urlscan.io logo urlscan.io
SecurityTrails logo

ccvt.tf.media Open in urlscan Pro
2606:4700::6813:fe12  Public Scan

Go To Rescan Add Verdict Report
URL: https://ccvt.tf.media/
Submission: On March 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 1 countries across 14 domains to perform 52 HTTP transactions. The main IP is 2606:4700::6813:fe12, located in United States and belongs to CLOUDFLARENET, US. The main domain is ccvt.tf.media.
TLS certificate: Issued by GTS CA 1P5 on March 27th 2024. Valid for: 3 months.
This is the only time ccvt.tf.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
6 13.110.33.130 14340 (SALESFORCE)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2603:1062:10:... 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
3 52.184.204.244 8075 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.110.33.2 14340 (SALESFORCE)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 52.42.129.124 16509 (AMAZON-02)
2 34.226.36.51 14618 (AMAZON-AES)
52 19
10    2606:4700::6813:fe12 (United States)

ASN13335 (CLOUDFLARENET, US)
ccvt.tf.media
4    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
9    2606:4700::6813:ff12 (United States)

ASN13335 (CLOUDFLARENET, US)
media.hd.pics
6    13.110.33.130 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl4-ncg0-iad3.na101-ia2.force.com
service.force.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2607:f8b0:4006:81c::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2603:1062:10:25::1 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
n.clarity.ms
1    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.110.33.2 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-iad3.na101-ia2.force.com
service.force.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    52.42.129.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-129-124.us-west-2.compute.amazonaws.com
d.la1-core1.sfdc-lywfpd.salesforceliveagent.com
2    34.226.36.51 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-36-51.compute-1.amazonaws.com
vhtstudios.file.force.com
Apex Domain
Subdomains		 Transfer
10 tf.media
ccvt.tf.media
580 KB
9 force.com
service.force.com — Cisco Umbrella Rank: 4031
vhtstudios.file.force.com
74 KB
9 hd.pics
media.hd.pics — Cisco Umbrella Rank: 549034
260 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 753
n.clarity.ms — Cisco Umbrella Rank: 6663
c.clarity.ms — Cisco Umbrella Rank: 1387
23 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 357
111 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
263 KB
2 salesforceliveagent.com
d.la1-core1.sfdc-lywfpd.salesforceliveagent.com — Cisco Umbrella Rank: 10742
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 182
72 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 245
762 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
252 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 148
252 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
252 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
269 B
1 gstatic.com
fonts.gstatic.com
45 KB
52 14
Domain Requested by
10 ccvt.tf.media 1 redirects ccvt.tf.media
9 media.hd.pics ccvt.tf.media
7 service.force.com ccvt.tf.media
service.force.com
4 fonts.googleapis.com ccvt.tf.media
ajax.googleapis.com
3 n.clarity.ms www.clarity.ms
3 www.googletagmanager.com ccvt.tf.media
www.googletagmanager.com
3 ajax.googleapis.com ccvt.tf.media
2 vhtstudios.file.force.com
2 d.la1-core1.sfdc-lywfpd.salesforceliveagent.com service.force.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms ccvt.tf.media
www.clarity.ms
2 connect.facebook.net ccvt.tf.media
connect.facebook.net
1 c.bing.com 1 redirects
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 www.facebook.com ccvt.tf.media
1 fonts.gstatic.com fonts.googleapis.com
52 18

This site contains links to these domains. Also see Links.

Domain
www.tourfactory.com
tourfactory.com
Subject Issuer Validity Valid
ccvt.tf.media
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
hd.pics
E1		 2024-02-22 -
2024-05-22		 3 months crt.sh
*.na101.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-03 -
2024-12-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
la1-core1.sfdc-lywfpd.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-10 -
2025-02-08		 a year crt.sh
sfdc-yfeipo.edge.file.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-24 -
2024-05-23		 a year crt.sh

This page contains 3 frames:

Primary Page: https://ccvt.tf.media/
Frame ID: 10029CD95341034A234DAA9FE0465793
Requests: 50 HTTP requests in this frame

Frame: https://ccvt.tf.media/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: 979E2788C1DC4B9ECA0D8F9511D06F89
Requests: 2 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://ccvt.tf.media/
Frame ID: 5BA59CFE6344D3530EFBE814163142EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

List of Sites :: Central Coast Virtual Tours

Detected technologies

Overall confidence: 100%
Detected patterns
  • service\.force\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

52
Requests

96 %
HTTPS

68 %
IPv6

14
Domains

18
Subdomains

19
IPs

1
Countries

1437 kB
Transfer

3018 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://ccvt.tf.media/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://ccvt.tf.media/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Request Chain 40
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=76D951B3EE8B401F8CCFEDB6ACFC364D&RedC=c.clarity.ms&MXFR=1BC629E5662969C220D53DAA622967AE HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76D951B3EE8B401F8CCFEDB6ACFC364D&MUID=339C04C507DA6C690537108A06646D3B

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ccvt.tf.media/ 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8673e287663728261bf3d006be23980775ec20703085570c3afbfa2ff2dfaaaf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
86b344cdaea009b2-MIA
content-encoding
gzip
content-type
text/html
date
Wed, 27 Mar 2024 23:48:00 GMT
server
cloudflare
vary
Accept-Encoding
x-server
WEB106
css
fonts.googleapis.com/ 		1 KB
876 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
beb761a0aff595ec9fa0d76354a16f4455fd3a5c827a3a2a881af72bf33778b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Mar 2024 23:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Mar 2024 22:27:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Mar 2024 23:48:01 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/ 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 08:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8324
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 08:04:04 GMT
all.min.css
ccvt.tf.media/art/fa/css/ 		496 KB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ccvt.tf.media/art/fa/css/all.min.css
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d021a48acc03b7693e91fa0b445e168fa768424fef3e5fb23ee28a130fcfe67

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 05 Oct 2023 18:01:04 GMT
server
cloudflare
etag
"5e965e8b5f7d91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
x-server
WEB104
cf-ray
86b344cfea2a09b2-MIA
expires
Thu, 28 Mar 2024 23:48:00 GMT
main.css
ccvt.tf.media/art/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ccvt.tf.media/art/main.css?v=291
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0fdd8b2603313b0143c28ed5e09486be51443a0220fa7ad857cb5c6205177eb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 19:04:17 GMT
server
cloudflare
etag
"804e6966b07fda1:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
x-server
WEB107
accept-ranges
bytes
cf-ray
86b344cfea2e09b2-MIA
content-length
6790
expires
Thu, 28 Mar 2024 23:48:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 12:30:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 12:30:38 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 07:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 07:58:21 GMT
jquery.ui.touch-punch.min.js
ccvt.tf.media/js/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ccvt.tf.media/js/jquery.ui.touch-punch.min.js
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eade09a5da8a542b96001c4b0d3b914ee3d735af46ef1a906be2dcae6724498

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 09 Apr 2021 15:48:09 GMT
server
cloudflare
etag
"199a73bd572dd71:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
x-server
WEB103
accept-ranges
bytes
cf-ray
86b344cfea2f09b2-MIA
content-length
809
expires
Thu, 28 Mar 2024 23:48:00 GMT
main.js
ccvt.tf.media/js/ 		125 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccvt.tf.media/js/main.js?v=291
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e71a7962b4ca56c89ec1c5a3e06e86fda743e8a6b0379d4d5e9770df8de6d79a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 26 Mar 2024 19:07:34 GMT
server
cloudflare
etag
"699f4dbb07fda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
x-server
WEB107
accept-ranges
bytes
cf-ray
86b344cfea3009b2-MIA
content-length
40599
expires
Thu, 28 Mar 2024 23:48:00 GMT
apiv2.js
ccvt.tf.media/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccvt.tf.media/js/apiv2.js?v=291
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d73381ec9daafb1316b5893bb3c0c7e57241c074ac1fd4497c2e7daa81f34b6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 26 Oct 2023 15:42:26 GMT
server
cloudflare
etag
"23a1705238da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
x-server
WEB105
accept-ranges
bytes
cf-ray
86b344cfea3109b2-MIA
content-length
2175
expires
Thu, 28 Mar 2024 23:48:00 GMT
402g6j2813.png
media.hd.pics/tf/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hd.pics/tf/402g6j2813.png
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc3891c2b71c559efe6295f8b23b468199c35efc5c97900412ef0101832cdc5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
cf-cache-status
MISS
x-amz-request-id
RN8C3WMTXH9Y7EZ5
x-amz-server-side-encryption
AES256
content-length
93064
x-amz-id-2
fFU4OT5Pay0EUZkUxHnq4oYT04iCu7NFr7ITGstqR1HRjEgzyry4I/ArfqEg+ahQ1xkNTJACKXY=
last-modified
Thu, 01 Feb 2024 18:24:21 GMT
server
cloudflare
etag
"edcff6da5715c956d8c82418ae93b992"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
hd-source
w-v1
accept-ranges
bytes
cf-ray
86b344d37fdadb0d-MIA
expires
Thu, 28 Mar 2024 23:48:01 GMT
esw.min.js
service.force.com/embeddedservice/5.0/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.33.130 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-iad3.na101-ia2.force.com
Software
/
Resource Hash
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 23:40:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 04 Jul 2023 00:26:54 GMT
Content-Encoding
gzip
Age
459
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Origin-Trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8455
Expires
Thu, 28 Mar 2024 23:40:22 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 27 Mar 2024 23:48:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58040
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=64, rtx=0, c=12, mss=1294, tbw=2779, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
GKuyJzps911H+1TM+PlRvgRBtOa02hRc+HSkHY2JFysfXJoAZtWeZTxO9+fLuNvqYbhSQSF//cdcZfL0oJ72XQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Mar 2024 23:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Mar 2024 23:42:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Mar 2024 23:48:01 GMT
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:500
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7d9d82d72f6270a7a226a94d01559b4ab3abbc4107f2f321e20518823809a28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Mar 2024 23:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Mar 2024 23:48:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Mar 2024 23:48:01 GMT
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dea306b5b720da9e4c71248463ca12df3c39720c11620db0909cfbae5b3cc1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Mar 2024 23:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Mar 2024 23:29:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Mar 2024 23:48:01 GMT
gtm.js
www.googletagmanager.com/ 		257 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5015953a20976fd8847b9c986f98007254a5fdafb890a90e3d29f56c5e3f15b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89936
x-xss-protection
0
last-modified
Wed, 27 Mar 2024 23:05:30 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Mar 2024 23:48:01 GMT
common.min.js
service.force.com/embeddedservice/5.0/utils/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.33.130 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-iad3.na101-ia2.force.com
Software
/
Resource Hash
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 23:38:46 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding
gzip
Age
555
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Origin-Trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1918
Expires
Thu, 28 Mar 2024 23:38:46 GMT
ks0vx48x2m
www.clarity.ms/tag/ 		650 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/ks0vx48x2m
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:25::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7e0e91d91d071c3f8faf2ffb72c84f4725401d0f10c289bf20821c93146f784f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
date
Wed, 27 Mar 2024 23:48:01 GMT
x-azure-ref
0MbAEZgAAAACak+vsDZ9PQKQhoaFAN4LhWVRPMjIxMDkwODE5MDE5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
650
expires
-1
fa-regular-400.woff2
ccvt.tf.media/art/fa/webfonts/ 		386 KB
387 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ccvt.tf.media/art/fa/webfonts/fa-regular-400.woff2
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/art/fa/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/art/fa/css/all.min.css
Origin
https://ccvt.tf.media
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
cf-cache-status
MISS
last-modified
Thu, 05 Oct 2023 19:22:17 GMT
server
cloudflare
etag
"10a9b740c1f7d91:0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=86400
x-server
WEB102
accept-ranges
bytes
cf-ray
86b344d559be09b2-MIA
content-length
395444
expires
Thu, 28 Mar 2024 23:48:01 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://ccvt.tf.media
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 08:56:26 GMT
x-content-type-options
nosniff
age
53495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 08:56:26 GMT
main.js
ccvt.tf.media/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame 979E
Redirect Chain
  • https://ccvt.tf.media/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://ccvt.tf.media/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccvt.tf.media/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aaecdb49b7ad159584f6a8f15f853074b0f46e6a6c429558b8379f8cfb48ac4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86b344d5ca6709b2-MIA

Redirect headers

date
Wed, 27 Mar 2024 23:48:01 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
86b344d579e109b2-MIA
content-length
0
4r2igsmwuc.jpg
media.hd.pics/2/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hd.pics/2/4r2igsmwuc.jpg
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b48ce291431c5d47bcbe5b8bea24b0bc508c923ccb89d7d9c4669f1772609dd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
cf-cache-status
HIT
age
15824
x-amz-request-id
351518BE8EEC46D9:B
cf-polished
origSize=81291
content-length
54615
x-amz-id-2
0zgvbASUE/dcUq8VRG+xy7ljZz49UWFxtVoxo0JDlU61aMdXMvBL2UFAFH/gaywCHeKc6nkWwyTF
last-modified
Wed, 27 Mar 2024 18:59:36 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
x-wasabi-cm-reference-id
1711567457668 38.73.225.107 ConID:1510281986/EngineConID:19019353/Core:69
etag
"2a3f57d1bf3111d9a56e7812dc38ba30"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
hd-source
w-v1
accept-ranges
bytes
cf-ray
86b344d5bb1fdb0d-MIA
expires
Thu, 28 Mar 2024 23:48:01 GMT
uzcnqimy17.jpg
media.hd.pics/2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hd.pics/2/uzcnqimy17.jpg
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81fd4d56475d76a56fb9a31862769931e4a4f52353721a1c9c6cc7e23a15edcb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
cf-cache-status
MISS
x-amz-request-id
431919DE27468347:A
content-length
2966
x-amz-id-2
NWkq/h0Vs45HwxBVFEv8DPl2BjC5B68cJbVBUuDSaYSpHFmc7sZ2yT7Todxjz3rlmTqiwDUT58bA
last-modified
Mon, 23 Jan 2023 21:07:56 GMT
server
cloudflare
x-wasabi-cm-reference-id
1711583281617 38.73.225.106 ConID:1516812257/EngineConID:19686440/Core:72
etag
"d5ea9e47fd57c6ac3b23eb59619c9e85"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
hd-source
w-v1
accept-ranges
bytes
cf-ray
86b344d5bb26db0d-MIA
expires
Thu, 28 Mar 2024 23:48:01 GMT
1auutqsv97.jpg
media.hd.pics/2/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hd.pics/2/1auutqsv97.jpg
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9812730b50e31c7e628de8399d262f29a0d4acafb373298fe77885cb591b9f1c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
cf-cache-status
MISS
x-amz-request-id
78DB522DDF2BDA7E:A
content-length
31955
x-amz-id-2
USo1NEOBRp4TXOqmj2k8yuEhbTRmirZivBtT28tIssCdTg0xeZNhsJDp/iQWoa4Q1qSvuNh/Xqag
last-modified
Sat, 09 Mar 2024 20:09:16 GMT
server
cloudflare
x-wasabi-cm-reference-id
1711583281617 38.73.225.106 ConID:1516812256/EngineConID:19702607/Core:64
etag
"401a492a3fc667aba834bc8a9f9ba215"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
hd-source
w-v1
accept-ranges
bytes
cf-ray
86b344d5bb23db0d-MIA
expires
Thu, 28 Mar 2024 23:48:01 GMT
al84lm6t7d.jpg
media.hd.pics/2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hd.pics/2/al84lm6t7d.jpg
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15882b29fd6e5c847048a8276905a4c27c6c2d110d05a69368f0e72070e4c953

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
cf-cache-status
MISS
x-amz-request-id
770EE1C668494807:A
content-length
3406
x-amz-id-2
yKUGTtzeLS8ns8elLA5a7zOPvzp0n8EW8dJ3v1gcxLMkQG7XgP8b0BCArgoU5hxmZZJ4zU8MXP2U
last-modified
Mon, 23 Jan 2023 21:04:42 GMT
server
cloudflare
x-wasabi-cm-reference-id
1711583281614 38.73.225.104 ConID:1525870976/EngineConID:19789531/Core:76
etag
"ecb100a096d96eff8e911afdc8eb49f8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
hd-source
w-v1
accept-ranges
bytes
cf-ray
86b344d5bb1cdb0d-MIA
expires
Thu, 28 Mar 2024 23:48:01 GMT
vw4yfa9ui0.jpg
media.hd.pics/2/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hd.pics/2/vw4yfa9ui0.jpg
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b753820a29fb628e04ffc1575d021784206b8a70280fd463454236255201846

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
cf-cache-status
MISS
x-amz-request-id
B69FE06A29D408EB:B
content-length
36369
x-amz-id-2
v4FzGHPE/sSz/h7k8JqUio1E/s25Os06A0m0bzGgHa2s5hJ8gzU5AEJqhMh/AeQuj/HUWF5vwDae
last-modified
Wed, 06 Mar 2024 20:14:47 GMT
server
cloudflare
x-wasabi-cm-reference-id
1711583281615 38.73.225.100 ConID:1534820285/EngineConID:20074817/Core:74
etag
"77838bcfb4b5ccea2fb52c7a2bf3674d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
hd-source
w-v1
accept-ranges
bytes
cf-ray
86b344d5bb22db0d-MIA
expires
Thu, 28 Mar 2024 23:48:01 GMT
1fx0t6xfa0.jpg
media.hd.pics/2/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.hd.pics/2/1fx0t6xfa0.jpg
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac11e55c1532c37b70ca15ba2f28ae1f83d3ced8f2efd138596d2afe6518ae06

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
cf-cache-status
MISS
x-amz-request-id
0B51ACD2F0AA41B2:B
content-length
32269
x-amz-id-2
5RqyEBgaiI93C42GInkcgsH/C4VsWtNAXYOl0KI/IGAFQ20b8gLkNsg9+pi8h/eLyZ10NSUbddE9
last-modified
Wed, 06 Mar 2024 22:17:10 GMT
server
cloudflare
x-wasabi-cm-reference-id
1711583281619 38.73.225.103 ConID:1551015625/EngineConID:19607902/Core:13
etag
"d16491271351e1d3dd911601b61af4fc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
hd-source
w-v1
accept-ranges
bytes
cf-ray
86b344d5bb25db0d-MIA
expires
Thu, 28 Mar 2024 23:48:01 GMT
esw.min.css
service.force.com/embeddedservice/5.0/ 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.33.130 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-iad3.na101-ia2.force.com
Software
/
Resource Hash
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 23:40:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding
gzip
Age
458
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=86400
Origin-Trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4027
Expires
Thu, 28 Mar 2024 23:40:23 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.33.130 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-iad3.na101-ia2.force.com
Software
/
Resource Hash
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 23:38:50 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 17 Aug 2022 20:11:18 GMT
Content-Encoding
gzip
Age
551
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Origin-Trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5913
Expires
Thu, 28 Mar 2024 23:38:50 GMT
86b344cdaea009b2
ccvt.tf.media/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 979E 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ccvt.tf.media/cdn-cgi/challenge-platform/h/g/jsd/r/86b344cdaea009b2
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:fe12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
content-encoding
gzip
server
cloudflare
cf-ray
86b344d6fc2009b2-MIA
content-type
text/plain; charset=UTF-8
230469054215394
connect.facebook.net/signals/config/ 		65 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230469054215394?v=2.9.151&r=stable&domain=ccvt.tf.media&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39e6a63d050b8bb3711d01e3748868bcc8cfa4fef9ceca0194081993d1c08576
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 27 Mar 2024 23:48:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=72, rtx=0, c=64, mss=1294, tbw=63183, tp=-1, tpl=-1, uplat=89, ullat=1
pragma
public
x-fb-debug
JtDM5oQOfTh3z91J/8lZGfIW9QJcfpsh7w1L0RLeucr4VHKhbOeOp6KNYrOVuAm74Av14Fd7AkiXZeObqIG88g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b461b1c67e5e642949e488803c8ce1c4cbc81d967c81edefc7c3c8ff9ad710af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89779
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 27 Mar 2024 23:48:01 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPLGFGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83a0e2de6d6409d931714b68400e2b967ffbc7e0efe827f8828a7d148232a5d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88705
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 27 Mar 2024 23:48:01 GMT
clarity.js
www.clarity.ms/s/0.7.24/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.24/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ks0vx48x2m
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1062:10:25::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:01 GMT
content-encoding
br
last-modified
Tue, 19 Mar 2024 12:23:39 GMT
x-azure-ref-originshield
0YokEZgAAAACqpyzsaRvITqBNogEL7RyXTU5aMjIxMDYwNjEyMDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DC480F6888504A"
x-azure-ref
0MbAEZgAAAACXf6GOfbBMTJO9qqATZxBjWVRPMjIxMDkwODE5MDE5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
098958e9-801e-0015-3c7f-803968000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230469054215394&ev=PageView&dl=https%3A%2F%2Fccvt.tf.media%2F&rl=&if=false&ts=1711583282067&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711583282056.837885717&cs_est=true&ler=empty&cdl=API_unavailable&it=1711583281875&coo=false&rqm=GET
Requested by
Host: ccvt.tf.media
URL: https://ccvt.tf.media/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=10, mss=1294, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 27 Mar 2024 23:48:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MWE46F19LM&gtm=45je43p0v9123082311z89119306395za200&_p=1711583281452&gcd=13l3l3l3l1&npa=0&dma=0&cid=603131399.1711583282&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711583282&sct=1&seg=0&dl=https%3A%2F%2Fccvt.tf.media%2F&dt=List%20of%20Sites%20%3A%3A%20Central%20Coast%20Virtual%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1952
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWE46F19LM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 27 Mar 2024 23:48:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ccvt.tf.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
n.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://ccvt.tf.media
Date
Wed, 27 Mar 2024 23:48:02 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
collect
analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-PC2TQ5FC02&gtm=45je43p0v9119313763z89119306395za200&_p=1711583281452&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=603131399.1711583282&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711583282&sct=1&seg=0&dl=https%3A%2F%2Fccvt.tf.media%2F&dt=List%20of%20Sites%20%3A%3A%20Central%20Coast%20Virtual%20Tours&en=page_view&_fv=1&_ss=1&tfd=2045
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 27 Mar 2024 23:48:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ccvt.tf.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PC2TQ5FC02&cid=603131399.1711583282&gtm=45je43p0v9119313763z89119306395za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC2TQ5FC02&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 27 Mar 2024 23:48:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ccvt.tf.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esw.html
service.force.com/embeddedservice/5.0/ Frame 5BA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://ccvt.tf.media/
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.33.2 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-iad3.na101-ia2.force.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ccvt.tf.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
public,max-age=86400
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html;charset=UTF-8
Date
Wed, 27 Mar 2024 23:48:02 GMT
Expires
Thu, 28 Mar 2024 23:48:02 GMT
Last-Modified
Thu, 14 Sep 2023 00:07:46 GMT
Origin-Trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=76D951B3EE8B401F8CCFEDB6ACFC364D&RedC=c.clarity.ms&MXFR=1BC629E5662969C220D53DAA622967AE
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76D951B3EE8B401F8CCFEDB6ACFC364D&MUID=339C04C507DA6C690537108A06646D3B
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76D951B3EE8B401F8CCFEDB6ACFC364D&MUID=339C04C507DA6C690537108A06646D3B
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ccvt.tf.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Mar 2024 23:48:01 GMT
last-modified
Fri, 01 Mar 2024 22:53:54 GMT
server
Microsoft-IIS/10.0
etag
"32434d562b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 27 Mar 2024 23:48:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F0E9E5E736664715801A77A3CE348DF3 Ref B: MIAEDGE1710 Ref C: 2024-03-27T23:48:02Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76D951B3EE8B401F8CCFEDB6ACFC364D&MUID=339C04C507DA6C690537108A06646D3B
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
iau910eb6d.png
media.hd.pics/tf/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://media.hd.pics/tf/iau910eb6d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf354965677b47f35fa268c1f4b89c44738e46c9d54db964ae85ebd4f05fc048

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:03 GMT
cf-cache-status
MISS
x-amz-request-id
5QM8853ABAFH5BPV
x-amz-server-side-encryption
AES256
content-length
4701
x-amz-id-2
LgOsGmKlFGc8jeytqeNUgmKeYxKaW5J43QQ60J5tSz5JmbofzCqeqci+AQ9Japrq9LKBl1bINGg=
last-modified
Mon, 23 Jan 2023 20:56:33 GMT
server
cloudflare
etag
"62bf7285144f9e7880f73140980e0e88"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
hd-source
w-v1
accept-ranges
bytes
cf-ray
86b344de3fe3db0d-MIA
expires
Thu, 28 Mar 2024 23:48:03 GMT
EmbeddedServiceConfig.jsonp
d.la1-core1.sfdc-lywfpd.salesforceliveagent.com/chat/rest/EmbeddedService/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-core1.sfdc-lywfpd.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D700000008G5v&EmbeddedServiceConfig.configName=VHT_Tourfactory&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.42.129.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-129-124.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e5c0461babf99cb1b31f9558989ef8d8378c11258fb92b8c242f88319d75f973
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 27 Mar 2024 23:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
expires
-1
invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.33.130 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-iad3.na101-ia2.force.com
Software
/
Resource Hash
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 23:39:44 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding
gzip
Age
498
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Origin-Trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4540
Expires
Thu, 28 Mar 2024 23:39:44 GMT
servlet.ImageServer
vhtstudios.file.force.com/servlet/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vhtstudios.file.force.com/servlet/servlet.ImageServer?id=015Rc000003wGIn&oid=00D700000008G5v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.226.36.51 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-36-51.compute-1.amazonaws.com
Software
sfdcedge /
Resource Hash
b1d83fa1360d88507e23b4c01e3334853cad86649f816d1cbe161aecae5de8a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains
referrer-policy
origin-when-cross-origin
content-security-policy
upgrade-insecure-requests
x-sfdc-request-check
2
x-content-type-options
nosniff
server
sfdcedge
last-modified
Wed, 14 Feb 2024 08:00:00 GMT
x-sfdc-request-id
743c0a33094f4e2e745bac603d1a1264
x-sfdc-edge-cache
MISS
content-type
image/png
cache-control
public,max-age=900
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
x-robots-tag
none
expires
Thu, 28 Mar 2024 00:03:03 GMT
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer
https://service.force.com/
Origin
https://ccvt.tf.media
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/octet-stream
Settings.jsonp
d.la1-core1.sfdc-lywfpd.salesforceliveagent.com/chat/rest/Visitor/ 		351 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-core1.sfdc-lywfpd.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[573Rc0000001c4r]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=572Rc0000004ZnB&org_id=00D700000008G5v&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.42.129.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-129-124.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e548c9960f1b4be2430f955d79df4b9460341d7c3c2be4344f198ccd11476156
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 27 Mar 2024 23:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
expires
-1
inert.min.js
service.force.com/embeddedservice/5.0/utils/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/inert.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.33.130 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-iad3.na101-ia2.force.com
Software
/
Resource Hash
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 23:38:56 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Age
547
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Origin-Trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
2469
Expires
Thu, 28 Mar 2024 23:38:56 GMT
iau910eb6d.png
media.hd.pics/tf/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://media.hd.pics/tf/iau910eb6d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ff12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf354965677b47f35fa268c1f4b89c44738e46c9d54db964ae85ebd4f05fc048

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:03 GMT
cf-cache-status
HIT
age
0
x-amz-request-id
5QM8853ABAFH5BPV
x-amz-server-side-encryption
AES256
content-length
4701
x-amz-id-2
LgOsGmKlFGc8jeytqeNUgmKeYxKaW5J43QQ60J5tSz5JmbofzCqeqci+AQ9Japrq9LKBl1bINGg=
last-modified
Mon, 23 Jan 2023 20:56:33 GMT
server
cloudflare
etag
"62bf7285144f9e7880f73140980e0e88"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
hd-source
w-v1
accept-ranges
bytes
cf-ray
86b344df79e2db0d-MIA
expires
Thu, 28 Mar 2024 23:48:03 GMT
collect
n.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://ccvt.tf.media
Date
Wed, 27 Mar 2024 23:48:03 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
servlet.ImageServer
vhtstudios.file.force.com/servlet/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vhtstudios.file.force.com/servlet/servlet.ImageServer?id=015Rc000003wGNd&oid=00D700000008G5v
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.226.36.51 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-36-51.compute-1.amazonaws.com
Software
sfdcedge /
Resource Hash
6d3672e3f509fa5499fe8bb9092ea7b0c71236f56fa62a7be69365b02394b1a5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:48:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 14 Feb 2024 07:59:58 GMT
referrer-policy
origin-when-cross-origin
server
sfdcedge
x-sfdc-edge-cache
MISS
x-sfdc-request-id
7d3cc3aaa6398abbf74d9cd93440788d
content-type
image/png
cache-control
public,max-age=900
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
x-robots-tag
none
expires
Thu, 28 Mar 2024 00:03:03 GMT
collect
n.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/x-clarity-gzip
Referer
https://ccvt.tf.media/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://ccvt.tf.media
Date
Wed, 27 Mar 2024 23:48:05 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onpagereveal function| $ function| jQuery object| hd object| api function| fbq function| _fbq object| dataLayer object| embedded_svc function| initESW undefined| s function| clarity function| hex object| google_tag_manager object| google_tag_data object| gaGlobal

22 Cookies

Domain/Path Name / Value
.ccvt.tf.media/ Name: sid2
Value: 5FFF47BE20544412801E8F3692624ACC
www.clarity.ms/ Name: CLID
Value: d9d6432b5466417287d254433a4fb7a2.20240327.20250327
.ccvt.tf.media/ Name: cf_clearance
Value: YECw6rIW4jUvuqBxr7EA1e6hAyx67yBTYGMPCMsDjSk-1711583281-1.0.1.1-ypffpspXfUv8A70HFL8L6QJXESR8BNEXZrTcuwAeAdXecEBS4lAUWzse44sVQ7bxE_LGNDtF.PCYnmNtSF9DCg
.tf.media/ Name: _gcl_au
Value: 1.1.1519303069.1711583282
.tf.media/ Name: _clck
Value: 1lq7dkg%7C2%7Cfkf%7C0%7C1547
.tf.media/ Name: _fbp
Value: fb.1.1711583282056.837885717
.tf.media/ Name: _ga_MWE46F19LM
Value: GS1.1.1711583282.1.0.1711583282.0.0.0
.tf.media/ Name: _ga
Value: GA1.1.603131399.1711583282
.tf.media/ Name: _ga_PC2TQ5FC02
Value: GS1.1.1711583282.1.0.1711583282.60.0.0
.tf.media/ Name: _clsk
Value: 135len3%7C1711583282366%7C1%7C1%7Cn.clarity.ms%2Fcollect
service.force.com/ Name: CookieConsentPolicy
Value: 0:0
service.force.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:0
.force.com/ Name: BrowserId_sec
Value: cx9M6OyUEe60em1lbkwN4Q
.bing.com/ Name: MUID
Value: 339C04C507DA6C690537108A06646D3B
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 339C04C507DA6C690537108A06646D3B
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 339C04C507DA6C690537108A06646D3B
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
vhtstudios.file.force.com/ Name: CookieConsentPolicy
Value: 0:1
vhtstudios.file.force.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1

47 Console Messages

Source Level URL
Text
recommendation verbose URL: https://ccvt.tf.media/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/230469054215394?v=2.9.151&r=stable&domain=ccvt.tf.media&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ccvt.tf.media/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
c.bing.com
c.clarity.ms
ccvt.tf.media
connect.facebook.net
d.la1-core1.sfdc-lywfpd.salesforceliveagent.com
fonts.googleapis.com
fonts.gstatic.com
media.hd.pics
n.clarity.ms
service.force.com
stats.g.doubleclick.net
vhtstudios.file.force.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.110.33.130
13.110.33.2
20.110.205.119
2001:4860:4802:32::181
2603:1062:10:25::1
2606:4700::6813:fe12
2606:4700::6813:ff12
2607:f8b0:4004:c06::9c
2607:f8b0:4006:80f::2003
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81f::200a
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::200e
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.226.36.51
52.184.204.244
52.42.129.124
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
0aaecdb49b7ad159584f6a8f15f853074b0f46e6a6c429558b8379f8cfb48ac4
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
15882b29fd6e5c847048a8276905a4c27c6c2d110d05a69368f0e72070e4c953
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
39e6a63d050b8bb3711d01e3748868bcc8cfa4fef9ceca0194081993d1c08576
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
3d021a48acc03b7693e91fa0b445e168fa768424fef3e5fb23ee28a130fcfe67
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4d73381ec9daafb1316b5893bb3c0c7e57241c074ac1fd4497c2e7daa81f34b6
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
6b753820a29fb628e04ffc1575d021784206b8a70280fd463454236255201846
6d3672e3f509fa5499fe8bb9092ea7b0c71236f56fa62a7be69365b02394b1a5
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
7b48ce291431c5d47bcbe5b8bea24b0bc508c923ccb89d7d9c4669f1772609dd
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7e0e91d91d071c3f8faf2ffb72c84f4725401d0f10c289bf20821c93146f784f
81fd4d56475d76a56fb9a31862769931e4a4f52353721a1c9c6cc7e23a15edcb
83a0e2de6d6409d931714b68400e2b967ffbc7e0efe827f8828a7d148232a5d7
8673e287663728261bf3d006be23980775ec20703085570c3afbfa2ff2dfaaaf
8eade09a5da8a542b96001c4b0d3b914ee3d735af46ef1a906be2dcae6724498
9812730b50e31c7e628de8399d262f29a0d4acafb373298fe77885cb591b9f1c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ac11e55c1532c37b70ca15ba2f28ae1f83d3ced8f2efd138596d2afe6518ae06
b1d83fa1360d88507e23b4c01e3334853cad86649f816d1cbe161aecae5de8a3
b461b1c67e5e642949e488803c8ce1c4cbc81d967c81edefc7c3c8ff9ad710af
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
bdc3891c2b71c559efe6295f8b23b468199c35efc5c97900412ef0101832cdc5
beb761a0aff595ec9fa0d76354a16f4455fd3a5c827a3a2a881af72bf33778b3
bf354965677b47f35fa268c1f4b89c44738e46c9d54db964ae85ebd4f05fc048
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
dea306b5b720da9e4c71248463ca12df3c39720c11620db0909cfbae5b3cc1e6
e0fdd8b2603313b0143c28ed5e09486be51443a0220fa7ad857cb5c6205177eb
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548c9960f1b4be2430f955d79df4b9460341d7c3c2be4344f198ccd11476156
e5c0461babf99cb1b31f9558989ef8d8378c11258fb92b8c242f88319d75f973
e71a7962b4ca56c89ec1c5a3e06e86fda743e8a6b0379d4d5e9770df8de6d79a
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
f5015953a20976fd8847b9c986f98007254a5fdafb890a90e3d29f56c5e3f15b
f7d9d82d72f6270a7a226a94d01559b4ab3abbc4107f2f321e20518823809a28
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e