pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev Open in urlscan Pro
2606:4700::6812:323  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/	163 KB 163 KB	442ms 343ms	Document text/html	2606:4700::6812:323 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56eb372730ab0a50187b8fd4d471a8215303b3fa253224ab80da3e74a5144bd7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes CF-RAY 89ce4aca4d9c8f36-FRA Connection keep-alive Content-Length 166682 Content-Type text/html Date Tue, 02 Jul 2024 11:28:24 GMT ETag "991da07fd8bd2697399e46140d4747f8" Last-Modified Sat, 29 Jun 2024 09:58:15 GMT Server cloudflare Vary Accept-Encoding
GET H2	200	identify_ce1d8843.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 40 KB	214ms 42ms	Script application/javascript	2.21.20.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.21.20.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-21-20-9.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 69f73f2c date Tue, 02 Jul 2024 11:28:25 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202405211400000ED8D85B2593863F7B9E x-tt-trace-id 00-2405211400000ED8D85B2593863F7B9E-35627ECC8BDAE6EF-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-51-23-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01ccb90ac94d192b5fd8226e8c369cf711cbfad6a36cc8e381f86823362faef40f607e18da6e4ce45d44370858b669c20272bc0056b26167dd6df11c1445703d34004aa9514ce24005f7f776df0d572f250216272e426f770c6f3e089057cae5ed server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2 content-length 39883
GET H2	200	main.MTRjNGQxOTc5MQ.js Show response analytics.tiktok.com/i18n/pixel/static/	344 KB 98 KB	273ms 102ms	Script application/javascript	2.21.20.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTRjNGQxOTc5MQ.js Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.21.20.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-21-20-9.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c652350ffa6e00cab3c353b810bb42bcf3125f7a03a7c001a2d12ea2d71b8446 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 69f73f2d date Tue, 02 Jul 2024 11:28:25 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2024061711143458DB852DC466CA04A02F x-tt-trace-id 00-24061711143458DB852DC466CA04A02F-44CEF6D2CB7F361B-00 vary Accept-Encoding x-cache TCP_HIT from a23-51-23-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 019a1a26ae9324f061508dbf41bdb400b62bfc92cd45baa53296172dcfa09ccdac1572d576c08a1d8b0ebe78b1e2295f7fe9b14f310e4de6b5b28521c9e8452d7b6961a8c12a759b68f12e4048e7ec23a9b4b25b94c926a3affc7c9d9b62a421e2 server-timing cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=19 content-length 100131
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	211ms 161ms	Script application/javascript	2.21.20.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJFISTJC77U5E795OENG&lib=ttq Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.21.20.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-21-20-9.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 60cc75798436c248d750e524784386931f38f74bde86cc692eb874fe2f687553 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 3bbf088.69f73f2e date Tue, 02 Jul 2024 11:28:25 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240702112825B116AE837BEA36748183-1CB24C93407634C7-00 x-cache TCP_MISS from a23-51-23-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) x-parent-response-time 95,23.51.23.73 server-timing cdn-cache; desc=MISS, edge; dur=82, origin; dur=13, inner; dur=3 content-length 1969 pragma no-cache server nginx x-tt-logid 20240702112825B116AE837BEA36748183 x-cache-remote TCP_MISS from a104-114-72-12.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 13,104.114.72.12 x-tt-trace-host 01156224e979bd44ec8a2e13a1dd5d2b490253bc0d0a22315aa01830c022874b5dd5db296620c21a21e3a920f8187b76fcf6609b211a99810ef8ab25c1bec839eda59c49554ecc517dc8f1a5db27bb541d10471e4499044454dbc934985025c81b040c7b54064e9341a33aa5000878b787 expires Tue, 02 Jul 2024 11:28:25 GMT
GET H2	200	813852727018572 Show response connect.facebook.net/signals/config/	60 KB 12 KB	330ms 142ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/813852727018572?v=2.9.158&r=stable&domain=portal.thecourierguy.co.za&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a594be4bb658ea369b4124867fe2fb7314cc9e17d20224fe84465dcea62c1a5f Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 02 Jul 2024 11:28:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=41, rtx=0, c=28, mss=1297, tbw=63803, tp=-1, tpl=-1, uplat=57, ullat=0 pragma public x-fb-debug JPtXr7c0JvuMq0tnHDelZ3jXwpdpiWJvD2Fd+Qxyjc/Le+799g3jhASsp5fiYK+6q6ATjh7+sSnpL8zWEzgaPQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	221 KB 59 KB	238ms 51ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 02 Jul 2024 11:28:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58251 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=37, rtx=0, c=12, mss=1297, tbw=2828, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug SVW5ioWZywSEQ8iNMGvEYwRUSHiBSpYY+SCYRVoUDkbY+O12Qy0zQkxSTyNj4+LX40UE8QmyBUrVRvPs2WJVPA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	hotjar-3845526.js Show response static.hotjar.com/c/	9 KB 4 KB	228ms 42ms	Script application/javascript	18.66.102.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3845526.js?sv=7 Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-11.fra56.r.cloudfront.net Software / Resource Hash bba22f11c1fd2389f5ebb58d26daf9d1109fe1648d445b3791ec6abef0b132e3 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 11:27:53 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 32 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/f21c67d8cb6e14159d759b6119c3be4f vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 x-amz-cf-id gD-T-G-QxTwkB1Utlwpp48HSB-BzMx-CxDqnaLDOC7eOowVu_FIPHQ==
GET H2	200	js Show response www.googletagmanager.com/gtag/	324 KB 106 KB	320ms 133ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-YSSLKN609T&l=dataLayer&cx=c Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d6f3404de84e2914b41e378ff82fff964c9d36161a3721d76d2a288dc76577a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 11:28:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 108672 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 02 Jul 2024 11:28:25 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	305 KB 101 KB	329ms 142ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=G-H6ZR9QHC6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2a7b00877447d0d0db1e60eb1d11d38b2ccd02f9127582eb367d1783c85127e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 11:28:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 103490 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 02 Jul 2024 11:28:25 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	246 KB 84 KB	244ms 71ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N6Q2L78&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7128b04acbcbb812f6a897552c004370fa7464088ceab3cb877a16d304897299 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 11:28:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85793 x-xss-protection 0 last-modified Tue, 02 Jul 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 02 Jul 2024 11:28:25 GMT
GET H/1.1	404 Not Found	main.ad300ac0.js pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/static/js/	0 0	328ms 301ms	Script text/html	2606:4700::6812:323 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/static/js/main.ad300ac0.js Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 02 Jul 2024 11:28:25 GMT Server cloudflare Connection keep-alive CF-RAY 89ce4acd8b1d2c2a-FRA Content-Length 27242 Vary Accept-Encoding Content-Type text/html
GET H/1.1	200 OK	main.css pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/files/	98 KB 99 KB	207ms 149ms	Stylesheet text/css	2606:4700::6812:323 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/files/main.css Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 187305b5a8c4f0e00b8b1ef5ace8d7b1929068109767404e0161a4551d22e862 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 02 Jul 2024 11:28:25 GMT Last-Modified Sat, 29 Jun 2024 09:58:24 GMT Server cloudflare ETag "0076222f6b1f37ea799ee3f7e5047f7e" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes CF-RAY 89ce4accea458f36-FRA Content-Length 100855
GET H2	200	modules.d7e8b7276297041c77dc.js Show response script.hotjar.com/	223 KB 55 KB	846ms 123ms	Script application/javascript	13.227.219.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.d7e8b7276297041c77dc.js Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-71.ams54.r.cloudfront.net Software / Resource Hash 5386276d7b39f169894ac43f599ff63b5b8dbe70545e243dd30315367f227edf Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 14:14:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 1286060 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56173 last-modified Mon, 17 Jun 2024 14:13:59 GMT etag "6450b6d7fa3e5db2598f02650685bdec" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id oQLdsz_Ca3wg2Ou-XzRp7p013OOY2MlaVbhmj9cQ2mm216M9-5vXEw==
GET H/1.1	200 OK	chunk.css pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/files/	3 KB 3 KB	508ms 424ms	Stylesheet text/css	2606:4700::6812:323 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/files/chunk.css Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42c073d078b09b0a5f87da009855bd18f2e8962ba6f93390231fa8a5582d5fd3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 02 Jul 2024 11:28:25 GMT Last-Modified Sat, 29 Jun 2024 09:58:22 GMT Server cloudflare ETag "b37a21c06427c46cea765c11b8e42f25" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes CF-RAY 89ce4acd0c012c04-FRA Content-Length 2665
GET H2	200	css fonts.googleapis.com/	16 KB 1 KB	216ms 52ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Origin https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 02 Jul 2024 11:28:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 02 Jul 2024 10:53:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 02 Jul 2024 11:28:25 GMT
GET H/1.1	200 OK	logo.png pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/files/	27 KB 27 KB	143ms 132ms	Image image/png	2606:4700::6812:323 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/files/logo.png Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26d48bd3c5369cfd91446b80db4017b59a96c5c6c04e56a6ed92e245a4960e90 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 02 Jul 2024 11:28:25 GMT Last-Modified Sat, 29 Jun 2024 09:58:22 GMT Server cloudflare ETag "0eaa9a807bcf371336f4f69bce75d46a" Vary Accept-Encoding Content-Type image/png Connection keep-alive Accept-Ranges bytes CF-RAY 89ce4ace7cce8f36-FRA Content-Length 27142
GET H2	200	TCG_HOME_Once-Off_Illustration.png wp-admin.thecourierguy.co.za/wp-content/uploads/2022/08/	57 KB 57 KB	1878ms 405ms	Image image/png	13.244.159.149 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://wp-admin.thecourierguy.co.za/wp-content/uploads/2022/08/TCG_HOME_Once-Off_Illustration.png Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.244.159.149 Cape Town, South Africa, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-244-159-149.af-south-1.compute.amazonaws.com Software nginx / Resource Hash 93cebacd70d6c0af8834052e9ec26c3905178b9594b171d9d47c9e51a08b4bb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 11:28:26 GMT x-content-type-options nosniff last-modified Wed, 31 May 2023 16:20:10 GMT server nginx etag "647773ba-e290" content-type image/png accept-ranges bytes content-length 58000 x-xss-protection 1; mode=block
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	221 KB 0	0ms 0ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff date Tue, 02 Jul 2024 11:28:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58251 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=37, rtx=0, c=12, mss=1297, tbw=2828, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug SVW5ioWZywSEQ8iNMGvEYwRUSHiBSpYY+SCYRVoUDkbY+O12Qy0zQkxSTyNj4+LX40UE8QmyBUrVRvPs2WJVPA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	516ms 46ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 12:59:20 GMT x-content-type-options nosniff age 426546 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jun 2025 12:59:20 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	324 KB 0	1ms 0ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-YSSLKN609T&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6Q2L78&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d6f3404de84e2914b41e378ff82fff964c9d36161a3721d76d2a288dc76577a1 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 11:28:25 GMT content-encoding br server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 108672 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 02 Jul 2024 11:28:25 GMT
GET H2	200	hotjar-3845526.js Show response static.hotjar.com/c/	9 KB 0	2ms 2ms	Script application/javascript	18.66.102.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3845526.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6Q2L78&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-11.fra56.r.cloudfront.net Software / Resource Hash bba22f11c1fd2389f5ebb58d26daf9d1109fe1648d445b3791ec6abef0b132e3 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 11:27:53 GMT content-encoding br x-content-type-options nosniff via 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 32 etag W/f21c67d8cb6e14159d759b6119c3be4f vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id gD-T-G-QxTwkB1Utlwpp48HSB-BzMx-CxDqnaLDOC7eOowVu_FIPHQ==
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	179ms 136ms	Script application/javascript	2.21.20.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJFISTJC77U5E795OENG&lib=ttq Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.21.20.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-21-20-9.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 707364ac0a837fa0f2420d3648eab0d056143266ae4cc78f41596d5d75a23170 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id f2a195a2.69f7425a date Tue, 02 Jul 2024 11:28:25 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24070211282527A13A33317688CD3AC9-546C8A7E467666FC-00 x-cache TCP_MISS from a23-51-23-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) x-parent-response-time 95,23.51.23.73 server-timing cdn-cache; desc=MISS, edge; dur=86, origin; dur=9, inner; dur=5 content-length 1970 pragma no-cache server nginx x-tt-logid 2024070211282527A13A33317688CD3AC9 x-cache-remote TCP_MISS from a23-48-200-10.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 9,23.48.200.10 x-tt-trace-host 01156224e979bd44ec8a2e13a1dd5d2b49b03299a20e87b7eea9435772d8a2a85464b326189d938a134b8a55e1ca8571cf478f1b9d7996c81f0e3c4b52612eaa1f12bb0dd2150a8618a75315f9542997f304192da5977ff0d140779d900670d82a0291b63ff49c5a2bf1e2389d1bf5374a expires Tue, 02 Jul 2024 11:28:25 GMT
GET H2	200	813852727018572 Show response connect.facebook.net/signals/config/	60 KB 12 KB	137ms 136ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/813852727018572?v=2.9.159&r=stable&domain=pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a594be4bb658ea369b4124867fe2fb7314cc9e17d20224fe84465dcea62c1a5f Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 02 Jul 2024 11:28:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=47, rtx=1, c=72, mss=1297, tbw=76682, tp=-1, tpl=-1, uplat=98, ullat=0 pragma public x-fb-debug 7eIvINzsorYm7gYJ70urNkEsx8qQ88vcq0XgiEg1eWV0waO5mwfmq55T4wgDBNB+4TFigTK8WKhj5mgNe4g+dg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 0	411ms 73ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-YSSLKN609T&gtm=45je46q0v9164947838z8893583155za200zb893583155&_p=1719919705140&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=110265670.1719919706&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719919705&sct=1&seg=0&dl=https%3A%2F%2Fpub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev%2Findex.html&dt=The%20Courier%20Guy&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1186&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YSSLKN609T&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 02 Jul 2024 11:28:26 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	modules.e4b2dc39f985f11fb1e4.js Show response script.hotjar.com/	223 KB 56 KB	343ms 73ms	Script application/javascript	13.227.219.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3845526.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-71.ams54.r.cloudfront.net Software / Resource Hash 619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:11:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 46293c8f7848e2378b777a1f48183614.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 98239 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56291 last-modified Mon, 01 Jul 2024 08:10:34 GMT etag "ca025d2d8ae4b3dc51e058b782590501" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id SYIuymw7tOUg8KV9-pergRsTWUkE8rXGrgra7NI5XqVC_Pg5WqRKoA==
GET H2	200	main.MTZkNWZlYWU4MQ.js Show response analytics.tiktok.com/i18n/pixel/static/	344 KB 99 KB	41ms 41ms	Script application/javascript	2.21.20.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJFISTJC77U5E795OENG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.21.20.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-21-20-9.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 6745fb1d61fceb170d42e79732d55e9a9f8259b027ba0ee9ed76b83811136f92 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 69f74330 date Tue, 02 Jul 2024 11:28:25 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240627153450CDFE680EE0298A6251B6 x-tt-trace-id 00-240627153450CDFE680EE0298A6251B6-1BF47C246E64BE75-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-51-23-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01efd2d244b7532252a8aa4e323f82889822536b5b11857cf4e6338029d9c1f3339e30acb0b82dbf896e4416942ce340463887ff9612724ae127904bf2f9f0b70c9704b467946814b7ce62dd9cebd3f8ca8cecec728c2d2c0a7a7fc2c1763a9dde server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2 content-length 100291
GET H2	200	/ www.facebook.com/tr/	0 274 B	298ms 40ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=813852727018572&ev=PageView&dl=https%3A%2F%2Fpub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev%2Findex.html&rl=&if=false&ts=1719919706089&sw=1600&sh=1200&v=2.9.159&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.2.1719919706076.440083272672403869&ler=empty&cdl=API_unavailable&it=1719919705702&coo=false&rqm=GET Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2821, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 02 Jul 2024 11:28:26 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	511ms 254ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=813852727018572&ev=PageView&dl=https%3A%2F%2Fpub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev%2Findex.html&rl=&if=false&ts=1719919706089&sw=1600&sh=1200&v=2.9.159&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.2.1719919706076.440083272672403869&ler=empty&cdl=API_unavailable&it=1719919705702&coo=false&rqm=FGET Requested by Host: pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xef611dbb143bffaa","source_keys":["1","2"]},{"key_piece":"0x16c0286ffe2424bb","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Tue, 02 Jul 2024 11:28:26 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7386998890854718161", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=39, rtx=0, c=17, mss=1297, tbw=3139, tp=-1, tpl=-1, uplat=175, ullat=0 pragma no-cache x-fb-debug GdbHuW2sCF3PqWSdyd07RUe+/Ujf/vidvUrwYs+/hyBs00+4hWBCapr7kuG9oUlEetGb4VwVRQ3fL8wcz9YsYg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7386998890854718161"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	identify_ce1d8843.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 0	31ms 31ms	Script application/javascript	2.21.20.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.21.20.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-21-20-9.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 69f73f2c date Tue, 02 Jul 2024 11:28:25 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202405211400000ED8D85B2593863F7B9E x-tt-trace-id 00-2405211400000ED8D85B2593863F7B9E-35627ECC8BDAE6EF-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-51-23-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01ccb90ac94d192b5fd8226e8c369cf711cbfad6a36cc8e381f86823362faef40f607e18da6e4ce45d44370858b669c20272bc0056b26167dd6df11c1445703d34004aa9514ce24005f7f776df0d572f250216272e426f770c6f3e089057cae5ed server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2 content-length 39883
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 842 B	451ms 451ms	Ping text/plain	2.21.20.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.21.20.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-21-20-9.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 7065466.69f74604 date Tue, 02 Jul 2024 11:28:26 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240702112826244225B952C4C576AD78-3322C77063B5EC8D-00 x-cache TCP_MISS from a23-51-23-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) x-parent-response-time 406,23.51.23.73 server-timing cdn-cache; desc=MISS, edge; dur=95, origin; dur=317, inner; dur=313 content-length 0 pragma no-cache server nginx x-tt-logid 20240702112826244225B952C4C576AD78 x-cache-remote TCP_MISS from a23-220-107-203.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 318,23.220.107.203 x-tt-trace-host 01156224e979bd44ec8a2e13a1dd5d2b490c01a7be563005c901478103439b1af9b575bd4bc029d33c35080fff39726d5d0a8ff48df2f620857a27e7aa17e52e471dce9a7cd89c4f66cf911a1e3687ae42248c1fef1c72cfd2d8f664a4851a772031efad1157a1ca5c42546ce8888d6963 access-control-allow-headers Authorization,* expires Tue, 02 Jul 2024 11:28:26 GMT
GET H2	204	3845526 Show response vc.hotjar.io/sessions/	0 232 B	199ms 70ms	XHR text/plain	18.66.112.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/3845526?s=0.25&r=0.05245006465776059 Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.15 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-15.fra56.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Tue, 02 Jul 2024 11:28:26 GMT cache-control no-store via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id cYWXx2ky0E-pcxBJ0YQQF6s1MIikXtfhFlIZTo2FusqrQSBp5YQ_3g== x-cache Miss from cloudfront
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 841 B	200ms 200ms	Ping text/plain	2.21.20.9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.21.20.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-21-20-9.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id d6384517.69f74764 date Tue, 02 Jul 2024 11:28:26 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2407021128262C0E4701765708C286FF-6F81CA353D5A7833-00 x-cache TCP_MISS from a23-51-23-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) x-parent-response-time 136,23.51.23.73 server-timing cdn-cache; desc=MISS, edge; dur=92, origin; dur=49, inner; dur=45 content-length 0 pragma no-cache server nginx x-tt-logid 202407021128262C0E4701765708C286FF x-cache-remote TCP_MISS from a23-48-200-208.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 49,23.48.200.208 x-tt-trace-host 01156224e979bd44ec8a2e13a1dd5d2b49b03299a20e87b7eea9435772d8a2a8546dbed5435658ce600d79a83f044cfa6bca4c52308474b82ff63e925565aa336b2aa1ba8daccd2aabefaed009203536d58e4bc53f3e8bc383eaedc4d82c74da7b99502c6fc1acc99c4543a5144bd3ae8d access-control-allow-headers Authorization,* expires Tue, 02 Jul 2024 11:28:26 GMT
GET H/1.1	200 OK	favicon.png pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/files/	3 KB 3 KB	180ms 174ms	Other image/png	2606:4700::6812:323 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/files/favicon.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68b6633d1a1e518c52844b32531c25c08c809894f55a140acb0d3adabf4bf710 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/index.html Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 02 Jul 2024 11:28:27 GMT Last-Modified Sat, 29 Jun 2024 09:58:22 GMT Server cloudflare ETag "2ea2e719393d38f90e6632396882195c" Vary Accept-Encoding Content-Type image/png Connection keep-alive Accept-Ranges bytes CF-RAY 89ce4adbe96d2c04-FRA Content-Length 2911

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| dataLayer object| hjSiteSettings function| hj function| hjBootstrap object| hjLazyModules function| fbq function| _fbq object| google_tag_manager object| google_tag_data object| _hjSettings string| TiktokAnalyticsObject object| ttq function| addAriaLabelToSocialIcons function| onYouTubeIframeAPIReady object| gaGlobal object| hjBootstrapCalled object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tiktok.com/	1970-01-21 07:06:55	Name: _ttp Value: 2igker3VjLoQEgyhe0wykIYH58s
			.pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/	1970-01-21 07:21:19	Name: _ga Value: GA1.1.110265670.1719919706
			.pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/	1970-01-21 07:21:19	Name: _ga_YSSLKN609T Value: GS1.1.1719919705.1.0.1719919705.0.0.0
			.pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/	1970-01-20 23:54:55	Name: _fbp Value: fb.2.1719919706076.440083272672403869
			.pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/	1970-01-21 07:06:55	Name: _tt_enable_cookie Value: 1
			.pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/	1970-01-21 07:06:55	Name: _ttp Value: viWKR0VhRhfN5bok4WWEfcxKls0
			.pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/	1970-01-21 06:30:55	Name: _hjSessionUser_3845526 Value: eyJpZCI6Ijk0MDU1ZTNhLTFmY2MtNTMzMS1hOWIxLTJiY2QxMDllZWFjYyIsImNyZWF0ZWQiOjE3MTk5MTk3MDYzMzUsImV4aXN0aW5nIjpmYWxzZX0=
			.pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/	1970-01-20 21:45:21	Name: _hjSession_3845526 Value: eyJpZCI6IjQ2YjNkNzY2LTMyMTYtNGI3Ny1iMGY0LWRmMGZiN2JhZDdkOSIsImMiOjE3MTk5MTk3MDYzMzYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev/static/js/main.ad300ac0.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
pub-47d7a88b1b5843568e20b4e30f3b9ed0.r2.dev
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
vc.hotjar.io
wp-admin.thecourierguy.co.za
www.facebook.com
www.googletagmanager.com
13.227.219.71
13.244.159.149
18.66.102.11
18.66.112.15
2.21.20.9
2001:4860:4802:32::36
2606:4700::6812:323
2a00:1450:4001:827::2008
2a00:1450:4001:829::2003
2a00:1450:4001:830::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
187305b5a8c4f0e00b8b1ef5ace8d7b1929068109767404e0161a4551d22e862
26d48bd3c5369cfd91446b80db4017b59a96c5c6c04e56a6ed92e245a4960e90
2a7b00877447d0d0db1e60eb1d11d38b2ccd02f9127582eb367d1783c85127e0
42c073d078b09b0a5f87da009855bd18f2e8962ba6f93390231fa8a5582d5fd3
5386276d7b39f169894ac43f599ff63b5b8dbe70545e243dd30315367f227edf
56eb372730ab0a50187b8fd4d471a8215303b3fa253224ab80da3e74a5144bd7
60cc75798436c248d750e524784386931f38f74bde86cc692eb874fe2f687553
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
6745fb1d61fceb170d42e79732d55e9a9f8259b027ba0ee9ed76b83811136f92
68b6633d1a1e518c52844b32531c25c08c809894f55a140acb0d3adabf4bf710
707364ac0a837fa0f2420d3648eab0d056143266ae4cc78f41596d5d75a23170
7128b04acbcbb812f6a897552c004370fa7464088ceab3cb877a16d304897299
93cebacd70d6c0af8834052e9ec26c3905178b9594b171d9d47c9e51a08b4bb4
a594be4bb658ea369b4124867fe2fb7314cc9e17d20224fe84465dcea62c1a5f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bba22f11c1fd2389f5ebb58d26daf9d1109fe1648d445b3791ec6abef0b132e3
c652350ffa6e00cab3c353b810bb42bcf3125f7a03a7c001a2d12ea2d71b8446
d6f3404de84e2914b41e378ff82fff964c9d36161a3721d76d2a288dc76577a1
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d