com 1 redirects c.bing.com	760 B
21	3

	Domain	Requested by
15	jhrte0qwyr-staging.onrocket.site	jhrte0qwyr-staging.onrocket.site
3	r.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.clarity.ms	jhrte0qwyr-staging.onrocket.site www.clarity.ms
1	c.bing.com	1 redirects
21	5

This site contains links to these domains. Also see Links.

Domain
www.twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
onrocket.site E1	`2024-05-26` - `2024-08-24`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://jhrte0qwyr-staging.onrocket.site/
Frame ID: 4EB03E53EBCE612542BF793ED4ECAF7A
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - 1bithub

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

6
IPs

2
Countries

285 kB
Transfer

795 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.twitter.com/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6A75CFDE4EF1490AA02565E10337A677&RedC=c.clarity.ms&MXFR=1AFCCD2537CB6A2D277CD98D33CB6401 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6A75CFDE4EF1490AA02565E10337A677&MUID=1EF617358B226AB903A8039D8A116B25

21 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
jhrte0qwyr-staging.onrocket.site/ 285 KB
32 KB 288ms
218ms Document
text/html 2606:4700::6810:966c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:966c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dc731ee2aae9fbd594f9105828c75f59c00c37714cf8361a30872508a66320

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=2592000
cdn-cache-control: max-age=2592000
cf-cache-status: HIT
cf-ray: 898c75353c318fc8-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Mon, 24 Jun 2024 11:43:02 GMT
expect-ct: max-age=7776000, enforce
last-modified: Sat, 22 Jun 2024 20:43:14 GMT
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
referrer-policy: strict-origin-when-cross-origin no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-flying-press-cache: HIT
x-flying-press-source: Web Server
x-robots-tag: noindex, noarchive, nosnippet
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
jhrte0qwyr-staging.onrocket.site/wp-includes/js/jquery/ 86 KB
30 KB 183ms
180ms Script
text/javascript 2606:4700::6810:966c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:966c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Mon, 28 Aug 2023 22:44:24 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c7536de178fc8-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H2 200 breakdance-utils.js Show response
jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/plugin/global-scripts/ 7 KB
2 KB 173ms
172ms Script
text/javascript 2606:4700::6810:966c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/plugin/global-scripts/breakdance-utils.js?bd_ver=1.7.0

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:966c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1163a1caae6161aeff0dccd7fdce2616cd2c0ebc88af544d876be750bbe9b216

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 18:45:26 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c7536de1a8fc8-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H3 200 header-builder.js Show response
jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/elements/Header_Builder/ 6 KB
2 KB 188ms
188ms Script
text/javascript 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/elements/Header_Builder/header-builder.js?bd_ver=1.7.0

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cfc3fbeaae3f5b41e42258fa2d95e2674b915e435ac5685b12eb37a366b230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 18:45:26 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c7537e874a028-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H3 200 awesome-menu.js Show response
jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/dependencies-files/awesome-menu@1/ 59 KB
19 KB 193ms
193ms Script
text/javascript 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/dependencies-files/awesome-menu@1/awesome-menu.js?bd_ver=1.7.0

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b2099cec8538a4dc2c549d17dd93765499a855573916fa95c32f65d6c4167b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 18:45:25 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c7537f88da028-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H3 200 swiper-bundle.min.js Show response
jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/dependencies-files/swiper@8/ 135 KB
38 KB 188ms
186ms Script
text/javascript 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/dependencies-files/swiper@8/swiper-bundle.min.js?bd_ver=1.7.0

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b65ad7584043ba0af88041da7db350d8cf86db77116e2d3645070cbeb4cadafd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 18:45:25 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c753818bba028-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H3 200 breakdance-swiper.js Show response
jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/dependencies-files/breakdance-swiper/ 10 KB
3 KB 167ms
166ms Script
text/javascript 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/dependencies-files/breakdance-swiper/breakdance-swiper.js?bd_ver=1.7.0

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95defb6b0deeb0ec1d9dd817fb2beddc7502fc1243003b3f4ab8107a36f4a224

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 18:45:25 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c753818c3a028-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H3 200 search-form.js Show response
jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/elements/Search_Form/assets/ 3 KB
1 KB 222ms
220ms Script
text/javascript 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/elements/Search_Form/assets/search-form.js?bd_ver=1.7.0

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f4fb6dc4686e97fd611df31c4326328407739350330e8f2cee0deb53293aed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 18:45:25 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c753818c6a028-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H3 200 form.js Show response
jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/dependencies-files/awesome-form@1/js/ 23 KB
6 KB 218ms
216ms Script
text/javascript 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/dependencies-files/awesome-form@1/js/form.js?bd_ver=1.7.0

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a521b3b6028264facae7319ea7bc55248284413ab52ac0d05dbdaa4f05dd0dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Wed, 13 Mar 2024 18:45:25 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c753818c9a028-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H3 200 lazyrender.min.js Show response
jhrte0qwyr-staging.onrocket.site/wp-content/plugins/flying-press/assets/ 539 B
834 B 218ms
217ms Script
text/javascript 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/plugins/flying-press/assets/lazyrender.min.js

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e71e9dde39dc8999bdfd68101ee34cc7dd5949c209f0a22cdfacdee6c35a31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Fri, 05 Apr 2024 12:43:18 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c753818caa028-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H2 200 lg61cade4h Show response
www.clarity.ms/tag/ 637 B
1001 B 277ms
154ms Script
application/x-javascript 2620:1ec:bdf::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/lg61cade4h
Requested by: Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 81cf7ae36053dd5afb135b6a5ea7812f988dcddd3de87bd0aaab4146334053ba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Mon, 24 Jun 2024 11:43:02 GMT
x-azure-ref: 20240624T114302Z-17d856f5577h5hbd808dzg8dgw00000008dg000000007ms3
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
DATA 200
OK truncated
/ 278 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeaba5b0a679cd1fde4e04f6e31fd220efb65d57e2c89a70552e7ac587864050

Request headers

Referer
Origin: https://jhrte0qwyr-staging.onrocket.site
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
jhrte0qwyr-staging.onrocket.site/wp-content/cache/flying-press/ 45 KB
45 KB 201ms
200ms Font
font/woff2 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/cache/flying-press/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c56952ae9d023f3ecf38d991f095ac9545cb932f919c7963c6140fd6cf8f9650

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Origin: https://jhrte0qwyr-staging.onrocket.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 45904
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Fri, 21 Jun 2024 18:57:21 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c75384905a028-FRA
expires: Mon, 23 Jun 2025 09:05:57 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://jhrte0qwyr-staging.onrocket.site
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 logo.png
jhrte0qwyr-staging.onrocket.site/wp-content/uploads/2024/04/ 2 KB
3 KB 191ms
191ms Image
image/webp 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/uploads/2024/04/logo.png

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2df7dfccf84ff507893b67ed9cea0ba680b2cc4664dc87956dd96d19aee366c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2528
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Fri, 05 Apr 2024 15:44:13 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c75384901a028-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H3 200 1bithub-start-with-1-bit.png
jhrte0qwyr-staging.onrocket.site/wp-content/uploads/2024/03/ 6 KB
7 KB 486ms
485ms Image
image/webp 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/uploads/2024/03/1bithub-start-with-1-bit.png

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

742ceb6b1d3bce9fe63cb59b4fd79cdf13433a76699aa99c249cb4c633878eb6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 6312
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Tue, 02 Apr 2024 08:11:37 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c75384903a028-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

GET
H3 404 logo.svg
jhrte0qwyr-staging.onrocket.site/wp-content/uploads/2024/03/ 64 KB
64 KB 4576ms
4575ms Image
text/html 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/uploads/2024/03/logo.svg

Requested by

Host: jhrte0qwyr-staging.onrocket.site
URL: https://jhrte0qwyr-staging.onrocket.site/wp-content/plugins/breakdance/subplugins/breakdance-elements/dependencies-files/awesome-menu@1/awesome-menu.js?bd_ver=1.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4caf175d66feddd2e7ae96a142eee99e4f3b4d1d52980c3c4a2faba145ceddf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: EXPIRED
content-encoding: br
content-security-policy: upgrade-insecure-requests;
x-flying-press-cache: MISS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-flying-press-source: PHP
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
x-robots-tag: noindex, noarchive, nosnippet
link: <https://jhrte0qwyr-staging.onrocket.site/wp-json/>; rel="https://api.w.org/"
cf-ray: 898c753a4c4fa028-FRA

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 46ms
45ms Script
application/javascript 2620:1ec:bdf::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lg61cade4h
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:02 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240624T114302Z-17d856f5577h5hbd808dzg8dgw00000008dg000000007mt5
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 949203f2-601e-0050-0434-c2ec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
296 B 515ms
187ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://jhrte0qwyr-staging.onrocket.site
Date: Mon, 24 Jun 2024 11:43:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
296 B 881ms
654ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://jhrte0qwyr-staging.onrocket.site
Date: Mon, 24 Jun 2024 11:43:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
296 B 116ms
116ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://jhrte0qwyr-staging.onrocket.site
Date: Mon, 24 Jun 2024 11:43:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6A75CFDE4EF1490AA02565E10337A677&RedC=c.clarity.ms&MXFR=1AFCCD2537CB6A2D277CD98D33CB6401
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6A75CFDE4EF1490AA02565E10337A677&MUID=1EF617358B226AB903A8039D8A116B25

42 B
465 B

48ms
47ms

Image
image/gif

68.219.88.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6A75CFDE4EF1490AA02565E10337A677&MUID=1EF617358B226AB903A8039D8A116B25
Protocol: H2
Server: 68.219.88.97 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://jhrte0qwyr-staging.onrocket.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 11:43:07 GMT
last-modified: Wed, 19 Jun 2024 18:40:50 GMT
server: Microsoft-IIS/10.0
etag: "2c9f213578c2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 24 Jun 2024 11:43:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AAF48A64507A4583BFD4AF37C4F64227 Ref B: VIEEDGE2714 Ref C: 2024-06-24T11:43:07Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6A75CFDE4EF1490AA02565E10337A677&MUID=1EF617358B226AB903A8039D8A116B25
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 favicon.png
jhrte0qwyr-staging.onrocket.site/wp-content/uploads/2024/04/ 810 B
1 KB 179ms
178ms Other
image/webp 104.16.150.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhrte0qwyr-staging.onrocket.site/wp-content/uploads/2024/04/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.150.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b197b7bbae7bd2291c8a3963504c42c101e6ec228a3bac0b74dc21ab2c6c29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jhrte0qwyr-staging.onrocket.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 11:43:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 810
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, no-referrer-when-downgrade
last-modified: Fri, 05 Apr 2024 15:44:13 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
permissions-policy: geolocation=(), midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=(), fullscreen=(self)
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nosnippet
cf-ray: 898c75575a55a028-FRA
expires: Sun, 22 Jun 2025 23:57:04 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 06:19:25	Name: CLID Value: 194eeaa2d23642a6bd4b7be8ac607d61.20240624.20250624
.onrocket.site/	1970-01-21 06:19:25	Name: _clck Value: ovphxp%7C2%7Cfmw%7C0%7C1636
.onrocket.site/	1970-01-20 21:35:15	Name: _clsk Value: 1ot7c93%7C1719229383481%7C1%7C1%7Cr.clarity.ms%2Fcollect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jhrte0qwyr-staging.onrocket.site/wp-content/uploads/2024/03/logo.svg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
jhrte0qwyr-staging.onrocket.site
r.clarity.ms
www.clarity.ms
104.16.150.108
20.119.174.243
2606:4700::6810:966c
2620:1ec:bdf::42
2a01:111:202c::237
68.219.88.97
0a521b3b6028264facae7319ea7bc55248284413ab52ac0d05dbdaa4f05dd0dd
1163a1caae6161aeff0dccd7fdce2616cd2c0ebc88af544d876be750bbe9b216
12e71e9dde39dc8999bdfd68101ee34cc7dd5949c209f0a22cdfacdee6c35a31
2df7dfccf84ff507893b67ed9cea0ba680b2cc4664dc87956dd96d19aee366c7
37dc731ee2aae9fbd594f9105828c75f59c00c37714cf8361a30872508a66320
5b2099cec8538a4dc2c549d17dd93765499a855573916fa95c32f65d6c4167b3
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
742ceb6b1d3bce9fe63cb59b4fd79cdf13433a76699aa99c249cb4c633878eb6
81cf7ae36053dd5afb135b6a5ea7812f988dcddd3de87bd0aaab4146334053ba
91f4fb6dc4686e97fd611df31c4326328407739350330e8f2cee0deb53293aed
95defb6b0deeb0ec1d9dd817fb2beddc7502fc1243003b3f4ab8107a36f4a224
98cfc3fbeaae3f5b41e42258fa2d95e2674b915e435ac5685b12eb37a366b230
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a4caf175d66feddd2e7ae96a142eee99e4f3b4d1d52980c3c4a2faba145ceddf
b65ad7584043ba0af88041da7db350d8cf86db77116e2d3645070cbeb4cadafd
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c56952ae9d023f3ecf38d991f095ac9545cb932f919c7963c6140fd6cf8f9650
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d8b197b7bbae7bd2291c8a3963504c42c101e6ec228a3bac0b74dc21ab2c6c29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeaba5b0a679cd1fde4e04f6e31fd220efb65d57e2c89a70552e7ac587864050

jhrte0qwyr-staging.onrocket.site Open in urlscan Pro 2606:4700::6810:966c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

50 %IPv6

3 Domains

5 Subdomains

6 IPs

2 Countries

285 kBTransfer

795 kBSize

3 Cookies

3 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

jhrte0qwyr-staging.onrocket.site Open in urlscan Pro
2606:4700::6810:966c Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

6
IPs

2
Countries

285 kB
Transfer

795 kB
Size

3
Cookies

21 HTTP transactions
2 data transactions