thanksforvisiting.com Open in urlscan Pro
104.154.194.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thehostinghotline.com/
Effective URL:
https://thanksforvisiting.com/hosting-hotline
Submission: On June 09 via api (June 9th 2024, 1:13:27 am UTC) from JP — Scanned from JP

Summary HTTP 32 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 32 HTTP transactions. The main IP is 104.154.194.33, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is thanksforvisiting.com.
TLS certificate: Issued by R3 on May 12th 2024. Valid for: 3 months.

This is the only time thanksforvisiting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.185.159.145 198.185.159.145	53831 (SQUARESPACE) (SQUARESPACE)
1 1	198.185.159.144 198.185.159.144	53831 (SQUARESPACE) (SQUARESPACE)
2 3	104.154.194.33 104.154.194.33	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2404:6800:400... 2404:6800:400a:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:818::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:400a:80c::200a	15169 (GOOGLE) (GOOGLE)
3	18.65.168.39 18.65.168.39	16509 (AMAZON-02) (AMAZON-02)
2	178.79.186.198 178.79.186.198	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
5	52.205.62.94 52.205.62.94	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f00... 2a03:2880:f00f:104:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2404:6800:400... 2404:6800:400a:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:400a:80e::2003	15169 (GOOGLE) (GOOGLE)
8	65.9.42.6 65.9.42.6	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f10... 2a03:2880:f10f:187:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
32	13

1 198.185.159.145 (United States) 1 redirects

ASN53831 (SQUARESPACE, US)

thehostinghotline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.185.159.144 (United States) 1 redirects

ASN53831 (SQUARESPACE, US)

hostinghotline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.154.194.33 (Council Bluffs, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.194.154.104.bc.googleusercontent.com

www.thanksforvisiting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thanksforvisiting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80e::2008 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:818::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80c::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.168.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-168-39.nrt57.r.cloudfront.net

lib.showit.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.79.186.198 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li355-198.members.linode.com

www.speakpipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.205.62.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-62-94.compute-1.amazonaws.com

t.thanksforvisiting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:104:face:b00c:0:3 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:80e::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:400a:80e::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.42.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-6.nrt12.r.cloudfront.net

static.showit.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:187:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	showit.co lib.showit.co — Cisco Umbrella Rank: 85980 static.showit.co — Cisco Umbrella Rank: 70156	9 MB
8	thanksforvisiting.com 2 redirects www.thanksforvisiting.com thanksforvisiting.com t.thanksforvisiting.com	66 KB
3	gstatic.com fonts.gstatic.com	29 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65	312 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	73 KB
2	speakpipe.com www.speakpipe.com — Cisco Umbrella Rank: 358673	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70 ajax.googleapis.com — Cisco Umbrella Rank: 461	32 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 260	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	104 KB
1	hostinghotline.com 1 redirects hostinghotline.com	179 B
1	thehostinghotline.com 1 redirects thehostinghotline.com	163 B
32	12

	Domain	Requested by
8	static.showit.co	thanksforvisiting.com
5	t.thanksforvisiting.com	thanksforvisiting.com t.thanksforvisiting.com
3	fonts.gstatic.com	fonts.googleapis.com
3	lib.showit.co	thanksforvisiting.com
2	www.facebook.com	thanksforvisiting.com
2	www.google-analytics.com	www.googletagmanager.com t.thanksforvisiting.com
2	connect.facebook.net	thanksforvisiting.com connect.facebook.net
2	www.speakpipe.com	thanksforvisiting.com
2	www.thanksforvisiting.com	2 redirects
1	ajax.googleapis.com	thanksforvisiting.com
1	cdnjs.cloudflare.com	thanksforvisiting.com
1	fonts.googleapis.com	thanksforvisiting.com
1	www.googletagmanager.com	thanksforvisiting.com
1	thanksforvisiting.com
1	hostinghotline.com	1 redirects
1	thehostinghotline.com	1 redirects
32	16

This site contains links to these domains. Also see Links.

Domain
www.thanksforvisiting.me
pod.link
www.instagram.com
www.youtube.com
www.pinterest.com
www.facebook.com
www.canva.com
byariel.co

Subject Issuer	Validity	Valid
thanksforvisiting.com R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.showit.com Amazon RSA 2048 M02	`2023-07-11` - `2024-08-08`	a year	crt.sh
speakpipe.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-02` - `2025-02-01`	a year	crt.sh
t.thanksforvisiting.com R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-18` - `2024-06-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://thanksforvisiting.com/hosting-hotline
Frame ID: 9D2E20DE4977DAFC1C3236D4A6C78C89
Requests: 29 HTTP requests in this frame

Frame: https://www.speakpipe.com/widget/inline/6j6o4pqcuhmrfjxkljk034kumcpe2mhv
Frame ID: 715FEDAD21A9BEC11ECFD6C86D3C6335
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hosting Hotline

Page URL History Show full URLs

http://thehostinghotline.com/ HTTP 307
https://thehostinghotline.com/ HTTP 301
http://hostinghotline.com/ HTTP 307
https://hostinghotline.com/ HTTP 301
http://www.thanksforvisiting.com/hosting-hotline HTTP 307
https://www.thanksforvisiting.com/hosting-hotline HTTP 301
https://thanksforvisiting.com/hosting-hotline HTTP 307
http://www.thanksforvisiting.com/hosting-hotline HTTP 301
http://thanksforvisiting.com/hosting-hotline HTTP 307
https://thanksforvisiting.com/hosting-hotline Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

47 %
IPv6

12
Domains

16
Subdomains

13
IPs

5
Countries

10006 kB
Transfer

10898 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thanksforvisiting.me/login
Title: member sign-in

Search URL Search Domain Scan URL

URL: https://pod.link/thanksforvisiting

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thanksforvisiting_/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCdAqMyNIw-0gRDH-2Rpe89Q

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/thanksforvisiting_/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thanksforvisitingpodcast

Search URL Search Domain Scan URL

URL: https://www.canva.com/design/DAFyeP3b11E/-ztDtYOyE3q3OMo9mR0WEA/view?utm_content=DAFyeP3b11E&utm_campaign=designshare&utm_medium=link&utm_source=editor
Title: SPONSOR THANKS FOR VISITING

Search URL Search Domain Scan URL

URL: https://byariel.co/
Title: site credit

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thehostinghotline.com/ HTTP 307
https://thehostinghotline.com/ HTTP 301
http://hostinghotline.com/ HTTP 307
https://hostinghotline.com/ HTTP 301
http://www.thanksforvisiting.com/hosting-hotline HTTP 307
https://www.thanksforvisiting.com/hosting-hotline HTTP 301
https://thanksforvisiting.com/hosting-hotline HTTP 307
http://www.thanksforvisiting.com/hosting-hotline HTTP 301
http://thanksforvisiting.com/hosting-hotline HTTP 307
https://thanksforvisiting.com/hosting-hotline Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request hosting-hotline Show response
thanksforvisiting.com/
Redirect Chain

http://thehostinghotline.com/
https://thehostinghotline.com/
http://hostinghotline.com/
https://hostinghotline.com/
http://www.thanksforvisiting.com/hosting-hotline
https://www.thanksforvisiting.com/hosting-hotline
https://thanksforvisiting.com/hosting-hotline
http://www.thanksforvisiting.com/hosting-hotline
http://thanksforvisiting.com/hosting-hotline
https://thanksforvisiting.com/hosting-hotline

127 KB
16 KB

192ms
191ms

Document
text/html

104.154.194.33
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.154.194.33 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 33.194.154.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: d6f82bf0a7c51527468a3bf5902eb963b996cb4de0bdbc1c6d8944fce03ce741

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 09 Jun 2024 01:13:21 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 15
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

Location: https://thanksforvisiting.com/hosting-hotline
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
104 KB 123ms
53ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TGFGRZYVJ6

Requested by

Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7bd10cdc0ad157baa03fc3e4ca74bfd7f23f331686aea75c9e0efba96c9fdba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 01:13:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106071
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 09 Jun 2024 01:13:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
974 B 95ms
44ms Stylesheet
text/css 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Red+Rose:regular|Poppins:500|Poppins:regular

Requested by

Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

538f0cb1df3bf7375873888f510ced2ab71133dade3180556bcdee359153fec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jun 2024 01:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 01:13:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jun 2024 01:13:21 GMT

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/ 54 KB
4 KB 24ms
15ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/animate.min.css

Requested by

Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 01:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 943817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3203
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-d8e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiJf3mPM0VQ7YGIhmb2SfXNC2MXU0qTHT4zXLfHjrbp8R2YR7SZmG%2Bc5q6nDGLDVUpYJBNsz%2BwNlrEzhqbQWtdme0MMbnjtA2fmX7eKSw4liTT1gnCgsA0yBYNrGCWjsOG8pGNWO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 890d42348ab2e0a8-NRT
expires: Fri, 30 May 2025 01:13:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 83ms
14ms Script
text/javascript 2404:6800:400a:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80c::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 16:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 16:46:08 GMT

GET
H2 200 showit-lib.min.js Show response
lib.showit.co/engine/2.2.4/ 48 KB
16 KB 243ms
2ms Script
application/javascript 18.65.168.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.showit.co/engine/2.2.4/showit-lib.min.js
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.168.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-168-39.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fbefabfa47bb61c9f06346df47554cbd68546f45c9d2d75467584e016d21e1f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 23:17:25 GMT
content-encoding: gzip
via: 1.1 1a66f1841a66beb1461c34f28edb09ee.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 20:45:07 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P1
age: 551917
x-amz-server-side-encryption: AES256
etag: W/"964b2fb6bb83c92996a9d15472852402"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ghsTfGg6REpypTBL207BcPrM4AzmbNC404VHR6gPxXTGX9uHZFF-qw==

GET
H2 200 showit.min.js Show response
lib.showit.co/engine/2.2.4/ 60 KB
21 KB 244ms
4ms Script
application/javascript 18.65.168.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.showit.co/engine/2.2.4/showit.min.js
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.168.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-168-39.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ed2091cec7c26bd484e73a6f4d81b29cd12cd090f88ec47abe4582a1c5a8481

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 18:25:33 GMT
content-encoding: gzip
via: 1.1 1a66f1841a66beb1461c34f28edb09ee.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 20:45:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P1
age: 24469
etag: W/"852e30ac01252640e25d7082e602223f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: kM_JqkP3pKsg7lsEwxHcV8N2MkvJ1yZX9wSYFU7H2JueWZ7BnRovrg==

GET
H2 200 showit.css
lib.showit.co/engine/2.2.4/ 7 KB
3 KB 243ms
3ms Stylesheet
text/css 18.65.168.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.showit.co/engine/2.2.4/showit.css
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.168.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-168-39.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 18:48:57 GMT
content-encoding: gzip
via: 1.1 1a66f1841a66beb1461c34f28edb09ee.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 20:45:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P1
age: 23065
etag: W/"8e74b817a46d3ed438a34b919f7bd280"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: p1Iz7BQNII26G9nnC9HffWbL_gkerM4wRyT5r3ATJ13KJV8CiY1d2g==

GET
H/1.1 200
OK loader.js Show response
www.speakpipe.com/widget/ 6 KB
6 KB 1388ms
241ms Script
application/javascript 178.79.186.198
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.speakpipe.com/widget/loader.js
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.79.186.198 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li355-198.members.linode.com
Software: nginx /
Resource Hash: 0caea231e450a2bdfa04341e70a657140ad98f87eb8dd923a9fcffe1b458c1bb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 09 Jun 2024 01:13:22 GMT
Server: nginx
Vary: Cookie
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 5791
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 universal-script Show response
t.thanksforvisiting.com/v1/lst/ 47 KB
47 KB 1051ms
353ms Script
text/javascript 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://t.thanksforvisiting.com/v1/lst/universal-script?ph=2729adaae68c560593516ecd65e350ef939d3ea9e45ee9ff71a107e4850caaf5&tag=!clicked&ref_url=https://thanksforvisiting.com/hosting-hotline

Requested by

Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-62-94.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

558f0b582089a9f8a7560236f558269d78ac0621ffef2f23364abf87be1cfb59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 09 Jun 2024 01:13:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Content-Type: text/javascript;charset=ISO-8859-1
Front-End-Https: off
Access-Control-Expose-Headers: Session-ID
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 48169

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 20ms
3ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Jun 2024 01:13:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1297, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: o2ekkUkoWnMKyqPlODrTRNb0HatXgSth4HwzK6eML+DKUf66OGV5/EYOKZfvFRPnbnuUT0XNVvnpZ0/FcLS6Pw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
258 B 106ms
47ms Ping
text/plain 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TGFGRZYVJ6&gtm=45je4650v9166909536za200&_p=1717895601378&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1022873135.1717895602&ul=ja-jp&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717895601&sct=1&seg=0&dl=https%3A%2F%2Fthanksforvisiting.com%2Fhosting-hotline&dt=Hosting%20Hotline&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3798&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGFGRZYVJ6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 01:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thanksforvisiting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 6j6o4pqcuhmrfjxkljk034kumcpe2mhv
www.speakpipe.com/widget/inline/ Frame 715F 0
0 1601ms
306ms Document
text/html 178.79.186.198
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.speakpipe.com/widget/inline/6j6o4pqcuhmrfjxkljk034kumcpe2mhv
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.79.186.198 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li355-198.members.linode.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://thanksforvisiting.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 09 Jun 2024 01:13:23 GMT
Keep-Alive: timeout=20
Server: nginx
Transfer-Encoding: chunked
Vary: Cookie

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 70ms
11ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Rose:regular|Poppins:500|Poppins:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://thanksforvisiting.com
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 17:46:54 GMT
x-content-type-options: nosniff
age: 199587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Jun 2025 17:46:54 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 71ms
12ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Rose:regular|Poppins:500|Poppins:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://thanksforvisiting.com
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 15:22:59 GMT
x-content-type-options: nosniff
age: 35422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 15:22:59 GMT

GET
H2 200 QdVISTYiLBjouPgEUajvsfWwDtc3MH8yrfszdT6t.woff2
fonts.gstatic.com/s/redrose/v20/ 13 KB
14 KB 75ms
17ms Font
font/woff2 2404:6800:400a:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redrose/v20/QdVISTYiLBjouPgEUajvsfWwDtc3MH8yrfszdT6t.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Rose:regular|Poppins:500|Poppins:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa2be7d13ffff13a5ca15fbf384a8f4dd9a3564a2624010af397b454b69c75be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://thanksforvisiting.com
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 21:09:53 GMT
x-content-type-options: nosniff
age: 187408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13716
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:52:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Jun 2025 21:09:53 GMT

GET
H2 200 green_vertical_pattern-left.png
static.showit.co/200/nAzZatI6QumKW8zP-dsVSQ/209946/ 4 KB
4 KB 665ms
473ms Image
image/png 65.9.42.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/200/nAzZatI6QumKW8zP-dsVSQ/209946/green_vertical_pattern-left.png
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-6.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 386ddfd5d30a84b2dafc2a1651c3251eb5e2229f114e4d2097f85c20dd4c337a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 09 Jun 2025 01:13:22 GMT
date: Sun, 09 Jun 2024 01:13:22 GMT
via: 1.1 af457ba15a82a147c22b94a85de74088.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 20:54:07 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
etag: 4e7bb52f3befd4a0b0d618cd0d01c5af
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin
x-amz-cf-id: 4wAkSlz67ZNO09Mfv6iMn_vFPyGxZA86VgHQNpTalLDJusQBmS-MCQ==
content-length: 3993
media-server: node

GET
H2 200 tfv_menu2.gif
static.showit.co/file/7GKxcOTBRl2TKOW0IPZ_9w/209946/ 9 MB
9 MB 773ms
582ms Image
image/gif 65.9.42.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/file/7GKxcOTBRl2TKOW0IPZ_9w/209946/tfv_menu2.gif
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-6.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 79664f3f6faff8e61288c4dd5e5d1609f67843c911d299885325c374d75fc02b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 09 Jun 2025 01:13:22 GMT
date: Sun, 09 Jun 2024 01:13:22 GMT
via: 1.1 af457ba15a82a147c22b94a85de74088.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 21:24:41 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
etag: 6fead18811fb4b5078ae46f92f7ca80f
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin
x-amz-cf-id: bcjzebW5EfchOkre0BpbEBbOFUjFqbSmJ-B7b8jDneQ8CTamDjkgbg==
content-length: 9655700
media-server: node

GET
H2 200 primary_logo_white.svg
static.showit.co/file/CDqLqGQaTrCkk_-kQshEbg/209946/ 10 KB
3 KB 568ms
377ms Image
image/svg+xml 65.9.42.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/file/CDqLqGQaTrCkk_-kQshEbg/209946/primary_logo_white.svg
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-6.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: fffc5fc0758d22c028c5e8acd1b3116a08a3676ec972750cc98aa7b16b77a93a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 01:13:22 GMT
content-encoding: gzip
via: 1.1 af457ba15a82a147c22b94a85de74088.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 18:38:33 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
media-server: node
x-amz-cf-id: 5hsDP0mVgAVsRNiMF8Eo92hL1UKwwwWO6ZnhQdIhBFRMOfTMC-4U6g==
expires: Mon, 09 Jun 2025 01:13:22 GMT

GET
H2 200 tfv_studi12915.jpg
static.showit.co/1200/cldWy9lgR-eLyGxigBpIZg/209946/ 173 KB
174 KB 681ms
490ms Image
image/jpeg 65.9.42.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/1200/cldWy9lgR-eLyGxigBpIZg/209946/tfv_studi12915.jpg
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-6.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 617fbe1e2066027db5ea59bfe054cd87ea96e2c348e0ae8d8cf4c1c77d42e129

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 09 Jun 2025 01:13:22 GMT
date: Sun, 09 Jun 2024 01:13:22 GMT
via: 1.1 af457ba15a82a147c22b94a85de74088.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 18:38:42 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
etag: 227fdc4c401b76a1610af6f86a6ba26e
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin
x-amz-cf-id: vE_uI3v7sByDMschRLWKXDoWmEhAKUnxnC_Qn-xQb3KEWgg6VuPWeA==
content-length: 177361
media-server: node

GET
H2 200 yellow_scallops-downward.png
static.showit.co/1600/B447RJ03S0SY9LJyJr5BIw/209946/ 19 KB
20 KB 647ms
455ms Image
image/png 65.9.42.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/1600/B447RJ03S0SY9LJyJr5BIw/209946/yellow_scallops-downward.png
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-6.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 2f7bc6b95f257252b9f0dc1635aa46b66a981faab8699c144c93daa3b39dfd41

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 09 Jun 2025 01:13:22 GMT
date: Sun, 09 Jun 2024 01:13:22 GMT
via: 1.1 af457ba15a82a147c22b94a85de74088.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 23:25:27 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
etag: 8e04d77fe85b568e43ac2e9678f18e4f
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin
x-amz-cf-id: rwS1QZ9ZivtuVA4c7q8EnwXXbIAXwt4mbPVA1PNPqcJ-lttnQLbJXQ==
content-length: 19608
media-server: node

GET
H2 200 2825721500986575 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 182ms
182ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2825721500986575?v=2.9.157&r=stable&domain=thanksforvisiting.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56c1b833eea2ae7ed5b080376a556216e7939837944af659be330ada2dda9c4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Jun 2024 01:13:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=64, mss=1297, tbw=63455, tp=-1, tpl=-1, uplat=178, ullat=0
pragma: public
x-fb-debug: vT8a5DwO6SW9gtSh1erBsoRNf5gJCxugDigbvJQg12arVS+8vum7syhPOWaRucL5Kc5npAH0n2hZZMX+JJ0FtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 13ms
3ms Image
text/plain 2a03:2880:f10f:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2825721500986575&ev=PageView&dl=https%3A%2F%2Fthanksforvisiting.com%2Fhosting-hotline&rl=&if=false&ts=1717895601951&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717895601942.32900809174210025&cs_est=true&ler=empty&cdl=API_unavailable&it=1717895601717&coo=false&rqm=GET

Requested by

Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=2817, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 09 Jun 2024 01:13:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 177ms
167ms Image
image/png 2a03:2880:f10f:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2825721500986575&ev=PageView&dl=https%3A%2F%2Fthanksforvisiting.com%2Fhosting-hotline&rl=&if=false&ts=1717895601951&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717895601942.32900809174210025&cs_est=true&ler=empty&cdl=API_unavailable&it=1717895601717&coo=false&rqm=FGET

Requested by

Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xeaa926de40930fd4","source_keys":["1","2"]},{"key_piece":"0xd46630d03a8249d6","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 09 Jun 2024 01:13:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=3134, tp=-1, tpl=-1, uplat=163, ullat=0
pragma: no-cache
x-fb-debug: K+wKnd9RD1pd0+ze/0J01WuXEPkH6Xa0g94RtC1Y3YAaqxuKErJzP5lBUjl6KKaPWbl6o1Tmybf3UvVbyokLBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 primary_logo_white.svg
static.showit.co/file/CDqLqGQaTrCkk_-kQshEbg/209946/ 10 KB
0 0ms
0ms Image
image/svg+xml 65.9.42.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/file/CDqLqGQaTrCkk_-kQshEbg/209946/primary_logo_white.svg
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-6.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: fffc5fc0758d22c028c5e8acd1b3116a08a3676ec972750cc98aa7b16b77a93a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 01:13:22 GMT
content-encoding: gzip
via: 1.1 af457ba15a82a147c22b94a85de74088.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 18:38:33 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
media-server: node
x-amz-cf-id: 5hsDP0mVgAVsRNiMF8Eo92hL1UKwwwWO6ZnhQdIhBFRMOfTMC-4U6g==
expires: Mon, 09 Jun 2025 01:13:22 GMT

GET
H2 200 tfv_studi12915.jpg
static.showit.co/1200/cldWy9lgR-eLyGxigBpIZg/209946/ 173 KB
0 0ms
0ms Image
image/jpeg 65.9.42.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.showit.co/1200/cldWy9lgR-eLyGxigBpIZg/209946/tfv_studi12915.jpg
Requested by: Host: thanksforvisiting.com
URL: https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-6.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 617fbe1e2066027db5ea59bfe054cd87ea96e2c348e0ae8d8cf4c1c77d42e129

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 09 Jun 2025 01:13:22 GMT
date: Sun, 09 Jun 2024 01:13:22 GMT
via: 1.1 af457ba15a82a147c22b94a85de74088.cloudfront.net (CloudFront)
last-modified: Mon, 20 May 2024 18:38:42 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
etag: 227fdc4c401b76a1610af6f86a6ba26e
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin
x-amz-cf-id: vE_uI3v7sByDMschRLWKXDoWmEhAKUnxnC_Qn-xQb3KEWgg6VuPWeA==
content-length: 177361
media-server: node

OPTIONS
H/1.1 200 gusid
t.thanksforvisiting.com/v1/lst/ Frame 0
0 493ms
167ms Preflight 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://t.thanksforvisiting.com/v1/lst/gusid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-62-94.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: product-id,ref-url
Access-Control-Request-Method: GET
Origin: https://thanksforvisiting.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: product-id,ref-url
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin: https://thanksforvisiting.com
Access-Control-Expose-Headers: Session-ID
Access-Control-Max-Age: 86400
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Sun, 09 Jun 2024 01:13:23 GMT
Front-End-Https: off
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200 gusid Show response
t.thanksforvisiting.com/v1/lst/ 0
821 B 211ms
209ms XHR
text/plain 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://t.thanksforvisiting.com/v1/lst/gusid

Requested by

Host: t.thanksforvisiting.com
URL: https://t.thanksforvisiting.com/v1/lst/universal-script?ph=2729adaae68c560593516ecd65e350ef939d3ea9e45ee9ff71a107e4850caaf5&tag=!clicked&ref_url=https://thanksforvisiting.com/hosting-hotline

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-62-94.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: ja-JP,ja;q=0.9;q=0.9
Product-ID: 182674
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://thanksforvisiting.com/
Ref-Url: https://thanksforvisiting.com/hosting-hotline
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 09 Jun 2024 01:13:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.18.0 (Ubuntu)
Session-ID: HB-ET_f30fffc848e64f0480d1dd949efe7756e680d3d394e3ba69663aefd39d90d4db
ETag: HB-ET_f30fffc848e64f0480d1dd949efe7756e680d3d394e3ba69663aefd39d90d4db
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin: https://thanksforvisiting.com
Access-Control-Expose-Headers: Session-ID
Front-End-Https: off
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200 pc Show response
t.thanksforvisiting.com/v1/lst/ 117 B
616 B 189ms
188ms XHR
application/json 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://t.thanksforvisiting.com/v1/lst/pc?ref_url=https%3A%2F%2Fthanksforvisiting.com%2Fhosting-hotline&fbp_id=2825721500986575&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F125.0.0.0+Safari%2F537.36

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-62-94.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c8e847e779a4f2503e91b07be922f77049be712566d67b9ccac1f67bfdaa4c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Session-ID: HB-ET_f30fffc848e64f0480d1dd949efe7756e680d3d394e3ba69663aefd39d90d4db
Product-ID: 182674
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://thanksforvisiting.com/
Access-Control-Allow-Headers: *
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 09 Jun 2024 01:13:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://thanksforvisiting.com
Access-Control-Expose-Headers: Session-ID
Front-End-Https: off
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 117

OPTIONS
H/1.1 200 pc
t.thanksforvisiting.com/v1/lst/ Frame 0
0 167ms
167ms Preflight 52.205.62.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-62-94.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: GET
Origin: https://thanksforvisiting.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Origin: https://thanksforvisiting.com
Access-Control-Expose-Headers: Session-ID
Access-Control-Max-Age: 86400
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: keep-alive
Content-Length: 0
Date: Sun, 09 Jun 2024 01:13:23 GMT
Front-End-Https: off
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 favicon.png
static.showit.co/200/OAiRHyUyQOyMCkJPkTX0ew/209946/ 6 KB
7 KB 409ms
408ms Other
image/png 65.9.42.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.showit.co/200/OAiRHyUyQOyMCkJPkTX0ew/209946/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-6.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 31800038ac2182402d162cc8913f8e08342e889179425da88ba413fa73f74950

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 09 Jun 2025 01:13:25 GMT
date: Sun, 09 Jun 2024 01:13:25 GMT
via: 1.1 af457ba15a82a147c22b94a85de74088.cloudfront.net (CloudFront)
last-modified: Thu, 30 Nov 2023 21:03:30 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
etag: 8049a98f36ac4b4352626ac063f681cc
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin
x-amz-cf-id: JYXRldD-5vLNTl_AZRQUuJ2q9hm2acoUtNzz4NcuYNttsrUo1MbUTg==
content-length: 6578
media-server: node

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 55ms
54ms Ping
text/plain 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TGFGRZYVJ6&gtm=45je4650v9166909536za200&_p=1717895601378&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1022873135.1717895602&ul=ja-jp&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717895601&sct=1&seg=0&dl=https%3A%2F%2Fthanksforvisiting.com%2Fhosting-hotline&dt=Hosting%20Hotline&en=scroll&epn.percent_scrolled=90&_et=8&tfd=8809&_z=sendBeacon
Requested by: Host: t.thanksforvisiting.com
URL: https://t.thanksforvisiting.com/v1/lst/universal-script?ph=2729adaae68c560593516ecd65e350ef939d3ea9e45ee9ff71a107e4850caaf5&tag=!clicked&ref_url=https://thanksforvisiting.com/hosting-hotline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://thanksforvisiting.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 01:13:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thanksforvisiting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
t.thanksforvisiting.com/v1/lst	1970-01-21 06:47:35	Name: __mh_tt_s Value: HB-ET_f30fffc848e64f0480d1dd949efe7756e680d3d394e3ba69663aefd39d90d4db
thehostinghotline.com/	1969-12-31 23:59:59	Name: crumb Value: BXPqdL9fH7d/NzljMGE4YTAzY2E5M2UyZmQ1NTBiMDhiMjUxOTY2
hostinghotline.com/	1969-12-31 23:59:59	Name: crumb Value: BRSmthLqpkheM2VkM2U3ZTc3NzZhODRjMTI3OTE0Y2YyNjMxNTE2
.thanksforvisiting.com/	1970-01-21 06:47:35	Name: _ga Value: GA1.1.1022873135.1717895602
.thanksforvisiting.com/	1970-01-21 06:47:35	Name: _ga_TGFGRZYVJ6 Value: GS1.1.1717895601.1.0.1717895601.0.0.0
.thanksforvisiting.com/	1970-01-20 23:21:11	Name: _fbp Value: fb.1.1717895601942.32900809174210025

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hostinghotline.com
lib.showit.co
static.showit.co
t.thanksforvisiting.com
thanksforvisiting.com
thehostinghotline.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.speakpipe.com
www.thanksforvisiting.com
104.154.194.33
104.17.25.14
178.79.186.198
18.65.168.39
198.185.159.144
198.185.159.145
2404:6800:4004:818::200a
2404:6800:400a:80c::200a
2404:6800:400a:80e::2003
2404:6800:400a:80e::2008
2404:6800:400a:80e::200e
2a03:2880:f00f:104:face:b00c:0:3
2a03:2880:f10f:187:face:b00c:0:25de
52.205.62.94
65.9.42.6
0caea231e450a2bdfa04341e70a657140ad98f87eb8dd923a9fcffe1b458c1bb
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
2f7bc6b95f257252b9f0dc1635aa46b66a981faab8699c144c93daa3b39dfd41
31800038ac2182402d162cc8913f8e08342e889179425da88ba413fa73f74950
386ddfd5d30a84b2dafc2a1651c3251eb5e2229f114e4d2097f85c20dd4c337a
3ed2091cec7c26bd484e73a6f4d81b29cd12cd090f88ec47abe4582a1c5a8481
538f0cb1df3bf7375873888f510ced2ab71133dade3180556bcdee359153fec2
558f0b582089a9f8a7560236f558269d78ac0621ffef2f23364abf87be1cfb59
56c1b833eea2ae7ed5b080376a556216e7939837944af659be330ada2dda9c4a
617fbe1e2066027db5ea59bfe054cd87ea96e2c348e0ae8d8cf4c1c77d42e129
79664f3f6faff8e61288c4dd5e5d1609f67843c911d299885325c374d75fc02b
7bd10cdc0ad157baa03fc3e4ca74bfd7f23f331686aea75c9e0efba96c9fdba9
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fbefabfa47bb61c9f06346df47554cbd68546f45c9d2d75467584e016d21e1f
837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
aa2be7d13ffff13a5ca15fbf384a8f4dd9a3564a2624010af397b454b69c75be
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c8e847e779a4f2503e91b07be922f77049be712566d67b9ccac1f67bfdaa4c08
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d6f82bf0a7c51527468a3bf5902eb963b996cb4de0bdbc1c6d8944fce03ce741
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fffc5fc0758d22c028c5e8acd1b3116a08a3676ec972750cc98aa7b16b77a93a

thanksforvisiting.com Open in urlscan Pro 104.154.194.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

47 %IPv6

12 Domains

16 Subdomains

13 IPs

5 Countries

10006 kBTransfer

10898 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thanksforvisiting.com Open in urlscan Pro
104.154.194.33 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

47 %
IPv6

12
Domains

16
Subdomains

13
IPs

5
Countries

10006 kB
Transfer

10898 kB
Size

6
Cookies

32 HTTP transactions
0 data transactions