URL: https://pepeta.com/?utm_source=suss
Submission: On November 06 via api from US — Scanned from DE

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 62 HTTP transactions. The main IP is 2606:4700:4400::6812:25d0, located in United States and belongs to CLOUDFLARENET, US. The main domain is pepeta.com.
TLS certificate: Issued by GTS CA 1P5 on November 3rd 2023. Valid for: 3 months.
This is the only time pepeta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
26 2606:4700:10:... 13335 (CLOUDFLAR...)
2 139.45.195.8 9002 (RETN-AS)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2620:1ec:bdf::60 8075 (MICROSOFT...)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 34.120.139.69 396982 (GOOGLE-CL...)
1 35.186.201.99 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 4.227.249.197 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
62 14
Apex Domain
Subdomains
Transfer
26 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 9846
va.tawk.to — Cisco Umbrella Rank: 9510
222 KB
18 pepeta.com
pepeta.com
api.pepeta.com
908 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 827
c.clarity.ms — Cisco Umbrella Rank: 1405
u.clarity.ms — Cisco Umbrella Rank: 7536
27 KB
3 eskimi.com
dsp-media.eskimi.com — Cisco Umbrella Rank: 43570
dsp-trk.eskimi.com — Cisco Umbrella Rank: 41852
dsp-ap.eskimi.com — Cisco Umbrella Rank: 17994
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11206
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
145 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
39 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
769 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
250 B
62 11
Domain Requested by
21 embed.tawk.to pepeta.com
embed.tawk.to
17 pepeta.com pepeta.com
5 va.tawk.to embed.tawk.to
3 u.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms pepeta.com
www.clarity.ms
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 my.rtmark.net www.googletagmanager.com
2 www.googletagmanager.com pepeta.com
www.googletagmanager.com
1 cdn.jsdelivr.net embed.tawk.to
1 c.bing.com 1 redirects
1 www.facebook.com pepeta.com
1 region1.google-analytics.com www.googletagmanager.com
1 dsp-ap.eskimi.com dsp-media.eskimi.com
1 dsp-trk.eskimi.com dsp-media.eskimi.com
1 dsp-media.eskimi.com pepeta.com
1 api.pepeta.com pepeta.com
62 17

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
t.me
instagram.com
Subject Issuer Validity Valid
pepeta.com
GTS CA 1P5
2023-11-03 -
2024-02-01
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-28 -
2024-04-27
a year crt.sh
rtmark.net
R3
2023-10-07 -
2024-01-05
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-08-15 -
2023-11-13
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-08-29 -
2024-08-29
a year crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1
2023-03-20 -
2024-04-12
a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh

This page contains 5 frames:

Primary Page: https://pepeta.com/?utm_source=suss
Frame ID: 31BC28BD7051C345735A06A0C9627EF9
Requests: 55 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/min-widget.css
Frame ID: 331E88E0168C22AFC328D1E38D2665DB
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/bubble-widget.css
Frame ID: 0F4D4BCEA50AECA4B9B7337A1D7B5843
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/message-preview.css
Frame ID: 6838AFD0447A51E526D506EB28A6E341
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/max-widget.css
Frame ID: 426B62B99564CCEDDA105011CB00F207
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Pepeta

Detected technologies

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

62
Requests

98 %
HTTPS

67 %
IPv6

11
Domains

17
Subdomains

14
IPs

5
Countries

1436 kB
Transfer

4785 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=79B67DB3F5C546CCAF2C648C560B0556&RedC=c.clarity.ms&MXFR=2AE08499BB4168730CB69758BF416613 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=79B67DB3F5C546CCAF2C648C560B0556&MUID=2FDFD4CCCFD16E092B69C70DCE7D6F08

62 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pepeta.com/
3 KB
2 KB
Document
General
Full URL
https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7da2cfa00aa2641320f9c76ae14716bb880ad4ef9ce72effe5b65201361be8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
821bbf5d3baf3813-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 06 Nov 2023 07:50:46 GMT
last-modified
Sat, 04 Nov 2023 11:44:05 GMT
server
cloudflare
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1699257047.617169,VS0,VE80
main.a2d0fb4b.js
pepeta.com/static/js/
2 MB
683 KB
Script
General
Full URL
https://pepeta.com/static/js/main.a2d0fb4b.js
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130bcc7c506bd99facd3c43966dc1085a4c0b1e6d2301d4a2522ae726e00673e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
158791
x-cache
HIT
content-length
698580
x-served-by
cache-fra-eddf8230078-FRA
last-modified
Sat, 04 Nov 2023 11:44:05 GMT
server
cloudflare
x-timer
S1699098255.449130,VS0,VE2
etag
"f8de7bfc71e47302e82d6c403a61d0236d34f35ab28dd4c60bae5531b2b6d2ca"
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf5dfc9a3813-FRA
expires
Tue, 05 Nov 2024 07:50:46 GMT
main.3a5cb819.css
pepeta.com/static/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://pepeta.com/static/css/main.3a5cb819.css
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d252f373075e56ed5c91f69aa8dc5c190ae9a98bf54b9884ffcfba450ac26b9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
6646541
x-cache
HIT
content-length
2883
x-served-by
cache-fra-eddf8230098-FRA
last-modified
Mon, 21 Aug 2023 09:28:38 GMT
server
cloudflare
x-timer
S1692610506.879232,VS0,VE1
etag
"b38dac3f4963904dd87eb4335d234cad0014f25b541ae609b8f69d1ef1e7fd4e"
vary
x-fh-requested-host, accept-encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf5dfc973813-FRA
expires
Tue, 05 Nov 2024 07:50:46 GMT
gtm.js
www.googletagmanager.com/
192 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W76BG5LW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17c251cf238f7d2aa3c8e65a0c87e29b5a801f9e49509d24a282b33441421c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69030
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Nov 2023 07:50:46 GMT
722.c4479327.chunk.js
pepeta.com/static/js/
41 KB
13 KB
Script
General
Full URL
https://pepeta.com/static/js/722.c4479327.chunk.js
Requested by
Host: pepeta.com
URL: https://pepeta.com/static/js/main.a2d0fb4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
546211533808e8b14f7e2c77f1d6cfb31ad80cb6c5d5eacfbdb15c804e2a4b44
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
6645744
x-cache
HIT
content-length
12746
x-served-by
cache-fra-eddf8230039-FRA
last-modified
Mon, 21 Aug 2023 09:28:38 GMT
server
cloudflare
x-timer
S1692611303.664376,VS0,VE1
etag
"8adf579a00535e88b35a2066e13607c73ded326d3d095a5509e530c793c17ed4"
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf5f5e343813-FRA
expires
Tue, 05 Nov 2024 07:50:46 GMT
482.e80f2e96.chunk.js
pepeta.com/static/js/
6 KB
2 KB
Script
General
Full URL
https://pepeta.com/static/js/482.e80f2e96.chunk.js
Requested by
Host: pepeta.com
URL: https://pepeta.com/static/js/main.a2d0fb4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17487de346a37e7a5d077cdd2839ccc7570eedab2900d9bcce0e4603c03d0c10
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 06 Nov 2023 07:50:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
158779
x-cache
MISS
content-length
1851
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Sat, 04 Nov 2023 11:44:05 GMT
server
cloudflare
x-timer
S1699098267.220657,VS0,VE175
etag
"a5444dc90b3ff47620873133e75d435b80d5f071314249a1d70dc075fd152adb"
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf5f5e353813-FRA
expires
Tue, 05 Nov 2024 07:50:46 GMT
barlow-latin-500-normal.50adbbfa3bfe480bf424.woff2
pepeta.com/static/media/
20 KB
21 KB
Font
General
Full URL
https://pepeta.com/static/media/barlow-latin-500-normal.50adbbfa3bfe480bf424.woff2
Requested by
Host: pepeta.com
URL: https://pepeta.com/static/css/main.3a5cb819.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://pepeta.com/static/css/main.3a5cb819.css
Origin
https://pepeta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:46 GMT
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
6646101
x-cache
HIT
content-length
20960
x-served-by
cache-fra-eddf8230077-FRA
last-modified
Mon, 21 Aug 2023 09:28:38 GMT
server
cloudflare
x-timer
S1692610945.348882,VS0,VE2
etag
"d586d16c1cb707b9b08a3de4bc43a360b76e1213e5973578cb86cf6eb0e6bfc7"
vary
x-fh-requested-host, accept-encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf5f8e6d3813-FRA
expires
Tue, 05 Nov 2024 07:50:46 GMT
barlow-latin-400-normal.7fa387951673abf164b1.woff2
pepeta.com/static/media/
21 KB
21 KB
Font
General
Full URL
https://pepeta.com/static/media/barlow-latin-400-normal.7fa387951673abf164b1.woff2
Requested by
Host: pepeta.com
URL: https://pepeta.com/static/css/main.3a5cb819.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://pepeta.com/static/css/main.3a5cb819.css
Origin
https://pepeta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
2
date
Mon, 06 Nov 2023 07:50:46 GMT
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
6646376
x-cache
HIT
content-length
21144
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Mon, 21 Aug 2023 09:28:38 GMT
server
cloudflare
x-timer
S1692610670.009355,VS0,VE0
etag
"809bffdd86910f0024c43f70312ce0685028e9d99d4ce4d2f621682f54e48093"
vary
x-fh-requested-host, accept-encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf5f8e723813-FRA
expires
Tue, 05 Nov 2024 07:50:46 GMT
1h3rhkups
embed.tawk.to/63ce2036c2f1ac1e202f136a/
2 KB
925 B
Script
General
Full URL
https://embed.tawk.to/63ce2036c2f1ac1e202f136a/1h3rhkups
Requested by
Host: pepeta.com
URL: https://pepeta.com/static/js/main.a2d0fb4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8b6cb89cb30f969b73f6ccca33e5ef9370773352df085570fa105c37d64829
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pepeta.com/
Origin
https://pepeta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
server
cloudflare
age
173
etag
W/"stable-v4-653fa0ef1ea"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
821bbf5fabd35c85-FRA
alt-svc
h3=":443"; ma=86400
version
pepeta.com/
53 B
255 B
Fetch
General
Full URL
https://pepeta.com/version?cb=20231106085046978
Requested by
Host: pepeta.com
URL: https://pepeta.com/static/js/main.a2d0fb4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68d539f2eb72b9e23e06b0c740fb205ef1313747bf20a4b10af6da2065a6260c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230066-FRA
date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=31556926
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 04 Nov 2023 11:44:05 GMT
server
cloudflare
x-timer
S1699257047.986887,VS0,VE37
etag
W/"da1be23b2c05de27275fc1f461f567e75f84846134a693904de282e7db156c87"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/plain; charset=utf-8
cache-control
max-age=3600
cf-ray
821bbf5f9e8c3813-FRA
x-cache-hits
0
barlow-latin-600-normal.eb2f99b8088268cd34a2.woff2
pepeta.com/static/media/
21 KB
22 KB
Font
General
Full URL
https://pepeta.com/static/media/barlow-latin-600-normal.eb2f99b8088268cd34a2.woff2
Requested by
Host: pepeta.com
URL: https://pepeta.com/static/css/main.3a5cb819.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://pepeta.com/static/css/main.3a5cb819.css
Origin
https://pepeta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
451394
x-cache
HIT
content-length
21796
x-served-by
cache-fra-eddf8230076-FRA
last-modified
Thu, 26 Oct 2023 10:42:14 GMT
server
cloudflare
x-timer
S1698805654.649541,VS0,VE1
etag
"d49525b1d635c7d2c53518041bfa74b542680a918084c3a116df269a01d0f8de"
vary
x-fh-requested-host, accept-encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf600efb3813-FRA
expires
Tue, 05 Nov 2024 07:50:47 GMT
sports
api.pepeta.com/v1/uo/
26 KB
4 KB
XHR
General
Full URL
https://api.pepeta.com/v1/uo/sports
Requested by
Host: pepeta.com
URL: https://pepeta.com/static/js/main.a2d0fb4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb5d0e2459d1537978779b8663acb16a2a6a7180707dae572be064812daf042

Request headers

Accept
application/json, text/plain, */*
Referer
https://pepeta.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
x-cache
HIT
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
x-backend-time
2023-11-06T10:50:47+03:00
content-type
application/json
cf-ray
821bbf606f0b39f1-FRA
access-control-allow-headers
Origin, Content-Type, Authorization, authorization
p.js
my.rtmark.net/
697 B
1 KB
Script
General
Full URL
https://my.rtmark.net/p.js?f=sync&lr=1&partner=0b69fce2be9362818852a24dc114113db2ceda57f0e6f728c4519cc2f9fb10fd
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W76BG5LW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
99c2c017e27f47ab9b458ea86392d2359b8a9fdab21f0a6446b79cb3aff39e32
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
697
js
www.googletagmanager.com/gtag/
218 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CH3FKXNTT1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W76BG5LW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
779f78fe353d13b70c555028801014c7aa87c77352778bad5ec6697f14dd5652
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79269
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 07:50:47 GMT
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W76BG5LW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Nov 2023 07:50:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
tN5onjXSdjBvKHd6F1gLH4B75kn+qChKj/s/pwGot6DT1iPzBQMRe5ge8XXn2Jcv7+I3dKAg44VFp+DFn1V/aA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ig4rq0yoss
www.clarity.ms/tag/
668 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/ig4rq0yoss?ref=gtm2
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb1dbe70ea796466b7c08086f586e0e063063efad89410b1a4265d8f7645bb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
-1
date
Mon, 06 Nov 2023 07:50:47 GMT
x-azure-ref
20231106T075047Z-ysrp1zs8e94s70ppnm9mepqg2c000000099g00000002u8yk
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
668
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
gtr.min.js
dsp-media.eskimi.com/assets/js/e/
5 KB
3 KB
Script
General
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Wed, 30 Oct 2024 19:01:13 GMT
date
Mon, 06 Nov 2023 07:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1080
cdn-cachedat
10/31/2023 19:01:13
cdn-pullzone
692289
last-modified
Fri, 04 Aug 2023 14:59:50 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"64cd1266-1353"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-requestid
b85d37cd8b7423022da6ac429fcd48bb
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
aviator.17bc38da684a627be7b8.avif
pepeta.com/static/media/
26 KB
26 KB
Image
General
Full URL
https://pepeta.com/static/media/aviator.17bc38da684a627be7b8.avif
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74b8ea3e74797c0b68a6f6fedd28d2e9377167e3d651de8286ab68bdfb145539
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
5125974
x-cache
HIT
content-length
26570
x-served-by
cache-fra-eddf8230096-FRA
last-modified
Tue, 05 Sep 2023 16:46:18 GMT
server
cloudflare
x-timer
S1694131073.098034,VS0,VE1
etag
"ae2e721faa2db3aaf81571cb27d4784180f9810f34c395e68de770fd39908852"
vary
x-fh-requested-host, accept-encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf60f8243813-FRA
expires
Tue, 05 Nov 2024 07:50:47 GMT
teketeke.66b273a16943bd6edaa8.avif
pepeta.com/static/media/
20 KB
20 KB
Image
General
Full URL
https://pepeta.com/static/media/teketeke.66b273a16943bd6edaa8.avif
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f377a6be321f893969af8220e3f312412323e2c562cf452c3fb426c63ffc06
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
5326435
x-cache
HIT
content-length
20458
x-served-by
cache-fra-eddf8230027-FRA
last-modified
Tue, 05 Sep 2023 16:16:20 GMT
server
cloudflare
x-timer
S1693930612.461890,VS0,VE1
etag
"1b528836f8c08ce303442acb934cb335196128cbd805f58151df19302ff8ac54"
vary
x-fh-requested-host, accept-encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf6108253813-FRA
expires
Tue, 05 Nov 2024 07:50:47 GMT
jetx.1ed1c49a555b4cfa9d64.avif
pepeta.com/static/media/
5 KB
6 KB
Image
General
Full URL
https://pepeta.com/static/media/jetx.1ed1c49a555b4cfa9d64.avif
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f69cc4fb012cde3aa986eae0767efa114d24632a4130d96950f0261709887b8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
5326134
x-cache
HIT
content-length
5601
x-served-by
cache-fra-eddf8230096-FRA
last-modified
Tue, 05 Sep 2023 16:16:20 GMT
server
cloudflare
x-timer
S1693930913.247797,VS0,VE3
etag
"816d96fdd5f6ac574e49319eac12a20a173faf627c2cd08c48435c1032cbd609"
vary
x-fh-requested-host, accept-encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf6108273813-FRA
expires
Tue, 05 Nov 2024 07:50:47 GMT
casino.864c4011895a3db91df1.avif
pepeta.com/static/media/
36 KB
36 KB
Image
General
Full URL
https://pepeta.com/static/media/casino.864c4011895a3db91df1.avif
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37b8846b75369b5a88646c1cfd3ea5e6deca6141f1b5faba9af57c57a02bb97e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
158712
x-cache
HIT
content-length
36700
x-served-by
cache-fra-eddf8230116-FRA
last-modified
Sat, 04 Nov 2023 11:44:05 GMT
server
cloudflare
x-timer
S1699098336.649848,VS0,VE1
etag
"8589c80c998e6f964a6a693f19d93c5e5ee99a972189ca6ef32eef3ca814ac9a"
vary
x-fh-requested-host, accept-encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf6108293813-FRA
expires
Tue, 05 Nov 2024 07:50:47 GMT
sportsBook.203b97b96e8186981838.avif
pepeta.com/static/media/
17 KB
18 KB
Image
General
Full URL
https://pepeta.com/static/media/sportsBook.203b97b96e8186981838.avif
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35d92e2b88340da4b8e734f0f33c0f537edae98c9ce43f4474ff85c6b519b70a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
5325791
x-cache
HIT
content-length
17887
x-served-by
cache-fra-eddf8230039-FRA
last-modified
Tue, 05 Sep 2023 16:16:20 GMT
server
cloudflare
x-timer
S1693931256.288524,VS0,VE2
etag
"bbc15cbc7d50d22a258e3ef1de6f676f039cabd743132bf3a5be450d8dab554e"
vary
x-fh-requested-host, accept-encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf61082c3813-FRA
expires
Tue, 05 Nov 2024 07:50:47 GMT
liveGames.ae4076fdf5476dbaf704.avif
pepeta.com/static/media/
15 KB
15 KB
Image
General
Full URL
https://pepeta.com/static/media/liveGames.ae4076fdf5476dbaf704.avif
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fde66ce43a3dd15b125f5327537704c6d183208c62d60d5135e5b86e874b4be9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
5326252
x-cache
HIT
content-length
14901
x-served-by
cache-fra-eddf8230121-FRA
last-modified
Tue, 05 Sep 2023 16:16:20 GMT
server
cloudflare
x-timer
S1693930795.128846,VS0,VE1
etag
"d1bc8ca4490713981de165d731edc337e371bf262adb821100d4dc8c1e67073c"
vary
x-fh-requested-host, accept-encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf61082e3813-FRA
expires
Tue, 05 Nov 2024 07:50:47 GMT
plinkox.e8f7a2f9a20bf794fe7c.avif
pepeta.com/static/media/
8 KB
8 KB
Image
General
Full URL
https://pepeta.com/static/media/plinkox.e8f7a2f9a20bf794fe7c.avif
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc6fe5c9d644621f999cb79350430bcb1a011c2e63648847690a623d5f9cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
5326435
x-cache
HIT
content-length
8453
x-served-by
cache-fra-eddf8230027-FRA
last-modified
Tue, 05 Sep 2023 16:16:20 GMT
server
cloudflare
x-timer
S1693930613.669817,VS0,VE1
etag
"934e8ff45c2af62bc3a6ab8ee1285679342f77b03b0c1069e60bf4671b95b596"
vary
x-fh-requested-host, accept-encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf6108303813-FRA
expires
Tue, 05 Nov 2024 07:50:47 GMT
cappadocia.da4a2caae1f3ca0080c8.avif
pepeta.com/static/media/
9 KB
9 KB
Image
General
Full URL
https://pepeta.com/static/media/cappadocia.da4a2caae1f3ca0080c8.avif
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1773521a97880b245f53d494400ab7fca0b8e6a0ad9508340a188309fd5a1a03
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/?utm_source=suss
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 06 Nov 2023 07:50:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31556926
cf-cache-status
HIT
age
5325791
x-cache
HIT
content-length
9055
x-served-by
cache-fra-eddf8230098-FRA
last-modified
Tue, 05 Sep 2023 16:16:20 GMT
server
cloudflare
x-timer
S1693931257.556504,VS0,VE2
etag
"a8e15520deb39343c6a5d9a6dd5caad8987b0b2f37aeb5da25f9abd6b18f0104"
vary
x-fh-requested-host, accept-encoding
content-type
image/avif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
821bbf6108313813-FRA
expires
Tue, 05 Nov 2024 07:50:47 GMT
cssession
dsp-trk.eskimi.com/tracking/
2 B
175 B
XHR
General
Full URL
https://dsp-trk.eskimi.com/tracking/cssession?tst&id=32033&url=https%3A%2F%2Fpepeta.com%2F%3Futm_source%3Dsuss&t=1699257047222
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
https://pepeta.com
date
Mon, 06 Nov 2023 07:50:46 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/plain; charset=UTF-8
gtr
dsp-ap.eskimi.com/v2/
116 B
580 B
XHR
General
Full URL
https://dsp-ap.eskimi.com/v2/gtr?id=32033&url=https%3A%2F%2Fpepeta.com%2F%3Futm_source%3Dsuss&t=1699257047222
Requested by
Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.201.186.35.bc.googleusercontent.com
Software
/
Resource Hash
9605178e819418f29b3e5271d21d3e4b2423b9e480de9734158c05616d4d6baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
https://pepeta.com
date
Mon, 06 Nov 2023 07:50:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
336474318738157
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/336474318738157?v=2.9.138&r=stable&domain=pepeta.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9a5ca4add80a560cce38c48accafe6a083a2d8514787aeeec995a7bcfc24aeb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Nov 2023 07:50:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
cWRJa2WIdbTFQ/dcrWJzhIIrGeFs10FYHKsjjLxcxtTzkOJpIvD9JmA8oPE06SlGbbLaLSntKy2BH8KsMpaEjA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CH3FKXNTT1&gtm=45je3b11v9121867038z89138715422&_p=1699257046875&gcd=11l1l1l1l1&cid=852592590.1699257047&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699257047&sct=1&seg=0&dl=https%3A%2F%2Fpepeta.com%2F%3Futm_source%3Dsuss&dt=Pepeta&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=697
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CH3FKXNTT1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 07:50:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pepeta.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.13/
59 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.13/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ig4rq0yoss?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
content-encoding
br
last-modified
Tue, 17 Oct 2023 11:58:02 GMT
etag
W/"0x8DBCF0850CC9F3D"
vary
Accept-Encoding
x-azure-ref
20231106T075047Z-ysrp1zs8e94s70ppnm9mepqg2c000000099g00000002u8zt
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ea3821d2-901e-007b-583c-0b6c47000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=336474318738157&ev=PageView&dl=https%3A%2F%2Fpepeta.com%2F%3Futm_source%3Dsuss&rl=&if=false&ts=1699257047345&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1699257047344.1723778524&ler=empty&it=1699257047238&coo=false&tm=1&rqm=GET
Requested by
Host: pepeta.com
URL: https://pepeta.com/?utm_source=suss
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 06 Nov 2023 07:50:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
twk-main.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
121 B
269 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce2036c2f1ac1e202f136a/1h3rhkups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pepeta.com/
Origin
https://pepeta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
71002
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf624eed5c85-FRA
twk-vendor.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
81 KB
29 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce2036c2f1ac1e202f136a/1h3rhkups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pepeta.com/
Origin
https://pepeta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
509195
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"ce3014b09c6dfbd6f92bc585fd840580"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf624ef15c85-FRA
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
212 KB
62 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce2036c2f1ac1e202f136a/1h3rhkups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c402dac34a2ddb65a30763afd1e50c65ccd82117b61a773f2512bc6e2dace631
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pepeta.com/
Origin
https://pepeta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
511285
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"357952f03822ff20c10ab27cc597e161"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf624ef35c85-FRA
twk-chunk-common.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
215 KB
42 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce2036c2f1ac1e202f136a/1h3rhkups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78278b5c1f2b851af38fe569a9544e265d53a0c0b6f592bb5117f9b2f40c556b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pepeta.com/
Origin
https://pepeta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
510023
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"3559a48cee058d0fa362d062d48d297d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf624ef55c85-FRA
twk-runtime.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
2 KB
1 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce2036c2f1ac1e202f136a/1h3rhkups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
988a40deb30ca96a0db8ae7beaaa1bd27e94b484f10bf811384fc4b89dabf066
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pepeta.com/
Origin
https://pepeta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
509195
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"ab2e7e6976ebf42505e0f529919444b5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf624ef65c85-FRA
twk-app.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
151 B
213 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce2036c2f1ac1e202f136a/1h3rhkups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pepeta.com/
Origin
https://pepeta.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
507251
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf624ef75c85-FRA
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=79B67DB3F5C546CCAF2C648C560B0556&RedC=c.clarity.ms&MXFR=2AE08499BB4168730CB69758BF416613
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=79B67DB3F5C546CCAF2C648C560B0556&MUID=2FDFD4CCCFD16E092B69C70DCE7D6F08
42 B
445 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=79B67DB3F5C546CCAF2C648C560B0556&MUID=2FDFD4CCCFD16E092B69C70DCE7D6F08
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 07:50:47 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 07:50:46 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 42F6BCFA8D76423DA7691B50C704518C Ref B: FRA31EDGE0720 Ref C: 2023-11-06T07:50:47Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=79B67DB3F5C546CCAF2C648C560B0556&MUID=2FDFD4CCCFD16E092B69C70DCE7D6F08
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
widget-settings
va.tawk.to/v1/
4 KB
2 KB
Fetch
General
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=63ce2036c2f1ac1e202f136a&widgetId=1h3rhkups&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
328c7aca552bb95620f677fcfa2b104fe4a324476025ddc45bd10e67a094e012
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
536
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-fj34
server
cloudflare
etag
W/"2-49-0"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
821bbf62cf615c85-FRA
access-control-allow-headers
content-type,x-tawk-token
collect
u.clarity.ms/
0
290 B
XHR
General
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://pepeta.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://pepeta.com
Date
Mon, 06 Nov 2023 07:50:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
start
va.tawk.to/v1/session/
1 KB
1 KB
Fetch
General
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72df57efed2ddc0340cbd9ccedd4077507cf2075218a429211ce389de017ce75
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pepeta.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://pepeta.com
access-control-allow-credentials
true
cf-ray
821bbf688853049f-FRA
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-43hv
start
va.tawk.to/v1/session/ Frame
0
0
Preflight
General
Full URL
https://va.tawk.to/v1/session/start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pepeta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://pepeta.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
821bbf62fb9018bd-FRA
date
Mon, 06 Nov 2023 07:50:48 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-9s37
en.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/languages/
17 KB
4 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
521632
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:40 GMT
server
cloudflare
etag
W/"7f37a030886ec7fce1d065ec482789ee"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf631a6a049f-FRA
img.gif
my.rtmark.net/
43 B
491 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=sync&partner=0b69fce2be9362818852a24dc114113db2ceda57f0e6f728c4519cc2f9fb10fd&ttl=&rurl=https%3A%2F%2Fpepeta.com%2F%3Futm_source%3Dsuss
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
collect
u.clarity.ms/
0
290 B
XHR
General
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://pepeta.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://pepeta.com
Date
Mon, 06 Nov 2023 07:50:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
twk-chunk-2c776523.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
8 KB
3 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b089f5f65d03da61b611f98336194eb97c019203a97c3899a0d26cd28079b65e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
521153
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"589bcaf3fa2f5394494ee99582c6bee6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6aaaaf049f-FRA
twk-chunk-9294da6c.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
18 KB
5 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-9294da6c.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358db197e46c18220231b57ba38c50d92cbe5ccc3f14da9e203b2f2aa3d3943e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
521153
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"d24778beeceabd92325994c6f7a2751e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6aaab0049f-FRA
twk-chunk-f1565420.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
11 KB
4 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-f1565420.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f494f6495bf2a685fbefd16b065d04ba3a8181bb36746343b5d8cfac820913
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
521153
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"4bc001b26b4e5564a602f6650d906258"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6aaab1049f-FRA
twk-chunk-2d0b383d.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
699 B
676 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2d0b383d.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
367932
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"838903127a65ec440893b4945c40ca4a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6aaab3049f-FRA
twk-chunk-48f3b594.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
18 KB
6 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-48f3b594.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c6f5113c1bbf4ab16c83c17bbb2f7a89c14289eccda26031f77c873a30c0ca
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
521153
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"3e2b01e1e5d09751c601a46ccf3d3cfa"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6aaab4049f-FRA
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
906 B
662 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
347609
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"1c5ecf371149feca23bd895ba9dfec4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6aaab6049f-FRA
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
535 B
574 B
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
521153
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"c506281367048d4a134c9affbc68c8c6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6aaab8049f-FRA
twk-chunk-24d8db78.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/
107 KB
24 KB
Script
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-24d8db78.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a34981cda55b2bae3762c709553b06e72e7a9b8de79012c610547f84a34833e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
521153
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"b3a46b8e741c104da6508d52406c9c32"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6aaab9049f-FRA
min-widget.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame 331E
24 KB
5 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
521153
cf-polished
origSize=24831
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6b1b28049f-FRA
bubble-widget.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame 0F4D
13 KB
3 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
521152
cf-polished
origSize=13594
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"ce7913b80c763449b3895d46419f7a6b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6b2b31049f-FRA
message-preview.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame 6838
40 KB
8 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
434707
cf-polished
origSize=40832
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"cf4a08d496f49489af30571e3cbb48f3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6b2b39049f-FRA
max-widget.css
embed.tawk.to/_s/v4/app/653fa0ef1ea/css/ Frame 426B
76 KB
14 KB
Stylesheet
General
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-2c776523.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65903b8703d79850e660a2b415ae10306b3ee3015a436327de3f86433d5d774e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
521152
cf-polished
origSize=78142
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"7c8b6e697bd499db08971189a4be9b7c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6b4b58049f-FRA
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 0F4D
22 KB
6 KB
Image
General
Full URL
https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1050022
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 22 May 2021 07:25:19 GMT
server
cloudflare
etag
W/"f66e029841759471d2ec78b86760dca7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
821bbf6b5b67049f-FRA
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/
295 KB
39 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pepeta.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 07:50:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
357126
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230065-FRA
server
cloudflare
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0e3wkmKJG7tyBN%2FdABdGccozFL%2B3k5u%2FcJEdaWLppmYPFycGmOJoXzNLeaBst0TgimCFPjv3cdXLuPM%2FojXy0lH1Ju7j0YQ6uzOMHrGklJTXJcf%2FqwbRa1KoJY1DKugbS0oMRFgJ9nztXmyBfE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
821bbf6b79bc2bdc-FRA
v3
va.tawk.to/log-performance/ Frame
0
0
Preflight
General
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pepeta.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://pepeta.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
821bbf6e0f4018bd-FRA
date
Mon, 06 Nov 2023 07:50:49 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-6jm4
v3
va.tawk.to/log-performance/
5 B
257 B
Fetch
General
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pepeta.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 06 Nov 2023 07:50:50 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pepeta.com
access-control-allow-credentials
true
cf-ray
821bbf6f084818bd-FRA
access-control-allow-headers
content-type,x-tawk-token
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-smff
collect
u.clarity.ms/
0
290 B
XHR
General
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://pepeta.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://pepeta.com
Date
Mon, 06 Nov 2023 07:50:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture boolean| isOperaExtreme object| webpackChunkpepeta_ui object| dataLayer object| Tawk_API object| Tawk_LoadStart object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| _fbq_gtm_ids function| clarity function| esk function| ___esk string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| _b64dec object| gaGlobal object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione

20 Cookies

Domain/Path Name / Value
.pepeta.com/ Name: _ga_CH3FKXNTT1
Value: GS1.1.1699257047.1.0.1699257047.0.0.0
.pepeta.com/ Name: _ga
Value: GA1.1.852592590.1699257047
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: ac79a304-e750-45e4-8414-51af64e9ec65
.eskimi.com/ Name: __eP
Value: 1
www.clarity.ms/ Name: CLID
Value: 1c56104b922b4b9a9138bd1c5f896680.20231106.20241105
.pepeta.com/ Name: _fbp
Value: fb.1.1699257047344.1723778524
.pepeta.com/ Name: _clck
Value: vusf88|2|fgh|0|1405
pepeta.com/ Name: twk_idm_key
Value: xEF-key84f4xDI-D8jSFi
.bing.com/ Name: MUID
Value: 2FDFD4CCCFD16E092B69C70DCE7D6F08
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2FDFD4CCCFD16E092B69C70DCE7D6F08
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2FDFD4CCCFD16E092B69C70DCE7D6F08
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
my.rtmark.net/ Name: ID
Value: f899531035c243d2a8b16fe7e62aa73d
.pepeta.com/ Name: _clsk
Value: 1vbow8y|1699257048045|1|1|u.clarity.ms/collect
pepeta.com/ Name: TawkConnectionTime
Value: 0
.pepeta.com/ Name: twk_uuid_63ce2036c2f1ac1e202f136a
Value: %7B%22uuid%22%3A%221.1hH9JYOx0RVQq3jtB7ADIMA7uTRSaOzDooJ2057UKLl7Kuh6gPHZZQlZ0rHO8AanRpuw54bMhaF0g2YSfAUHJK3IG4HSrKNhILVONR576PAq1K9YCkR%22%2C%22version%22%3A3%2C%22domain%22%3A%22pepeta.com%22%2C%22ts%22%3A1699257048734%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pepeta.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
connect.facebook.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
embed.tawk.to
my.rtmark.net
pepeta.com
region1.google-analytics.com
u.clarity.ms
va.tawk.to
www.clarity.ms
www.facebook.com
www.googletagmanager.com
139.45.195.8
2001:4860:4802:34::36
2400:52e0:1e00::1082:1
2606:4700:10::6816:1883
2606:4700:4400::6812:25d0
2606:4700::6810:5914
2620:1ec:bdf::60
2620:1ec:c11::200
2a00:1450:4001:828::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
34.120.139.69
35.186.201.99
4.227.249.197
68.219.88.97
130bcc7c506bd99facd3c43966dc1085a4c0b1e6d2301d4a2522ae726e00673e
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
17487de346a37e7a5d077cdd2839ccc7570eedab2900d9bcce0e4603c03d0c10
1773521a97880b245f53d494400ab7fca0b8e6a0ad9508340a188309fd5a1a03
17c251cf238f7d2aa3c8e65a0c87e29b5a801f9e49509d24a282b33441421c83
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2c7da2cfa00aa2641320f9c76ae14716bb880ad4ef9ce72effe5b65201361be8
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
2d252f373075e56ed5c91f69aa8dc5c190ae9a98bf54b9884ffcfba450ac26b9
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
328c7aca552bb95620f677fcfa2b104fe4a324476025ddc45bd10e67a094e012
358db197e46c18220231b57ba38c50d92cbe5ccc3f14da9e203b2f2aa3d3943e
35d92e2b88340da4b8e734f0f33c0f537edae98c9ce43f4474ff85c6b519b70a
37b8846b75369b5a88646c1cfd3ea5e6deca6141f1b5faba9af57c57a02bb97e
39f377a6be321f893969af8220e3f312412323e2c562cf452c3fb426c63ffc06
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
546211533808e8b14f7e2c77f1d6cfb31ad80cb6c5d5eacfbdb15c804e2a4b44
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f69cc4fb012cde3aa986eae0767efa114d24632a4130d96950f0261709887b8
60f494f6495bf2a685fbefd16b065d04ba3a8181bb36746343b5d8cfac820913
65903b8703d79850e660a2b415ae10306b3ee3015a436327de3f86433d5d774e
68d539f2eb72b9e23e06b0c740fb205ef1313747bf20a4b10af6da2065a6260c
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
70c6f5113c1bbf4ab16c83c17bbb2f7a89c14289eccda26031f77c873a30c0ca
72df57efed2ddc0340cbd9ccedd4077507cf2075218a429211ce389de017ce75
74b8ea3e74797c0b68a6f6fedd28d2e9377167e3d651de8286ab68bdfb145539
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
779f78fe353d13b70c555028801014c7aa87c77352778bad5ec6697f14dd5652
78278b5c1f2b851af38fe569a9544e265d53a0c0b6f592bb5117f9b2f40c556b
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8a34981cda55b2bae3762c709553b06e72e7a9b8de79012c610547f84a34833e
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9605178e819418f29b3e5271d21d3e4b2423b9e480de9734158c05616d4d6baa
988a40deb30ca96a0db8ae7beaaa1bd27e94b484f10bf811384fc4b89dabf066
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c2c017e27f47ab9b458ea86392d2359b8a9fdab21f0a6446b79cb3aff39e32
aadc6fe5c9d644621f999cb79350430bcb1a011c2e63648847690a623d5f9cd6
b089f5f65d03da61b611f98336194eb97c019203a97c3899a0d26cd28079b65e
bdb5d0e2459d1537978779b8663acb16a2a6a7180707dae572be064812daf042
c402dac34a2ddb65a30763afd1e50c65ccd82117b61a773f2512bc6e2dace631
c9a5ca4add80a560cce38c48accafe6a083a2d8514787aeeec995a7bcfc24aeb
cb1dbe70ea796466b7c08086f586e0e063063efad89410b1a4265d8f7645bb47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed8b6cb89cb30f969b73f6ccca33e5ef9370773352df085570fa105c37d64829
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fde66ce43a3dd15b125f5327537704c6d183208c62d60d5135e5b86e874b4be9