getcreditsecrets.net Open in urlscan Pro
148.251.128.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://queenofcreditscores.com/
Effective URL:
https://getcreditsecrets.net/?deal=success
Submission Tags: phishingrod
Submission: On August 11 via api (August 11th 2023, 1:05:35 am UTC) from DE — Scanned from DE

Summary HTTP 303 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 80 IPs in 9 countries across 59 domains to perform 303 HTTP transactions. The main IP is 148.251.128.81, located in Falkenstein, Germany and belongs to HETZNER-AS, DE. The main domain is getcreditsecrets.net.
TLS certificate: Issued by R3 on July 25th 2023. Valid for: 3 months.

This is the only time getcreditsecrets.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.2.56.64 52.2.56.64	14618 (AMAZON-AES) (AMAZON-AES)
33	148.251.128.81 148.251.128.81	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	35.244.234.248 35.244.234.248	15169 (GOOGLE) (GOOGLE)
10	2a04:4e42:400... 2a04:4e42:400::644	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:4400:f:a14c:a8c0:21	16509 (AMAZON-02) (AMAZON-02)
21	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
25	2600:9000:21f... 2600:9000:21f3:a000:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::644	54113 (FASTLY) (FASTLY)
1	34.232.107.162 34.232.107.162	14618 (AMAZON-AES) (AMAZON-AES)
2	34.239.79.61 34.239.79.61	14618 (AMAZON-AES) (AMAZON-AES)
2	34.235.217.206 34.235.217.206	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
69	18.66.112.39 18.66.112.39	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.194.253.69 34.194.253.69	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:236... 2600:9000:236e:1400:1e:b6b6:9ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	172.104.231.58 172.104.231.58	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
4 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.216.102.59 52.216.102.59	16509 (AMAZON-02) (AMAZON-02)
1	18.66.121.156 18.66.121.156	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:9000:223... 2600:9000:223e:4a00:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:175e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	34.210.103.97 34.210.103.97	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700::68... 2606:4700::6810:185e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	35.169.181.77 35.169.181.77	14618 (AMAZON-AES) (AMAZON-AES)
1 1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.157.68.83 35.157.68.83	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.195.183.142 18.195.183.142	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.30.115.249 52.30.115.249	16509 (AMAZON-02) (AMAZON-02)
1 2	54.78.21.60 54.78.21.60	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.64.114.92 3.64.114.92	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4200:afa3:28fc:4d3:4fa2	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.250.36.253 34.250.36.253	16509 (AMAZON-02) (AMAZON-02)
1	52.58.249.168 52.58.249.168	16509 (AMAZON-02) (AMAZON-02)
1	52.31.154.19 52.31.154.19	16509 (AMAZON-02) (AMAZON-02)
1	18.191.127.2 18.191.127.2	16509 (AMAZON-02) (AMAZON-02)
6	34.193.113.164 34.193.113.164	14618 (AMAZON-AES) (AMAZON-AES)
303	80

1 52.2.56.64 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: us-ip-2.short.io

queenofcreditscores.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 148.251.128.81 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: edge.presslabs.net

getcreditsecrets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.234.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.234.244.35.bc.googleusercontent.com

www.lhn0etrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:400::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:4400:f:a14c:a8c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3os7c1voccrkz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:21f3:a000:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-cloudfront.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.107.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-107-162.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.239.79.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-79-61.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.235.217.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-217-206.compute-1.amazonaws.com

core.thedatabot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 18.66.112.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-39.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.253.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-253-69.compute-1.amazonaws.com

177758.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:1400:1e:b6b6:9ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.firstpromoter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.231.58 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: nb-172-104-231-58.fra.nodebalancer.linode.com

t.firstpromoter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.102.59 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

connectio.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.121.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-156.fra60.r.cloudfront.net

d7s870zeth355.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:4a00:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:175e (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-gtm-server-377914.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.210.103.97 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-103-97.us-west-2.compute.amazonaws.com

tracking.graphly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:185e (United States)

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.169.181.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-181-77.compute-1.amazonaws.com

177758.t.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.68.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-68-83.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.12 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.183.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-183-142.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.115.249 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.21.60 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-21-60.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.114.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-114-92.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:afa3:28fc:4d3:4fa2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.36.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-36-253.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.249.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-249-168.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.154.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-154-19.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.191.127.2 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-191-127-2.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.193.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	driftt.com js.driftt.com — Cisco Umbrella Rank: 5961	849 KB
38	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4959 embed-cloudfront.wistia.com distillery.wistia.com — Cisco Umbrella Rank: 7509 pipedream.wistia.com — Cisco Umbrella Rank: 7525	7 MB
33	getcreditsecrets.net getcreditsecrets.net	2 MB
21	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	5 MB
12	gstatic.com fonts.gstatic.com www.gstatic.com	158 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 ajax.googleapis.com — Cisco Umbrella Rank: 392 maps.googleapis.com — Cisco Umbrella Rank: 386 jnn-pa.googleapis.com — Cisco Umbrella Rank: 271	99 KB
11	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 static.doubleclick.net — Cisco Umbrella Rank: 313 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	5 KB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	355 B
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2553 sslwidget.criteo.com — Cisco Umbrella Rank: 1870 widget.us.criteo.com — Cisco Umbrella Rank: 22522 dis.criteo.com — Cisco Umbrella Rank: 608	14 KB
10	google.com maps.google.com — Cisco Umbrella Rank: 1831 www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2770	212 KB
6	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6722 metrics.api.drift.com — Cisco Umbrella Rank: 6607 event.api.drift.com — Cisco Umbrella Rank: 7258	5 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5933	840 B
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 930 trc.taboola.com — Cisco Umbrella Rank: 622 sync-t1.taboola.com — Cisco Umbrella Rank: 1375 trc-events.taboola.com — Cisco Umbrella Rank: 1925	21 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3298 tr.outbrain.com — Cisco Umbrella Rank: 3062 wave.outbrain.com — Cisco Umbrella Rank: 3349 sync.outbrain.com — Cisco Umbrella Rank: 750	8 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 221 secure.adnxs.com — Cisco Umbrella Rank: 464	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
3	hyros.com 177758.tracking.hyros.com 177758.t.hyros.com	40 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	270 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 670	877 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 212	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1561	2 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1235 ups.analytics.yahoo.com — Cisco Umbrella Rank: 320	756 B
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8338 prism.app-us1.com — Cisco Umbrella Rank: 8423	8 KB
2	smartlook.com rec.smartlook.com — Cisco Umbrella Rank: 28213	19 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	156 KB
2	firstpromoter.com cdn.firstpromoter.com — Cisco Umbrella Rank: 30727 t.firstpromoter.com — Cisco Umbrella Rank: 385201	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 550	7 KB
2	thedatabot.com core.thedatabot.com	14 KB
2	wistia.net fast.wistia.net — Cisco Umbrella Rank: 9162	13 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 120	5 KB
2	cloudfront.net d3os7c1voccrkz.cloudfront.net d7s870zeth355.cloudfront.net	224 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2014	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 638	338 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1951	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2282	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4336	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 27999	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2512	398 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 786	579 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1292	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 3037	274 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 968	342 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1264	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 406	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2174	163 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 693	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 566	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 361	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 649	793 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 354	146 B
1	graphly.io tracking.graphly.io — Cisco Umbrella Rank: 654961	492 B
1	cloudfunctions.net us-central1-gtm-server-377914.cloudfunctions.net	249 B
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 10859	54 KB
1	amazonaws.com connectio.s3.amazonaws.com — Cisco Umbrella Rank: 399678	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 617	15 KB
1	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 7069	10 KB
1	lhn0etrk.com www.lhn0etrk.com	9 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 986	7 KB
1	queenofcreditscores.com 1 redirects queenofcreditscores.com	255 B
303	59

	Domain	Requested by
69	js.driftt.com	getcreditsecrets.net js.driftt.com
33	getcreditsecrets.net	getcreditsecrets.net
25	embed-cloudfront.wistia.com	fast.wistia.com
21	www.youtube.com	getcreditsecrets.net www.youtube.com www.googletagmanager.com
10	www.facebook.com
10	fast.wistia.com	getcreditsecrets.net fast.wistia.com
8	jnn-pa.googleapis.com	www.youtube.com
8	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
6	www.google.com	www.youtube.com
5	www.google.de
5	gum.criteo.com	4 redirects static.criteo.net
5	googleads.g.doubleclick.net	1 redirects www.youtube.com www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.gstatic.com	www.youtube.com www.gstatic.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.googletagmanager.com	getcreditsecrets.net d3os7c1voccrkz.cloudfront.net www.googletagmanager.com
3	maps.google.com	getcreditsecrets.net maps.google.com
2	event.api.drift.com	js.driftt.com
2	trc-events.taboola.com	cdn.taboola.com
2	metrics.api.drift.com	js.driftt.com
2	bootstrap.api.drift.com	js.driftt.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	177758.t.hyros.com	177758.tracking.hyros.com
2	rec.smartlook.com	getcreditsecrets.net rec.smartlook.com
2	connect.facebook.net	getcreditsecrets.net connect.facebook.net
2	tr.outbrain.com	amplify.outbrain.com
2	s.yimg.com	getcreditsecrets.net s.yimg.com
2	core.thedatabot.com	d3os7c1voccrkz.cloudfront.net
2	pipedream.wistia.com	fast.wistia.com
2	fast.wistia.net	fast.wistia.com
2	i.ytimg.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	fonts.googleapis.com	getcreditsecrets.net
1	s.thebrighttag.com
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	trc.taboola.com	cdn.taboola.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	sp.analytics.yahoo.com
1	region1.analytics.google.com	www.googletagmanager.com
1	tracking.graphly.io
1	mug.criteo.com
1	us-central1-gtm-server-377914.cloudfunctions.net
1	diffuser-cdn.app-us1.com	getcreditsecrets.net
1	www.clickcease.com	getcreditsecrets.net
1	d7s870zeth355.cloudfront.net	getcreditsecrets.net
1	connectio.s3.amazonaws.com	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	t.firstpromoter.com	cdn.firstpromoter.com
1	wave.outbrain.com	amplify.outbrain.com
1	cdn.firstpromoter.com	d3os7c1voccrkz.cloudfront.net
1	177758.tracking.hyros.com	getcreditsecrets.net
1	static.criteo.net	d3os7c1voccrkz.cloudfront.net
1	amplify.outbrain.com	getcreditsecrets.net
1	assets.revcontent.com	d3os7c1voccrkz.cloudfront.net
1	distillery.wistia.com	fast.wistia.com
1	d3os7c1voccrkz.cloudfront.net	getcreditsecrets.net
1	maps.googleapis.com	maps.google.com
1	ajax.googleapis.com	getcreditsecrets.net
1	www.lhn0etrk.com	getcreditsecrets.net
1	maxcdn.bootstrapcdn.com	getcreditsecrets.net
1	queenofcreditscores.com	1 redirects
303	89

This site contains links to these domains. Also see Links.

Domain
creditsecret.org
creditsecrets.com

Subject Issuer	Validity	Valid
getcreditsecrets.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
lhn0etrk.com Starfield Secure Certificate Authority - G2	`2023-03-23` - `2024-04-18`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.thedatabot.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-05` - `2023-09-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
assets.revcontent.com R3	`2023-07-10` - `2023-10-08`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
tracking.hyros.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.firstpromoter.com Amazon RSA 2048 M01	`2023-02-17` - `2024-01-19`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
1610534878.rsc.cdn77.org R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
clickcease.com Amazon RSA 2048 M02	`2022-10-27` - `2023-11-25`	a year	crt.sh
diffuser-cdn.app-us1.com E1	`2023-08-07` - `2023-11-05`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.graphly.io Amazon RSA 2048 M01	`2023-02-10` - `2024-01-28`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
prism.app-us1.com E1	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
t.hyros.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-22`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
itm.ivitrack.com R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://getcreditsecrets.net/?deal=success
Frame ID: 462D39AE5B70551B243D1B03461CC5A8
Requests: 153 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
Frame ID: BF8469E452B5C5F968F5D5927F85AE37
Requests: 41 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=getcreditsecrets.net&origin=onetag
Frame ID: 996C486F6ED0470D69A151C77C6A53A4
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
Frame ID: BC6BD0F29BFFC834FB11DA6AC5314F18
Requests: 37 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
Frame ID: E46CDD1FB27EC3DBBC7FE27C910FAB53
Requests: 36 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dmwr72QFKd-CVnaU7oVNbDym-G45gpxfy8IZeQ&google_gid=CAESEIeOMPN0lKDFsR7yePvsmbk&google_cver=1&google_ula=913071,0
Frame ID: 0CC7FA129A9F77E28422E3AFE87CE88D
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Credit Secrets

Page URL History Show full URLs

https://queenofcreditscores.com/ HTTP 302
https://getcreditsecrets.net/?deal=success Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

303
Requests

96 %
HTTPS

41 %
IPv6

59
Domains

89
Subdomains

80
IPs

9
Countries

17232 kB
Transfer

24600 kB
Size

48
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://creditsecret.org/login
Title: Member Login

Search URL Search Domain Scan URL

URL: https://creditsecrets.com/terms-of-service/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://creditsecrets.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://creditsecrets.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://queenofcreditscores.com/ HTTP 302
https://getcreditsecrets.net/?deal=success Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 129

https://gum.criteo.com/sid/json?origin=onetag&domain=getcreditsecrets.net&sn=ChromeSyncframe&so=0&topUrl=getcreditsecrets.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=gT9TW3xkbWhDZndPK08vblNvK1ZrYjN0OWNsTFVrSTZhRUdxTUVNNGJEVGxLTExLbDJ4Szh5ZEFibGFFZ25uWmpPdnE2Um1tcHZOOTh3TFVjZUNESGVDdjV2Rm9tVjZVWTM3eHBQazJCQ2d3L1dpQ0VQaEp5Mk5vWm14bDZUNllxZ3h3QVg0NlBpR1FndWtNNjhDT1hyUDZDRTRmMnhHdGdWdzJuNXFlNXl3TGVsUWZQc0gxWXd4QXlaOTJaNFhPVGFZaE9EcE4zejkvTm9DdWlYZzkxLzdxVElWb2c2NEE4SmVVdGFlMVRDVDgxZ2NVWGlKbVJuVGhMRGVlcDJZVnN4akFqZ0U4SFZPZFNqQzZsSm1NeVZZOTRGUzNmcUV3eFQzVmwrNDIyalVmeXd4UT18&cppv=2

Request Chain 159

https://sslwidget.criteo.com/event?a=71299&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=O8vPRF91WmI2REhHZlhrT2ZnWHJabGJkeW9teTlpJTJGJTJCQ0IlMkZ0cW9wSElWbFZJcGViVzJwJTJCJTJCNWcyanJ2MVNwTlZoQ0hIeXl6eE80Wm1JMDNGSUpkT043bGRSdTFsamptZGs2NHRRSldsWkw5Nm05M1JvVWZyVFJoZ1E1ZU1HRU1LeTBTYzJ0Umd1R2RXSW44cEY2VWlVVXA1SXZDUURSbmNHWFRTMENpJTJCUlolMkZXNVlMTSUzRA&tld=getcreditsecrets.net&fu=https%253A%252F%252Fgetcreditsecrets.net%252F%253Fdeal%253Dsuccess%2526dbvid%253D3710&ceid=f4670fad-0abf-4a84-9cc8-3223d000cf5b&dtycbr=97305 HTTP 302
https://widget.us.criteo.com/event?a=71299&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=O8vPRF91WmI2REhHZlhrT2ZnWHJabGJkeW9teTlpJTJGJTJCQ0IlMkZ0cW9wSElWbFZJcGViVzJwJTJCJTJCNWcyanJ2MVNwTlZoQ0hIeXl6eE80Wm1JMDNGSUpkT043bGRSdTFsamptZGs2NHRRSldsWkw5Nm05M1JvVWZyVFJoZ1E1ZU1HRU1LeTBTYzJ0Umd1R2RXSW44cEY2VWlVVXA1SXZDUURSbmNHWFRTMENpJTJCUlolMkZXNVlMTSUzRA&tld=getcreditsecrets.net&fu=https%253A%252F%252Fgetcreditsecrets.net%252F%253Fdeal%253Dsuccess%2526dbvid%253D3710&ceid=f4670fad-0abf-4a84-9cc8-3223d000cf5b&dtycbr=97305

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-dmwr72QFKd-CVnaU7oVNbDym-G45gpxfy8IZeQ&google_cm&google_hm=ay1kbXdyNzJRRktkLUNWbmFVN29WTmJEeW0tRzQ1Z3B4Znk4SVplUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dmwr72QFKd-CVnaU7oVNbDym-G45gpxfy8IZeQ&google_gid=CAESEIeOMPN0lKDFsR7yePvsmbk&google_cver=1&google_ula=913071,0

Request Chain 187

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6193695566076172175

Request Chain 188

https://secure.adnxs.com/setuid?entity=52&code=k-J8VRkmQFKd-CVnaU7oVNbDym-G6HUqoo0rZKEw HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-J8VRkmQFKd-CVnaU7oVNbDym-G6HUqoo0rZKEw

Request Chain 199

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KL7GAWQFKd-CVnaU7oVNbDym-G7paoKqqzvJxQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KL7GAWQFKd-CVnaU7oVNbDym-G7paoKqqzvJxQ&C=1

Request Chain 200

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=szbhLyvjFBopUrTj9_qUj7qLYHpDsuOE HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=szbhLyvjFBopUrTj9_qUj7qLYHpDsuOE

Request Chain 201

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-a4sEzGQFKd-CVnaU7oVNbDym-G5bbzTAZ3Skiw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-a4sEzGQFKd-CVnaU7oVNbDym-G5bbzTAZ3Skiw

Request Chain 263

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=p1CIbBcQicGX0tZEoe3CLd9205BzptRt

Request Chain 273

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=x8O6ZtoQ2AvwxMxzps5uezQWoAD4C-ME

303 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
getcreditsecrets.net/
Redirect Chain

https://queenofcreditscores.com/
https://getcreditsecrets.net/?deal=success

36 KB
9 KB

82ms
11ms

Document
text/html

148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

9bac7fb8ed7afa7242d70381ac4e83585191cffade0809d5e1f767cfcc7c248d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 11 Aug 2023 01:05:27 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-presslabs-stats: HIT; desktop
x-request-id: 66407c78f2920bf49fe30dda778bae02
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 11 Aug 2023 01:04:46 GMT
location: https://getcreditsecrets.net/?deal=success
pragma: no-cache
x-content-type-options: nosniff
x-powered-by: Short.io link shortener
x-ratelimit-limit: 100
x-ratelimit-remaining: 100
x-ratelimit-reset: 1691715960

GET
H2 200 reset.css
getcreditsecrets.net/vsl/css/ 1 KB
972 B 12ms
11ms Stylesheet
text/css 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://getcreditsecrets.net/vsl/css/reset.css

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-444"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 25e07c00893398bd9671e5c37a3a2e4a
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
881 B 91ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 23:48:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Aug 2023 01:05:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 89ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,500,600,700&display=swap

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b8669d169d54c6ccae97048c541a28be34236b0c1af963d89b051f1a25b44d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 23:39:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Aug 2023 01:05:27 GMT

GET
H2 200 bootstrap.min.css
getcreditsecrets.net/vsl/css/ 118 KB
25 KB 12ms
11ms Stylesheet
text/css 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://getcreditsecrets.net/vsl/css/bootstrap.min.css

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-1d970"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 25e07c00893398bd9671e5c37a3a2e4a
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 70ms
40ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 9702108
cdn-cachedat: 11/18/2022 06:18:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: be050c61329891fb4ef880afd785a1b0
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7f4c9203496b3688-FRA
cdn-requestpullsuccess: True

GET
H2 200 style.css
getcreditsecrets.net/vsl/css/ 59 KB
13 KB 25ms
24ms Stylesheet
text/css 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://getcreditsecrets.net/vsl/css/style.css?t=1.1.1

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

bc343a54cc596c6ef6f89a9eec0dd5531c8465a1412c0ea26052f54be50a636f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-ec1d"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 25e07c00893398bd9671e5c37a3a2e4a
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 edit.css
getcreditsecrets.net/vsl/css/ 24 KB
6 KB 26ms
25ms Stylesheet
text/css 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://getcreditsecrets.net/vsl/css/edit.css

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

17c5d01c8aa053a6bd774804fdbf9172115d690ca9f991e896f7ed232fe0a5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-5fe4"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 25e07c00893398bd9671e5c37a3a2e4a
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
maps.google.com/maps/api/ 211 KB
70 KB 105ms
45ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyBgbu1wMY8oJ9rjXTUiqTr9puEi6qU25SI

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

21db150bafe4774375b96c3edb018838750a23ed7c967d51044cc6fc079dd422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71777
x-xss-protection: 0

GET
H2 200 everflow.js Show response
www.lhn0etrk.com/scripts/sdk/ 31 KB
9 KB 205ms
113ms Script
text/javascript 35.244.234.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lhn0etrk.com/scripts/sdk/everflow.js
Requested by: Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.234.248 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 248.234.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c9191dba6c5e3835751f01cfd3051d334baba94d67cfa690276f70b77f9b8c30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: df938127-2178-489a-bb36-0fce85d3d833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 hl2.png
getcreditsecrets.net/vsl/images/ 31 KB
30 KB 22ms
16ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/hl2.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

289d1db682c6270fd1fe93b1c973727b1bf00a225cff8d30a75557582b432773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-7a31"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 622ed9629809558bd47359a118c92b22
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 j159tjbxuo.jsonp Show response
fast.wistia.com/embed/medias/ 12 KB
5 KB 80ms
23ms Script
application/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/j159tjbxuo.jsonp

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b1bd7e3e7efc0b8c44a898c57b9a749616561af26f89b9fee18833312403e5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 6be13380bf1ffb443d50fc21eba30b30.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 160734
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 128
content-length: 4363
x-request-id: 39c62e5b-44a2-4ea2-94e4-39ade9cabbc9
x-served-by: cache-iad-kcgs7200022-IAD, cache-fra-eddf8230115-FRA
x-runtime: 0.124563
x-browser-version: 115
server: envoy
x-timer: S1691715928.783409,VS0,VE1
etag: W/"b1bd7e3e7efc0b8c44a898c57b9a7496"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: dd9zI3s4aElXV9TAs3ZhTfrIpH5a3TkOSmZg4y8zXKTiJxb0FWvBoA==
x-cache-hits: 11, 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 717 KB
123 KB 64ms
7ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8877146f9852208b86f8bb56d44aac64b22ae576eff01cb6aeaef85f3f4ebe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1651
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 125362
x-served-by: cache-iad-kcgs7200056-IAD, cache-fra-eddf8230115-FRA
x-browser-version: 115
last-modified: Thu, 10 Aug 2023 20:36:57 GMT
server: AmazonS3
x-timer: S1691715928.783497,VS0,VE0
etag: "3b40d3d06a4d0dcbcf27c49cf3b34e0f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c3370338c2ca51103cf00619f7a12453c427b010
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13, 43

GET
H2 200 headline-short-fs.png
getcreditsecrets.net/vsl/images/ 373 KB
373 KB 23ms
16ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/headline-short-fs.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

bf9ef0a82a9d99630f6043f3f3cb6dbcbb98f818f16ffab9eef6968e16ff4113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-5d52f"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 622ed9629809558bd47359a118c92b22
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 order-form-ttl.png
getcreditsecrets.net/vsl/images/ 10 KB
10 KB 39ms
33ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/order-form-ttl.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

3275df2b5884f5ac10dd566eb8db449ce777dd7374224737742d3c4518b229bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-2845"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 622ed9629809558bd47359a118c92b22
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rms.png
getcreditsecrets.net/vsl/images/ 13 KB
13 KB 39ms
33ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/rms.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

ff4ed2c5883af741384d7b034e495eb0c040d567e9a3c1d0ec5bbdf9d0bd014a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-32c4"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 622ed9629809558bd47359a118c92b22
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader1.gif
getcreditsecrets.net/vsl/images/ 7 KB
7 KB 39ms
33ms Image
image/gif 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/loader1.gif

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

d3bf6d29392571243836f2345d61aa9e3f63f8fd24275a9c6b00398d8791774a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
x-content-type-options: nosniff
content-length: 6829
x-xss-protection: 1; mode=block
x-request-id: 622ed9629809558bd47359a118c92b22
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: "64be8261-1aad"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age = 315360000
accept-ranges: bytes
x-cache-groups: assets
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 security.png
getcreditsecrets.net/vsl/images/ 11 KB
11 KB 39ms
34ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/security.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

d0f6ab7e8e761975927a3449ee69bcdda201f8683309aba6dfc6b0479a4bf0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-2ac1"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 622ed9629809558bd47359a118c92b22
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featured-on-icon1.png
getcreditsecrets.net/vsl/images/ 4 KB
4 KB 40ms
34ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/featured-on-icon1.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

06a24ee7edf4326337bd4fb6abd5173b5c98c3d3cc257e453406cfc23812fcbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-f03"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 622ed9629809558bd47359a118c92b22
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featured-on-icon2.png
getcreditsecrets.net/vsl/images/ 3 KB
3 KB 40ms
34ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/featured-on-icon2.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

c7036b7c79a900d0b8f511b0a461f51dee459b6a58d9ac12f1003740827b94fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-cde"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featured-on-icon3.png
getcreditsecrets.net/vsl/images/ 5 KB
5 KB 40ms
35ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/featured-on-icon3.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

e92bf0876825d17507874f18e98c576bddc5d158b8e5f61880a0b7c12790620f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-1353"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featured-on-icon4.png
getcreditsecrets.net/vsl/images/ 4 KB
4 KB 40ms
35ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/featured-on-icon4.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

d6cc19d3b6c530344c573a7dd7dcb625ceab4f186533d06b94cd4e2256767798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-f0f"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featured-on-icon5.png
getcreditsecrets.net/vsl/images/ 3 KB
3 KB 40ms
35ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/featured-on-icon5.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

bcf1c5cf09bc329f4b036e778ce1753e3a9390e811cf3b2c7e367bb8cecbce81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-c31"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 books-1.png
getcreditsecrets.net/vsl/images/ 22 KB
22 KB 40ms
36ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/books-1.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

dc413ec02755f98e42351bed44e5cdcc4be3fa22cb8bece0a2f23a4aa2d159a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-57d4"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vidbox.png
getcreditsecrets.net/vsl/images/ 26 KB
27 KB 41ms
36ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/vidbox.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

5e968a349dd81eaaa0ff2faa45900afeeed53feba42e4ed89aadfe8907982a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-6908"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-family-A.jpg
getcreditsecrets.net/vsl/images/ 471 KB
471 KB 43ms
38ms Image
image/jpeg 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/1-family-A.jpg

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

4aea5a8fc5cdf8175f192f9717bdc364bbf8ac9fc9dd2468722386e6f216a04e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
x-content-type-options: nosniff
content-length: 481817
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: "64be8261-75a19"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age = 315360000
accept-ranges: bytes
x-cache-groups: assets
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-family-B.jpg
getcreditsecrets.net/vsl/images/ 449 KB
450 KB 43ms
38ms Image
image/jpeg 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/1-family-B.jpg

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

31e61b1d103d593ae11e1e690f2c9322b08f7e83c81f39819d890d15e5775bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
x-content-type-options: nosniff
content-length: 459987
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: "64be8261-704d3"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age = 315360000
accept-ranges: bytes
x-cache-groups: assets
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-family-C.jpg
getcreditsecrets.net/vsl/images/ 458 KB
459 KB 43ms
38ms Image
image/jpeg 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/1-family-C.jpg

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

5ff00bd48a27ef70080829a7c61412ca64a37e759c1b83becbaf90e979b7eec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
x-content-type-options: nosniff
content-length: 468834
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: "64be8261-72762"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age = 315360000
accept-ranges: bytes
x-cache-groups: assets
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 14:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 14:17:52 GMT

GET
H2 200 bootstrap.min.js Show response
getcreditsecrets.net/vsl/js/ 36 KB
10 KB 26ms
26ms Script
application/javascript 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://getcreditsecrets.net/vsl/js/bootstrap.min.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-90b5"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 622ed9629809558bd47359a118c92b22
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.js Show response
getcreditsecrets.net/vsl/js/ 621 B
978 B 27ms
26ms Script
application/javascript 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://getcreditsecrets.net/vsl/js/custom.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

7b5b37c131b1498218d8b156c88c070a20acfaa7ac8fd746fa2f34ff8436c8ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
x-content-type-options: nosniff
content-length: 621
x-xss-protection: 1; mode=block
x-request-id: 622ed9629809558bd47359a118c92b22
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: "64be8261-26d"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age = 315360000
accept-ranges: bytes
x-cache-groups: assets
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.maskedinput.min.js Show response
getcreditsecrets.net/vsl/js/ 4 KB
2 KB 22ms
17ms Script
application/javascript 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://getcreditsecrets.net/vsl/js/jquery.maskedinput.min.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-10e4"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 622ed9629809558bd47359a118c92b22
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
359 B 60ms
22ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyBgbu1wMY8oJ9rjXTUiqTr9puEi6qU25SI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://getcreditsecrets.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 track.js Show response
d3os7c1voccrkz.cloudfront.net/ 860 KB
223 KB 544ms
471ms Script
application/javascript 2600:9000:223f:4400:f:a14c:a8c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3os7c1voccrkz.cloudfront.net/track.js?v=2
Requested by: Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4400:f:a14c:a8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8619f4204b5cf79535c3be2b98d3c85ac4d1d0832c06da7723afd2092ce72fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:29 GMT
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 15:13:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: W/"4302cfb010716dcf1f6fb217f172cb34"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: k9P9EAeuDLUj3BXc2Uu5_VkJ6lvY455PZ-hP6Ef77U9r0znNjKSEGA==

GET
H2 200 Ja2THbW2Q1M Show response
www.youtube.com/embed/ Frame BF84 79 KB
33 KB 164ms
111ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f68e531718065514cf31e7eecd1e3162cf79b5507a1d4c018d57ba4bb058682b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getcreditsecrets.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 01:05:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 order-form-ttl.png
getcreditsecrets.net/vsl/images/ 10 KB
10 KB 42ms
39ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/order-form-ttl.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

3275df2b5884f5ac10dd566eb8db449ce777dd7374224737742d3c4518b229bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-2845"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rms.png
getcreditsecrets.net/vsl/images/ 13 KB
13 KB 42ms
39ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/rms.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

ff4ed2c5883af741384d7b034e495eb0c040d567e9a3c1d0ec5bbdf9d0bd014a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-32c4"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader1.gif
getcreditsecrets.net/vsl/images/ 7 KB
7 KB 42ms
39ms Image
image/gif 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/loader1.gif

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

d3bf6d29392571243836f2345d61aa9e3f63f8fd24275a9c6b00398d8791774a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
x-content-type-options: nosniff
content-length: 6829
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: "64be8261-1aad"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age = 315360000
accept-ranges: bytes
x-cache-groups: assets
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 security.png
getcreditsecrets.net/vsl/images/ 11 KB
11 KB 42ms
39ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/security.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

d0f6ab7e8e761975927a3449ee69bcdda201f8683309aba6dfc6b0479a4bf0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/?deal=success
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-2ac1"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main_body_bg.jpg
getcreditsecrets.net/vsl/images/ 13 KB
13 KB 34ms
33ms Image
image/jpeg 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/main_body_bg.jpg

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/vsl/css/style.css?t=1.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

e96996a58c4db49d96bff0ef94b3f4704dca3854f1b713fe143023ed3309f001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/vsl/css/style.css?t=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
x-content-type-options: nosniff
content-length: 13282
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: "64be8261-33e2"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age = 315360000
accept-ranges: bytes
x-cache-groups: assets
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 form-medal.png
getcreditsecrets.net/vsl/images/ 4 KB
4 KB 34ms
33ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/form-medal.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/vsl/css/style.css?t=1.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

9d68204b7936a771c0edd34b35e53e274b42f560ef4e30937fa3100bfa240805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/vsl/css/style.css?t=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-1064"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 email.png
getcreditsecrets.net/vsl/images/ 146 B
146 B 156ms
156ms Image
text/html 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/email.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/vsl/css/edit.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/vsl/css/edit.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
x-content-type-options: nosniff
server: nginx
x-presslabs-stats: MISS; MISS;;
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,GET,POST,OPTIONS
content-type: text/html
vary: Accept-Encoding
access-control-expose-headers: Content-Length,Content-Range,X-WP-Total,X-WP-TotalPages,Link
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-WP-Nonce
content-length: 146
x-xss-protection: 1; mode=block
x-request-id: 2ae0962f84862db386c12e2be5ab366a

GET
H2 200 dropdown-arrow.png
getcreditsecrets.net/vsl/images/ 151 B
499 B 33ms
33ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/dropdown-arrow.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/vsl/css/style.css?t=1.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

a71c748edf69e69e7457cd712c09d67c3e53ef46a5b0ac1bc280a559c45b130b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/vsl/css/style.css?t=1.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
x-content-type-options: nosniff
content-length: 151
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: "64be8261-97"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
accept-ranges: bytes
x-cache-groups: assets
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 check-list.png
getcreditsecrets.net/vsl/images/ 2 KB
2 KB 33ms
33ms Image
image/png 148.251.128.81
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://getcreditsecrets.net/vsl/images/check-list.png

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/vsl/css/edit.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.128.81 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

edge.presslabs.net

Software

nginx /

Resource Hash

4026f4ffc5edb96d122cc7d41856c93b04faa2430f5ee0d352e69a5456d76266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/vsl/css/edit.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 13:53:37 GMT
server: nginx
etag: W/"64be8261-66e"
x-presslabs-cache: HIT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-cache-groups: assets
x-xss-protection: 1; mode=block
x-request-id: 331454ddff03ebeab3331734baffa499
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 98ms
55ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 553352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 15:22:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 60ms
17ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 473288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 99ms
56ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 513018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 02:35:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 60ms
18ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 593915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 04:06:52 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/4eae42b1/ Frame BF84 381 KB
48 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fb7120979b79e0a6a533d36b67a46b217feef83f4ff49cd765abf42556047d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 23:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49057
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Aug 2024 23:22:13 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/ Frame BF84 41 KB
13 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d81dd50d0c3e6347ba625e469681e8e19d4a8144d1cde13ccd01514a6aa2d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 16:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 289012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13034
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Aug 2024 16:48:35 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/ Frame BF84 312 KB
94 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce04d0926e3aa679682b9a0e90a44742c1efa4dc06b3105116118242db22de42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 00:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95742
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 10 Aug 2024 00:53:44 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/ Frame BF84 2 MB
2 MB 30ms
30ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f97bb1d8931c5312339957ee36f99467f0539ec6dd0fbb969967c456e14cc36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 06:30:02 GMT
x-content-type-options: nosniff
age: 153325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2435352
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Aug 2024 06:30:02 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4eae42b1/fetch-polyfill.vflset/ Frame BF84 9 KB
3 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 00:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 10 Aug 2024 00:31:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF84 15 KB
15 KB 14ms
12ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 08:35:58 GMT
x-content-type-options: nosniff
age: 491369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 08:35:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF84 15 KB
15 KB 17ms
15ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:38:49 GMT
x-content-type-options: nosniff
age: 588398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:38:49 GMT

GET
H2 200 captions.js Show response
fast.wistia.com/assets/external/ 161 KB
33 KB 12ms
11ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

90b8e8f8fa0826107195aa91ef63285976ed00f37f37de2b358d7d227d32f20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1651
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 33590
x-served-by: cache-iad-kjyo7100042-IAD, cache-fra-eddf8230115-FRA
x-browser-version: 115
last-modified: Thu, 10 Aug 2023 20:36:57 GMT
server: AmazonS3
x-timer: S1691715928.016707,VS0,VE0
etag: "f2fbd820b4dc753fd775e6b59ca50afc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c3370338c2ca51103cf00619f7a12453c427b010
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 4

GET
H2 200 j159tjbxuo.json Show response
fast.wistia.com/embed/captions/ 13 KB
5 KB 233ms
215ms Fetch
application/json 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/j159tjbxuo.json

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

52bd8782a93d9a468a75291c43902fd90b4a03956a32660eae72ce98e32dbb9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 8c2d8173834c027e5769f3d8c17c18f8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 0
x-cache: Miss from cloudfront, MISS, MISS
x-envoy-upstream-service-time: 104
content-length: 4760
x-request-id: 1a49d6be-457b-4fa2-b850-9e0977838b2f
x-served-by: cache-iad-kcgs7200047-IAD, cache-fra-eddf8230020-FRA
x-runtime: 0.101687
x-browser-version: 115
server: envoy
x-timer: S1691715928.072151,VS0,VE209
etag: W/"52bd8782a93d9a468a75291c43902fd9"
vary: Accept-Encoding,X-Forwarded-Proto
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: EluxTIK-mxSO7Dlp74APD---sthXXNNubTANgWuSaJ7p_otYYnfOng==
x-cache-hits: 0, 0

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 45 KB
18 KB 17ms
10ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3d653cf287a3212e8c5f8d68f2af6563d062b2aaf37348d0b1c5c1798dc22a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://getcreditsecrets.net/
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1650
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18267
x-served-by: cache-iad-kjyo7100027-IAD, cache-fra-eddf8230020-FRA
x-browser-version: 115
last-modified: Thu, 10 Aug 2023 20:36:57 GMT
server: AmazonS3
x-timer: S1691715928.072245,VS0,VE0
etag: "9273139b4f23d8c9635da27dfe1931ba"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c3370338c2ca51103cf00619f7a12453c427b010
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8, 6

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 473 KB
115 KB 8ms
7ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

071efa07b0d6e464d38022115bdd7a5ba0716ca16b4e915fe121c5ee67f1b5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://getcreditsecrets.net/
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1650
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117752
x-served-by: cache-iad-kiad7000130-IAD, cache-fra-eddf8230020-FRA
x-browser-version: 115
last-modified: Thu, 10 Aug 2023 20:36:57 GMT
server: AmazonS3
x-timer: S1691715928.090884,VS0,VE0
etag: "e3cc301bb1baaa86e90cea6e41420668"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c3370338c2ca51103cf00619f7a12453c427b010
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 14

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame BF84
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

33ms
33ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b79795aa5c740a0f230a5fc7a0fdede829b6fb60901f7a796d0c97350451737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 11 Aug 2023 01:05:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame BF84 29 B
495 B 54ms
14ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 00:58:45 GMT
x-content-type-options: nosniff
age: 403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 01:13:45 GMT

GET
H2 200 j159tjbxuo.m3u8 Show response
fast.wistia.com/embed/medias/ 1 KB
2 KB 13ms
12ms XHR
application/x-mpegurl 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/j159tjbxuo.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

6a58546cb940d230111d3c27196baa14363086f5b1deb9592cca0a9b3b32e3b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
via: 1.1 9a7c700290cf80b3334e7dcd07bfe44a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 199669
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 28
content-length: 1139
x-request-id: 1feaee4e-ab9f-4e56-9f92-9fe97e1d171d
x-served-by: cache-iad-kcgs7200084-IAD, cache-fra-eddf8230020-FRA
x-runtime: 0.027032
x-browser-version: 115
server: envoy
x-timer: S1691715928.200434,VS0,VE1
etag: W/"6a58546cb940d230111d3c27196baa14"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: LsKYcZx7gQeGtOGsJ7mVSbowEE4pwPRN-5aviquG7XWFo8QO4hNGDA==
x-cache-hits: 791, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
1 KB 7ms
7ms Image
image/gif 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://getcreditsecrets.net/
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2921
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100021-IAD, cache-fra-eddf8230020-FRA
x-browser-version: 115
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1691715928.200921,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8271863, 26

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 76ms
22ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 11 Aug 2023 01:05:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BF84 68 KB
31 KB 32ms
31ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5de238031343d4bbbfd89d75b58e83948448ae693652965e0ba58d244fde6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31756
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/ Frame BF84 116 KB
33 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c0c7a720767f4ab7eb096007bfcbd574cf82430488e2c0901694400eafcf66a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 16:48:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 289014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33704
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Aug 2024 16:48:34 GMT

GET
H2 200 fnNuEzs24mRQlbK21DZtKV22nMH7X01sNng58lRaPJg.js Show response
www.google.com/js/th/ Frame BF84 38 KB
15 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/fnNuEzs24mRQlbK21DZtKV22nMH7X01sNng58lRaPJg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e736e133b36e2645095b2b6d4366d295db69cc1fb5f4d6c367839f2545a3c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 01:01:48 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/Ja2THbW2Q1M/ Frame BF84 2 KB
3 KB 64ms
26ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Ja2THbW2Q1M/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac626297dfb1e38d2b1bcf8962caf6e9efe3d6abaa787b1446e6d5aca45f8cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
x-content-type-options: nosniff
server: sffe
etag: "1508404881"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2456
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 11 Aug 2023 03:05:28 GMT

GET
H2 200 043d209654d02d158ce0f2ee42edc3964feb2581.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 14 KB
14 KB 77ms
15ms XHR
application/vnd.apple.mpegurl 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/043d209654d02d158ce0f2ee42edc3964feb2581.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 7d94bce93f7bfcd1bf104dde3faee0722c22620c012a2aa9c3fc7539c010534c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:16 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456012
edge-cache-tag: 043d209654d02d158ce0f2ee42edc3964feb2581-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 84
content-length: 14068
surrogate-key: 043d209654d02d158ce0f2ee42edc3964feb2581-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZEKDRWWLUX_xPmDl_LGoPkqqLaxwQhPZthqjVEKv47HkOQSdblUyBw==
expires: Sun, 04 Aug 2024 18:25:16 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame BF84 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Xx_Svg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame BF84 4 KB
2 KB 71ms
33ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 01:05:28 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BF84 90 B
134 B 32ms
31ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5784476a2395f70902fb329da66da8ed69a5ff2ba8280c1331373e4106c256a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 24ms
24ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 11 Aug 2023 01:05:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 seg-1-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/043d209654d02d158ce0f2ee42edc3964feb2581.m3u8/ 553 KB
554 KB 13ms
13ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/043d209654d02d158ce0f2ee42edc3964feb2581.m3u8/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: fb5bc8da06689a8cf4d1f7a456dfbd7b1f848c3b908fea1a895d07f76d22690a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:17 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456011
edge-cache-tag: 043d209654d02d158ce0f2ee42edc3964feb2581-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 65
content-length: 565880
surrogate-key: 043d209654d02d158ce0f2ee42edc3964feb2581-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: HjlnRZzEXJMRjVGmb_jpffxbluOcx-kGavZp7lIINn64qcu7lTDMtw==
expires: Sun, 04 Aug 2024 18:25:17 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/115/ Frame BF84 51 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/115/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 02:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 15 May 2023 15:08:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 11 Aug 2023 02:33:37 GMT

GET
H2 200 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8 Show response
embed-cloudfront.wistia.com/deliveries/ 14 KB
14 KB 14ms
13ms XHR
application/vnd.apple.mpegurl 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 128b08c1b43f7ca089c66a62966fc3a4cdec30479d6c31a54c32bd087545dbf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:17 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456011
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 173
content-length: 14068
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: d1of-RX0QHdkkOEmwJtWrXB9LOXvUfE-vTDbcc8VuhaajDKFfjkkEg==
expires: Sun, 04 Aug 2024 18:25:17 GMT

GET
H2 200 seg-2-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 294 KB
295 KB 13ms
13ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-2-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 602abac3ef7117d37d44b1d775708c66007efd0f697ce35a4037d01fc7da2214

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:17 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456011
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 63
content-length: 301176
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wnmpgwtIbjEGrJiaEe4FHkKZNsuuyhdmFtgvwSBGhfwmRatiMX-udQ==
expires: Sun, 04 Aug 2024 18:25:17 GMT

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 938a19aa964680c64c663d113e941222a537fbc54e315382fdc6569bf088ac21

Request headers

Referer
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 j159tjbxuo.m3u8 Show response
fast.wistia.net/embed/captions/ 195 B
840 B 31ms
8ms XHR
application/x-mpegurl 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/j159tjbxuo.m3u8?language=eng

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

4a02a307f66b630c33aaf1dabba97f0a8502653a517e503addaf23bfe072b6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
via: 1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 28829
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 24
content-length: 195
x-request-id: 4e5d6fda-e70c-42ef-937b-7786ea042423
x-served-by: cache-iad-kiad7000069-IAD, cache-fra-eddf8230036-FRA
x-runtime: 0.022106
x-browser-version: 115
server: envoy
x-timer: S1691715929.625472,VS0,VE1
etag: W/"4a02a307f66b630c33aaf1dabba97f0a"
vary: Accept-Encoding,X-Forwarded-Proto
content-type: application/x-mpegURL; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jYiZcKM6_YfYlMa4T1cGUeoqHmeINLzhgZq4p9D1gDdIV4Mht2CCzQ==
x-cache-hits: 349, 1

GET
H2 200 seg-3-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 420 KB
421 KB 12ms
11ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-3-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 81ee68c69ef7ec91029b1d80c7190b6cd68e1924356d884e397a67668a7ce2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:18 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456010
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 56
content-length: 430520
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: buf2cG0wEU19WyNWRvjhnnQsQpkvrLscA3Ty3Ro_3z7J_y4VLis7vg==
expires: Sun, 04 Aug 2024 18:25:18 GMT

GET
H2 200 j159tjbxuo.vtt Show response
fast.wistia.net/embed/captions/ 11 KB
12 KB 17ms
17ms XHR
text/vtt 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/j159tjbxuo.vtt?language=eng

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d5d5874f77af2c6260187a1dea1f8c77fcac82e19f7f71f60ed4c99cd78e8721

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
via: 1.1 9b00405a1ff669043791884b75822050.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 31022
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 98
content-length: 11704
x-request-id: 6a935c00-517f-4770-9ef4-a2a5fcab9edd
x-served-by: cache-iad-kjyo7100088-IAD, cache-fra-eddf8230036-FRA
x-runtime: 0.096222
x-browser-version: 115
server: envoy
x-timer: S1691715929.635847,VS0,VE9
etag: W/"d5d5874f77af2c6260187a1dea1f8c77"
vary: Accept-Encoding,X-Forwarded-Proto
content-type: text/vtt; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 080QKLRo0_I-W9BZ6Qcj1mupkNna0aWUYsNWwPMwNfodDyIaneZuOA==
x-cache-hits: 75, 1

GET
H2 200 seg-4-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 620 KB
621 KB 13ms
12ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-4-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: be2dd52904f6ca2e12dc5c30cc4ab022312dd6a6244e79b6693edcd6692d89f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:19 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456009
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 156
content-length: 635064
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Dy8fcaO8KulwLnQmBS9u7L71-4DrFnvCHMMHehR4ZWzeE8Vmz220Yw==
expires: Sun, 04 Aug 2024 18:25:19 GMT

GET
H2 200 seg-5-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 473 KB
474 KB 12ms
12ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-5-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 9d7886b366e43a9ff360fa7a58e270a7f23d090b13df446a0f32c0f72c0b2276

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:20 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456008
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 55
content-length: 484664
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CVg0dZqcZjGG24OoTLzT8D4Xr1DwBLNYJ4I2qKkytP32n6pwtaA98g==
expires: Sun, 04 Aug 2024 18:25:20 GMT

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 79 KB
21 KB 9ms
8ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

28446c8e467f56e3f6d4636b5e640961f22a439f1c13ff09c4fd467dbfc1000f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://getcreditsecrets.net/
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1652
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 20973
x-served-by: cache-iad-kiad7000079-IAD, cache-fra-eddf8230020-FRA
x-browser-version: 115
last-modified: Thu, 10 Aug 2023 20:36:57 GMT
server: AmazonS3
x-timer: S1691715929.817176,VS0,VE0
etag: "f2cfc3a0eacd692295d2f9b5d67606b6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c3370338c2ca51103cf00619f7a12453c427b010
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 18

POST
H2 204 x
distillery.wistia.com/ 0
0 314ms
93ms Fetch 34.232.107.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.232.107.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-107-162.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://getcreditsecrets.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 01:05:29 GMT
cache-control: max-age=0, private, must-revalidate

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 316ms
95ms Fetch
text/plain 34.239.79.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.239.79.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-79-61.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://getcreditsecrets.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 01:05:29 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 seg-6-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 271 KB
271 KB 13ms
13ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-6-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 990e42a6564ebbaed7e4a3b913b9106f10c4b30d7d73e0bf5efd450c2ce81c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:17:50 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 107258
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 203
content-length: 277112
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: aiJ5rUSoHr0nZ_XD2aSwbKpmwMuScJ-Gt3xC3OW_0J5ZrJqadc6RLw==
expires: Thu, 08 Aug 2024 19:17:50 GMT

OPTIONS
H/1.1 204
No Content visitoractivities
core.thedatabot.com/api/v1/ Frame 0
0 368ms
130ms Preflight 34.235.217.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://core.thedatabot.com/api/v1/visitoractivities
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.217.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-217-206.compute-1.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://getcreditsecrets.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: close
Date: Fri, 11 Aug 2023 01:05:29 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 201
Created visitoractivities Show response
core.thedatabot.com/api/v1/ 14 KB
14 KB 433ms
244ms XHR
application/json 34.235.217.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://core.thedatabot.com/api/v1/visitoractivities
Requested by: Host: d3os7c1voccrkz.cloudfront.net
URL: https://d3os7c1voccrkz.cloudfront.net/track.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.217.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-217-206.compute-1.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: c75799ae286708d2a3811bab758459aabdf830f8cd921f2c4e93f6f662c0ec3f

Request headers

Accept: application/json, text/plain, */*
Referer: https://getcreditsecrets.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 11 Aug 2023 01:05:29 GMT
Server: Apache/2.4.52 (Ubuntu)
X-RateLimit-Remaining: 239
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
X-RateLimit-Limit: 240
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
135 B 105ms
105ms Fetch
text/plain 34.239.79.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.239.79.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-79-61.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://getcreditsecrets.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 01:05:29 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 seg-7-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 276 KB
278 KB 15ms
15ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-7-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 62d089e415e6d3b3ceb6b0e2075b40d564aee461b44e9712d7cdd5c17868eb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:20 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456008
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 283128
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: tGhnYTDc8untWadKe06_zezuq1sFAAtsclX8oDXbGKcw1fSAfwe3Ow==
expires: Sun, 04 Aug 2024 18:25:20 GMT

GET
H2 200 seg-8-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 291 KB
292 KB 401ms
401ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-8-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: d20c4c5570adc31ba98518ca8e152e736c9ee2a43ddb114193c5bf31c3027ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:29 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 296
content-length: 298168
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5lyy95hthKYPPY11TTf6JtP_WwCYmTTj2kGg6PWV5si2o-qLi6jOeA==
expires: Sat, 10 Aug 2024 01:05:29 GMT

GET
H2 200 seg-9-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 315 KB
316 KB 14ms
14ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-9-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 0a4f226d50cbe90930addc9c77c732d92f79aefcf7818aff44e864099aea1d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:22 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456007
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 470
content-length: 322232
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: zmiWgMQSqHgix-n1ypgwcjTl4aDk49TyLtpDrHb2yyMLGSFIVe9HHA==
expires: Sun, 04 Aug 2024 18:25:22 GMT

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 23 KB
6 KB 11ms
11ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e0a5df872acd477e9dc58fcae321903aacc4a9ae494ffd50a564d66b97d9f5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://getcreditsecrets.net/
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:29 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1652
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5795
x-served-by: cache-iad-kcgs7200171-IAD, cache-fra-eddf8230020-FRA
x-browser-version: 115
last-modified: Thu, 10 Aug 2023 20:36:57 GMT
server: AmazonS3
x-timer: S1691715930.820556,VS0,VE0
etag: "6261d633f12fcf7c1c54c857a24abb83"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: c3370338c2ca51103cf00619f7a12453c427b010
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5, 8

GET
H2 200 seg-10-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 297 KB
298 KB 13ms
12ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-10-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 2433394b69ff29c1ee9230af856dc0fe53c3e497dd486721a0b144aa509eb5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:09:52 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 150937
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 297
content-length: 304184
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: p4-Nwczwz3Ol5B68YbzMdJRjIFkAfzbJbBR1HU6FJrCII_JuKETNUA==
expires: Thu, 08 Aug 2024 07:09:52 GMT

GET
H2 200 seg-11-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 321 KB
321 KB 16ms
15ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-11-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: ed8485219812dde91489058f817bb678a6132a410b23057b6a660e45d5948d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:23 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456006
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
content-length: 328248
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: KzBQpXvM32geTX8b1QFU175qnPUrmQxiDNAn9Mm3miodX1cQori11A==
expires: Sun, 04 Aug 2024 18:25:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 292 KB
99 KB 99ms
51ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M2BQGBR

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dfeb5b8d4f485f9eb4fac971e5c59542c0d3140287ad5c98ed4fd9ceb450117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101295
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Aug 2023 01:05:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
79 KB 83ms
35ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-931625254

Requested by

Host: d3os7c1voccrkz.cloudfront.net
URL: https://d3os7c1voccrkz.cloudfront.net/track.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0887d375a9a37c5f50361119f6d17e24ab5b4eb19b89ffa682fe89455f9e0249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80101
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Aug 2023 01:05:29 GMT

GET
H2 200 rev.js Show response
assets.revcontent.com/master/ 26 KB
10 KB 60ms
10ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/rev.js
Requested by: Host: d3os7c1voccrkz.cloudfront.net
URL: https://d3os7c1voccrkz.cloudfront.net/track.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:29 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 15:23:49 GMT
server: AmazonS3
x-amz-request-id: 0H69XPFT0HD0H031
etag: "46482d4733f3f6c1f93601a6274bc264"
x-hw: 1691715929.cds326.fr8.hn,1691715929.cds262.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 9617
x-amz-id-2: lfZKIpElFemhI9opP02pnzh2orwVWUt7VDd3q5Mu4SCjrHMoCFx3Fl7eGUp5tPUSjeq1MJ8/gfQ=

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 23 KB
7 KB 61ms
20ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 009194e0ef2b6a718d82152d400833d2f9d7e06c6aaf958044338cfa12b69a7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:05:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Aug 2023 10:44:04 GMT
Server: AkamaiNetStorage
ETag: "02857a2ca0299fdbe5e606c998ae8005:1691059659.570401"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7075
Expires: Fri, 11 Aug 2023 01:25:29 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 78ms
23ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 00N64GD5E89445YB
age: 2
x-amz-server-side-encryption: AES256
x-amz-id-2: 29WBRrpFMwez1OppRRxLvC81B2sZhPRABBjdnaUAQBSsBi/dWcdgZXHInwX79NFShsQgdThenQo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 ihh6bvri2z5y.js Show response
js.driftt.com/include/1691716200000/ 213 KB
60 KB 397ms
348ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1691716200000/ihh6bvri2z5y.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

521b858a4fcc33d56f0248f7aa72997c4acf17e0843bbb00e144f8ae41a40f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
x-amz-version-id: Keekb6kZnpYaUsja4pqi_bkfDDfkvdzU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 61
last-modified: Fri, 28 Jul 2023 18:57:24 GMT
server: istio-envoy
etag: W/"eeb61db8ecbbdf93bc87a27f6322a98b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yY7fwFaKfami9VaHqJYBXZi_aBtlbWS_sIVjF9XDyw0h8boVmTbh9A==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 46 KB
15 KB 63ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: d3os7c1voccrkz.cloudfront.net
URL: https://d3os7c1voccrkz.cloudfront.net/track.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14bfa1b53f5beab07b9c1fe255d8430c762f3d96ec928f4d2371e3d352b46f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 Jul 2023 12:38:57 GMT
server: nginx
etag: W/"64c26561-b817"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Aug 2023 01:05:29 GMT

GET
H2 200 universal-script Show response
177758.tracking.hyros.com/v1/lst/ 40 KB
40 KB 320ms
105ms Script
text/javascript 34.194.253.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://177758.tracking.hyros.com/v1/lst/universal-script?ph=42ff6b7dced09a973c829960a622bbdb0bceba7ea26f5ff7051de08a0b91a00a&tag=!tracking
Requested by: Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.253.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-253-69.compute-1.amazonaws.com
Software: /
Resource Hash: 5064acbb1155bfa79558bf63d8b613413a91d24da1874d70840a4c52f01adde8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 40828
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/javascript;charset=ISO-8859-1

GET
H2 200 fpr.js Show response
cdn.firstpromoter.com/ 5 KB
2 KB 63ms
8ms Script
application/javascript 2600:9000:236e:1400:1e:b6b6:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstpromoter.com/fpr.js
Requested by: Host: d3os7c1voccrkz.cloudfront.net
URL: https://d3os7c1voccrkz.cloudfront.net/track.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:1400:1e:b6b6:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 428fefa036de5a227b40945c94be22b37a89516bc6b8a5c0dd09b88e17fd9ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 03:00:50 GMT
content-encoding: gzip
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 04:29:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 79480
etag: W/"d53f26ce71a7333d477b01f52bdade3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: K8_ySG2W93IGZN0l4n1fQavBUIRBtlgshSWftPj9RL1ywvECpfrqkw==

GET
H2 200 seg-12-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 279 KB
280 KB 13ms
13ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-12-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 9dfee1bff906d6398fbf82797ae0eca9ce2dd97ebf457b195619b2824163eacc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:09:54 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 150935
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 154
content-length: 286136
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0wvbgo4RR7MpA10kklNMtgSow1yiM2zsyfsEi7LEMEMdz3ToT2MVsw==
expires: Thu, 08 Aug 2024 07:09:54 GMT

GET
H2 200 seg-13-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 309 KB
310 KB 14ms
14ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-13-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: e4bbb40a93b78a46993330280056e799b669bd522cd5f77d84a228dbcd223525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:24 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456005
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 59
content-length: 316216
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0eCmBK3RcNNW-DZ0m3cdzI4GAqNxRFnyl2BXLhypi-tqyeR0u62mlw==
expires: Sun, 04 Aug 2024 18:25:24 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 363ms
89ms Ping
image/gif 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=07620968856974601&referrer=&cht=gtm&marketerId=005ba0bf9d069528ee89acd224687f6594&name=PAGE_VIEW&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:05:30 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 425e70e80aedc83aed8097b25bfe3e34
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 32 B
217 B 360ms
89ms Script
application/javascript 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=005ba0bf9d069528ee89acd224687f6594
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: ed069a73aa9c7e004ba2483c7daab5396bb64f26265e4d411155d40059503595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: br
X-TraceId: 170700f0c2fb44ef30c029c1c8f3b664
Content-Length: 36
Content-Type: application/javascript

GET
H/1.1 200
OK 005ba0bf9d069528ee89acd224687f6594 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 59ms
17ms Script
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/005ba0bf9d069528ee89acd224687f6594
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:05:30 GMT
Content-Encoding: gzip
ob-sent-time: 1691690114992
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 9fd3f21aa773ef8864017bdb04dcb34d
Content-Length: 22
Expires: Fri, 11 Aug 2023 01:06:30 GMT

POST
H/1.1 200
OK tr Show response
t.firstpromoter.com/ 99 B
856 B 268ms
48ms XHR
application/json 172.104.231.58
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.firstpromoter.com/tr

Requested by

Host: cdn.firstpromoter.com
URL: https://cdn.firstpromoter.com/fpr.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.104.231.58 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

nb-172-104-231-58.fra.nodebalancer.linode.com

Software

nginx / cloud66

Resource Hash

8000140119e336e4a0ab746ff21206ad9311978ccbd2844e24d0be8043b8a622

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getcreditsecrets.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 11 Aug 2023 01:05:30 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Powered-By: cloud66
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 53cec60e-7a7d-40c5-a895-0b7ce1d4577f
X-Runtime: 0.039114
Server: nginx
ETag: W/"8000140119e336e4a0ab746ff21206ad"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate
X-Frame-Options: SAMEORIGIN
Vary: Origin,Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 996C 15 KB
6 KB 95ms
24ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=getcreditsecrets.net&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://getcreditsecrets.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 01:05:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 197258
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 seg-14-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 238 KB
239 KB 14ms
14ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-14-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 82ae581e5e53c0fabf5f1417b86a04822fecc5d7df8bce5d88e8140922c59477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:25 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456005
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 228
content-length: 244024
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9BpoJYD3Pp3tbVDPIAiR9AnkNEHRqa2_97ffYM97tDAlO0jJz4c35Q==
expires: Sun, 04 Aug 2024 18:25:25 GMT

GET
H2 200 10092619.json Show response
s.yimg.com/wi/config/ 2 B
486 B 194ms
148ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10092619.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: H09A0CERQ3JFTVMK
age: 1
content-length: 22
x-amz-id-2: Z1cVVst+GJIQ9dbGhYeZtUp2t0ooBNe3xdhzlZqIwmraYLosdWAd9irfnECKQz1oGU+7kndZB+U=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 seg-15-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 221 KB
221 KB 15ms
15ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-15-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 0adf509b393fd1a0990626e44307ec895184f9a3718fc2e284075539fe0b87ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:25 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456005
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 60
content-length: 225976
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 2PaO8Q_7ImEqL6pfHvA76aWtMVv_hC3nQCtEZZg6oZyHctQ9SKgY7w==
expires: Sun, 04 Aug 2024 18:25:25 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/931625254/ 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/931625254/?random=1691715930055&cv=11&fst=1691715930055&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&hn=www.googleadservices.com&frm=0&tiba=Credit%20Secrets&auid=1742924343.1691715930&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-931625254

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5107cc26a01a677b58bbf027ffacdb23b2d96dd93e1cf93d54fa1f1e01718c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 56ms
14ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2BQGBR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Aug 2023 23:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4867
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 11 Aug 2023 01:44:23 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/931625254/ 3 KB
1 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/931625254/?random=1691715930105&cv=11&fst=1691715930105&bg=ffffff&guid=ON&async=1&gtm=45He3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&hn=www.googleadservices.com&frm=0&tiba=Credit%20Secrets&auid=1742924343.1691715930&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2BQGBR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71aa681da14918a139b74037bef5c2368658ae3d80ceb7e2694752c26782ea02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1310
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1243026/ 58 KB
18 KB 221ms
194ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1243026/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2BQGBR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f28bac589311c93815c1d93a953123bc976d62e79a6c6632659c13404022421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: XuR3hgnPCW.ytV_a17AtMQHd3b15Ag.X
content-encoding: gzip
via: 1.1 varnish
date: Fri, 11 Aug 2023 01:05:30 GMT
x-amz-request-id: RSEP6XBQMNJV6048
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18368
x-amz-id-2: pZ6mIygYAOUuMqTwrXBteoqAzoGD6eTmhiqJdOv9EmFPYRhBJgfRGnDEmHsSka9MiD2pT6/4eP0=
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Mon, 31 Jul 2023 08:54:54 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691715930.141334,VS0,VE186
etag: "13a304b3014450a9473cd6fab670f4d1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 27
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 32ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Aug 2023 01:05:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: yx4r5OCTviAZe17H5aHqkFhvZiiDdM/OO/Uwf4D+K65gdgAGTShYGalNKMW7fZh9GFGvgRvmbmdLUbluiYTOcw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK connect-retarget.js Show response
connectio.s3.amazonaws.com/ 8 KB
8 KB 359ms
125ms Script
application/javascript 52.216.102.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connectio.s3.amazonaws.com/connect-retarget.js?v=1.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2BQGBR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.102.59 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d3fbca2e62ceacfc96a6873cdebaa1caad96d023170969dde87f193ae9ebe319

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:05:31 GMT
Last-Modified: Fri, 02 Apr 2021 14:06:26 GMT
Server: AmazonS3
x-amz-request-id: H093BZYEDKZ8TJMQ
ETag: "003b844871bbdb340fe58a450e010f85"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8184
x-amz-id-2: i6wE4W6EjxyYK5zlKNsy6Kr1R8vAQU3QnfyjMnmTxJ/4CgTeMH+FN3mUswPcBIgp5qSL67JIvIA=

GET
H/1.1 200
OK code.min.js Show response
d7s870zeth355.cloudfront.net/js/ 1 KB
2 KB 45ms
12ms Script
application/javascript 18.66.121.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d7s870zeth355.cloudfront.net/js/code.min.js
Requested by: Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-121-156.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da3bb5f52d7c5486c6098f350daa32542a535ffcebcacbe226e54cf909451fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 00:36:43 GMT
Via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
Last-Modified: Wed, 05 Oct 2016 15:23:09 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 72304
ETag: "8c81b95c7ba498643302605dba5c87cd"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1102
X-Amz-Cf-Id: NGf6GaW8jQ4dRtAkPxwWjKWYCfffFrHj9AVCIl-QP6qbPbdvdd2P8Q==

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 4 KB
2 KB 79ms
14ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

746dc6d89056f014813d3530199d3018a0f577b14b69fbbcc4672ca4f428e507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Aug 2023 01:05:30 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 154
x-accel-date: 1691715776
x-77-nzt: AZySIYh2bLn/mgAAAA
x-accel-expires: @1691716376
last-modified: Thu, 10 Aug 2023 13:36:25 GMT
server: CDN77-Turbo
etag: W/"64d4e7d9-10f6"
x-77-nzt-ray: f6587a1db35660895a89d564656c400b
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 171 KB
54 KB 89ms
12ms Script
application/javascript 2600:9000:223e:4a00:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:4a00:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
content-encoding: gzip
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-amz-cf-pop: FRA56-P4
age: 3
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
server: AmazonS3
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: uYl7jTBmpk5jxo8IlpMgow8omw4HB7JsXSBTaCSEve-uxVVkLrLrMw==

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 62ms
18ms Script
application/javascript 2606:4700::6810:175e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: getcreditsecrets.net
URL: https://getcreditsecrets.net/?deal=success

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:175e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P2
age: 239
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 7f4c9213dae5bbd4-FRA
x-amz-cf-id: o6N4nVYU29U3mLkzBNLnLI4W6HK-NNSsLT7SIp7HBT0_FzkLNaE_Ow==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
92 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YVX9HJM1JB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2BQGBR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca1095763d4859373c1a3cb7fde2cee2784ec01a43f08f6387bee3f1c1388af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 11 Aug 2023 01:05:30 GMT

GET
H2 200 EventTrackingActiveCampaign
us-central1-gtm-server-377914.cloudfunctions.net/ 10 B
249 B 182ms
129ms Image
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-central1-gtm-server-377914.cloudfunctions.net/EventTrackingActiveCampaign?action=trackEvent&eventName=testing&eventData=Test&contactId=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: gzip
server: Google Frontend
content-type: text/html; charset=utf-8
x-cloud-trace-context: f5aa5c512185154d62bdfee3490efcfb;o=1
cache-control: private
function-execution-id: 68q7rd8wv4p3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame BF84 28 B
54 B 40ms
39ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
X-Goog-Request-Time: 1691715930141
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0
X-YouTube-Client-Version: 1.20230806.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs0VXlTSkkwTmxCZyjXktamBg%3D%3D
X-YouTube-Ad-Signals: dt=1691715928017&flash=0&frm=2&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 11 Aug 2023 01:05:30 GMT

GET
H3 200 Ja2THbW2Q1M Show response
www.youtube.com/embed/ Frame BF84 80 KB
32 KB 81ms
79ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2BQGBR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

702eea1a051794206fa6e78f9ed7d9c7596e142685ce6354903008a6bf75e887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getcreditsecrets.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 01:05:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframe_api Show response
www.youtube.com/ 993 B
516 B 53ms
52ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M2BQGBR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8ae4a37d003da47b51ce6a0fa0138ef9fd77bc560218fe9457f94d8d26aa221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 11 Aug 2023 01:05:30 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 996C
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=getcreditsecrets.net&sn=ChromeSyncframe&so=0&topUrl=getcreditsecrets.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=gT9TW3xkbWhDZndPK08vblNvK1ZrYjN0OWNsTFVrSTZhRUdxTUVNNGJEVGxLTExLbDJ4Szh5ZEFibGFFZ25uWmpPdnE2Um1tcHZOOTh3TFVjZUNESGVDdjV2Rm9tVjZVWTM3eHBQazJCQ2d3L1dpQ0VQaEp5Mk5vWm14bD...

468 B
686 B

79ms
15ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gT9TW3xkbWhDZndPK08vblNvK1ZrYjN0OWNsTFVrSTZhRUdxTUVNNGJEVGxLTExLbDJ4Szh5ZEFibGFFZ25uWmpPdnE2Um1tcHZOOTh3TFVjZUNESGVDdjV2Rm9tVjZVWTM3eHBQazJCQ2d3L1dpQ0VQaEp5Mk5vWm14bDZUNllxZ3h3QVg0NlBpR1FndWtNNjhDT1hyUDZDRTRmMnhHdGdWdzJuNXFlNXl3TGVsUWZQc0gxWXd4QXlaOTJaNFhPVGFZaE9EcE4zejkvTm9DdWlYZzkxLzdxVElWb2c2NEE4SmVVdGFlMVRDVDgxZ2NVWGlKbVJuVGhMRGVlcDJZVnN4akFqZ0U4SFZPZFNqQzZsSm1NeVZZOTRGUzNmcUV3eFQzVmwrNDIyalVmeXd4UT18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c9d7070c305a9eeba9b7995168b15455a5facd3d7aac0c8bd3a891b201bbd96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1147834
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=gT9TW3xkbWhDZndPK08vblNvK1ZrYjN0OWNsTFVrSTZhRUdxTUVNNGJEVGxLTExLbDJ4Szh5ZEFibGFFZ25uWmpPdnE2Um1tcHZOOTh3TFVjZUNESGVDdjV2Rm9tVjZVWTM3eHBQazJCQ2d3L1dpQ0VQaEp5Mk5vWm14bDZUNllxZ3h3QVg0NlBpR1FndWtNNjhDT1hyUDZDRTRmMnhHdGdWdzJuNXFlNXl3TGVsUWZQc0gxWXd4QXlaOTJaNFhPVGFZaE9EcE4zejkvTm9DdWlYZzkxLzdxVElWb2c2NEE4SmVVdGFlMVRDVDgxZ2NVWGlKbVJuVGhMRGVlcDJZVnN4akFqZ0U4SFZPZFNqQzZsSm1NeVZZOTRGUzNmcUV3eFQzVmwrNDIyalVmeXd4UT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 198132
content-length: 0
expires: 0

GET
H2 200 seg-16-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 235 KB
236 KB 19ms
17ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-16-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: b7361293c1b47c479fc3de58ef8d5a774dafb08ca8d632c3e2b0cdd4a1ae4067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:10:12 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 150918
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 56
content-length: 241016
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: NV0a-tMGwKFLloKqLVOUdvy4GifejcEnhMblliMDSXcd1wVYXPUC8A==
expires: Thu, 08 Aug 2024 07:10:12 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/931625254/ 42 B
340 B 27ms
25ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/931625254/?random=1691715930055&cv=11&fst=1691715600000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&frm=0&tiba=Credit%20Secrets&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1069685554&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/931625254/ 42 B
108 B 71ms
28ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/931625254/?random=1691715930055&cv=11&fst=1691715600000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&frm=0&tiba=Credit%20Secrets&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1069685554&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/931625254/ 42 B
108 B 25ms
25ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/931625254/?random=1691715930105&cv=11&fst=1691715600000&bg=ffffff&guid=ON&async=1&gtm=45He3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&frm=0&tiba=Credit%20Secrets&fmt=3&is_vtc=1&random=1678677663&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/931625254/ 42 B
455 B 40ms
26ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/931625254/?random=1691715930105&cv=11&fst=1691715600000&bg=ffffff&guid=ON&async=1&gtm=45He3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&frm=0&tiba=Credit%20Secrets&fmt=3&is_vtc=1&random=1678677663&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 241965936397399 Show response
connect.facebook.net/signals/config/ 383 KB
109 KB 85ms
84ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/241965936397399?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25149bd4ed96d10d75010c6894f84202c902a1452f761be7dddd5f2a86173c32

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Aug 2023 01:05:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Pbk5YFbwuWQl4OxLf/43Lf98u+8rvn58ecMZr1EnHjhSm+U07bp9pBm+dCbwIZXjZ+cFSpsmulNU/ml9O5fGBQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 204
No Content image.gif
tracking.graphly.io/ 0
492 B 771ms
204ms Image
image/gif 34.210.103.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.graphly.io/image.gif?m=%7B%22v%22%3A%223%22%2C%22dp%22%3A%22%2F%22%2C%22dh%22%3A%22getcreditsecrets.net%22%2C%22ds%22%3A%22%3Fdeal%3Dsuccess%26dbvid%3D3710%22%2C%22dr%22%3A%22%22%2C%22t%22%3A1691715930120%2C%22ms%22%3A%7B%22account%22%3A4787072%2C%22infContactId%22%3A%22~Contact.Id~%22%2C%22time%22%3A13%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.103.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-103-97.us-west-2.compute.amazonaws.com
Software: nginx/1.11.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:05:30 GMT
Cache-Control: no-cache
Graphly-Code: 200
Server: nginx/1.11.3
Graphly-Response: Success
Connection: keep-alive
Content-Type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
148 B 25ms
24ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=355260059&t=pageview&_s=1&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&dp=getcreditsecrets.net%2F&ul=en-us&de=UTF-8&dt=Credit%20Secrets&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAEK~&jid=2089194635&gjid=2089097220&cid=444975325.1691715930&tid=UA-75241181-3&_gid=1108579203.1691715930&_slc=1&gtm=45He3890n81M2BQGBR&cd2=444975325.1691715930&z=1399704073

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://getcreditsecrets.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://getcreditsecrets.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 66ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75241181-3&cid=444975325.1691715930&jid=2089194635&gjid=2089097220&_gid=1108579203.1691715930&_u=YGBAiEABBAAAAGAEK~&z=2078940919

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://getcreditsecrets.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://getcreditsecrets.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 17ms
17ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=355260059&t=pageview&_s=1&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&dp=getcreditsecrets.net%2F&ul=en-us&de=UTF-8&dt=Credit%20Secrets&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAGAEK~&jid=&gjid=&cid=444975325.1691715930&tid=UA-75241181-3&_gid=1108579203.1691715930&gtm=45He3890n81M2BQGBR&cd2=444975325.1691715930&z=1759798747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Aug 2023 04:49:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72948
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 50ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YVX9HJM1JB&gtm=45je3890&_p=355260059&_gaz=1&cid=444975325.1691715930&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691715930&sct=1&seg=0&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&dt=Credit%20Secrets&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YVX9HJM1JB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://getcreditsecrets.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 20ms
19ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YVX9HJM1JB&cid=444975325.1691715930&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YVX9HJM1JB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://getcreditsecrets.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
25ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YVX9HJM1JB&cid=444975325.1691715930&gtm=45je3890&aip=1&z=1525559983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
631 B 118ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2011%20Aug%202023%2001%3A05%3A30%20GMT&n=-2d&b=Credit%20Secrets&.yp=10092619&f=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Aug 2023 01:05:30 GMT

POST atr
www.youtube.com/api/stats/ Frame BF84 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame BF84 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/4eae42b1/ Frame BF84 381 KB
48 KB 28ms
27ms Stylesheet
text/css 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fb7120979b79e0a6a533d36b67a46b217feef83f4ff49cd765abf42556047d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 23:22:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49057
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 09 Aug 2024 23:22:13 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/ Frame BF84 41 KB
13 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d81dd50d0c3e6347ba625e469681e8e19d4a8144d1cde13ccd01514a6aa2d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 16:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 289015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13034
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Aug 2024 16:48:35 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/ Frame BF84 312 KB
94 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce04d0926e3aa679682b9a0e90a44742c1efa4dc06b3105116118242db22de42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 00:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95742
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 10 Aug 2024 00:53:44 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/ Frame BF84 2 MB
2 MB 55ms
54ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f97bb1d8931c5312339957ee36f99467f0539ec6dd0fbb969967c456e14cc36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 06:30:02 GMT
x-content-type-options: nosniff
age: 153328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2435352
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Aug 2024 06:30:02 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4eae42b1/fetch-polyfill.vflset/ Frame BF84 9 KB
3 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 00:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 10 Aug 2024 00:31:16 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 24ms
23ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=355260059&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&ul=en-us&de=UTF-8&dt=Credit%20Secrets&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aGDACEABBAAAAGAEK~&jid=112997291&gjid=1905621595&cid=444975325.1691715930&tid=UA-75241181-3&_gid=1108579203.1691715930&_r=1&gtm=45He3890n81M2BQGBR&cd2=444975325.1691715930&z=462885763

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://getcreditsecrets.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://getcreditsecrets.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 29ms
28ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-75241181-3&cid=444975325.1691715930&jid=2089194635&_u=YGBAiEABBAAAAGAEK~&z=1727515586

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-75241181-3&cid=444975325.1691715930&jid=2089194635&_u=YGBAiEABBAAAAGAEK~&z=1727515586

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF84 15 KB
15 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 08:35:58 GMT
x-content-type-options: nosniff
age: 491372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 08:35:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF84 15 KB
15 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:38:49 GMT
x-content-type-options: nosniff
age: 588401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:38:49 GMT

GET
H2 200 seg-17-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 247 KB
248 KB 16ms
16ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-17-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: d0fc94874e1ca0397778453147105f3ee640c22fd76a17dbb166fcf420a208f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:26 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456004
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 51
content-length: 253048
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 08NdTe_cCULV8nCGKSU4pGh1nf3CvgO2x71rkqgHCVuw97_0i4bQUQ==
expires: Sun, 04 Aug 2024 18:25:26 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/4eae42b1/www-widgetapi.vflset/ 204 KB
63 KB 215ms
215ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7425038d7ecfec6a8a0149f3e72f22c31410f1ab3424874d36d16d0675a59f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 00:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64309
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 10 Aug 2024 00:04:04 GMT

GET
H2 200 init.ca6242653ccf41f56529.js Show response
rec.smartlook.com/es6/ 60 KB
17 KB 55ms
25ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/es6/init.ca6242653ccf41f56529.js

Requested by

Host: rec.smartlook.com
URL: https://rec.smartlook.com/recorder.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

93c5482e92260a23f9b7a1d48b7a452adf61e3d307723c0636b844205eed44f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Referer: https://getcreditsecrets.net/
Origin: https://getcreditsecrets.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Aug 2023 01:05:30 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 39255
x-accel-date: 1691676675
x-77-nzt: AZySIYiaMW3/V5kAAA
x-accel-expires: @1723212675
last-modified: Thu, 10 Aug 2023 13:36:25 GMT
server: CDN77-Turbo
etag: W/"64d4e7d9-ee1a"
x-77-nzt-ray: f6587a1dab4f0d8b5a89d5646d48b015
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=71299&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=O8vPRF91WmI2REhHZlhrT2ZnWHJabGJkeW9teTlpJTJGJTJCQ0IlMkZ0cW9wSElWbFZJcGViVzJ...
https://widget.us.criteo.com/event?a=71299&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=O8vPRF91WmI2REhHZlhrT2ZnWHJabGJkeW9teTlpJTJGJTJCQ0IlMkZ0cW9wSElWbFZJcGViVzJ...

10 KB
4 KB

333ms
107ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=71299&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=O8vPRF91WmI2REhHZlhrT2ZnWHJabGJkeW9teTlpJTJGJTJCQ0IlMkZ0cW9wSElWbFZJcGViVzJwJTJCJTJCNWcyanJ2MVNwTlZoQ0hIeXl6eE80Wm1JMDNGSUpkT043bGRSdTFsamptZGs2NHRRSldsWkw5Nm05M1JvVWZyVFJoZ1E1ZU1HRU1LeTBTYzJ0Umd1R2RXSW44cEY2VWlVVXA1SXZDUURSbmNHWFRTMENpJTJCUlolMkZXNVlMTSUzRA&tld=getcreditsecrets.net&fu=https%253A%252F%252Fgetcreditsecrets.net%252F%253Fdeal%253Dsuccess%2526dbvid%253D3710&ceid=f4670fad-0abf-4a84-9cc8-3223d000cf5b&dtycbr=97305

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d86be96d618c5d5ef98be186d5ca8385056652440446aeac07c1678a72b00dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13047916
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=71299&v=5.17.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=O8vPRF91WmI2REhHZlhrT2ZnWHJabGJkeW9teTlpJTJGJTJCQ0IlMkZ0cW9wSElWbFZJcGViVzJwJTJCJTJCNWcyanJ2MVNwTlZoQ0hIeXl6eE80Wm1JMDNGSUpkT043bGRSdTFsamptZGs2NHRRSldsWkw5Nm05M1JvVWZyVFJoZ1E1ZU1HRU1LeTBTYzJ0Umd1R2RXSW44cEY2VWlVVXA1SXZDUURSbmNHWFRTMENpJTJCUlolMkZXNVlMTSUzRA&tld=getcreditsecrets.net&fu=https%253A%252F%252Fgetcreditsecrets.net%252F%253Fdeal%253Dsuccess%2526dbvid%253D3710&ceid=f4670fad-0abf-4a84-9cc8-3223d000cf5b&dtycbr=97305
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11272025
timing-allow-origin: *
content-length: 0
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75241181-3&cid=444975325.1691715930&jid=112997291&gjid=1905621595&_gid=1108579203.1691715930&_u=aGDACEABBAAAAGAEK~&z=26823917

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://getcreditsecrets.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://getcreditsecrets.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 0
306 B 210ms
172ms Script
application/javascript 2606:4700::6810:185e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=26017210&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:185e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.21

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.21
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 65
cf-ray: 7f4c9214fb994da2-FRA
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 52ms
13ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241965936397399&ev=PageView&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&rl=&if=false&ts=1691715930368&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691715930367.226442832&cs_est=true&it=1691715930186&coo=false&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:05:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json Show response
trc.taboola.com/1243026/trc/3/ 2 KB
2 KB 50ms
33ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1243026/trc/3/json?tim=1691715930380&data=%7B%22id%22%3A285%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1691715930376%2C%22cv%22%3A%2220230730-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fdeal%3Dsuccess%26dbvid%3D3710%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-jaycreditsecretorg%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1691715930380%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1243026/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 19fe4681a9058e73e0010615c2d21f3c13450d625c888cf60ae6968083c23988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms: 21
date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7505
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230035-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1691715930.403494,VS0,VE21
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-75241181-3&cid=444975325.1691715930&jid=112997291&_u=aGDACEABBAAAAGAEK~&z=102490348

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-75241181-3&cid=444975325.1691715930&jid=112997291&_u=aGDACEABBAAAAGAEK~&z=102490348

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gusid Show response
177758.t.hyros.com/v1/lst/ 32 B
286 B 359ms
126ms XHR
application/json 35.169.181.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://177758.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
Requested by: Host: 177758.tracking.hyros.com
URL: https://177758.tracking.hyros.com/v1/lst/universal-script?ph=42ff6b7dced09a973c829960a622bbdb0bceba7ea26f5ff7051de08a0b91a00a&tag=!tracking
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.181.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-181-77.compute-1.amazonaws.com
Software: /
Resource Hash: 85b0eefd82802df73b213e6aad199c6d5e0ff8d2b57e0c9553bff3688ad279d8

Request headers

Referer: https://getcreditsecrets.net/
Product-ID: 177758
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://getcreditsecrets.net
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 32

OPTIONS
H2 200 gusid
177758.t.hyros.com/v1/lst/ Frame 0
0 383ms
116ms Preflight 35.169.181.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://177758.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.181.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-181-77.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: product-id
Access-Control-Request-Method: GET
Origin: https://getcreditsecrets.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: product-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://getcreditsecrets.net
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Fri, 11 Aug 2023 01:05:30 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 seg-18-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 250 KB
251 KB 493ms
492ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-18-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 3411e9c68144e7fa20b9736a843df9ade0894ff5d807c9d9fb7fedb05eeead59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 113
content-length: 256056
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rW6HUoWRzhmyJGf_AMuUH6MiAhCLIDBCAljudNMwipjp4WBCuqt9ow==
expires: Sat, 10 Aug 2024 01:05:30 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame BF84 113 B
159 B 24ms
23ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c61d8ab1e559f25435b1e298d7668737345030e87840b08f3602faa354a14fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame BF84 29 B
93 B 16ms
15ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 00:58:45 GMT
x-content-type-options: nosniff
age: 405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Aug 2023 01:13:45 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 22ms
21ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 11 Aug 2023 01:05:30 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BF84 68 KB
31 KB 30ms
30ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e1dc30229d2b4ab712917e2cbcf1f26b633d50e049652f822e063003b7bb87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31853
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/ Frame BF84 116 KB
33 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c0c7a720767f4ab7eb096007bfcbd574cf82430488e2c0901694400eafcf66a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 16:48:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 289016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33704
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Aug 2024 16:48:34 GMT

GET
H3 200 GHTue7HP-OYh68RD2pmPGEF3VsqSZiiXMqsok83tEUg.js Show response
www.google.com/js/th/ Frame BF84 49 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/GHTue7HP-OYh68RD2pmPGEF3VsqSZiiXMqsok83tEUg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1874ee7bb1cff8e621ebc443da998f18417756ca9266289732ab2893cded1148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19139
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 01:02:04 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/Ja2THbW2Q1M/ Frame BF84 2 KB
2 KB 21ms
19ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Ja2THbW2Q1M/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac626297dfb1e38d2b1bcf8962caf6e9efe3d6abaa787b1446e6d5aca45f8cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:28 GMT
x-content-type-options: nosniff
age: 2
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2456
x-xss-protection: 0
server: sffe
etag: "1508404881"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 11 Aug 2023 03:05:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 13ms
12ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241965936397399&ev=connectretarget&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&rl=&if=false&ts=1691715930716&cd[creditsecrets_visitcounter]=1&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691715930367.226442832&it=1691715930186&coo=false&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:05:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 12ms
12ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241965936397399&ev=connectretarget&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&rl=&if=false&ts=1691715930717&cd[creditsecrets_URL]=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&sw=1600&sh=1200&v=2.9.121&r=stable&ec=2&o=30&fbp=fb.1.1691715930367.226442832&it=1691715930186&coo=false&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:05:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BF84 90 B
134 B 27ms
27ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08fb723ce8b5e8cc61eafeb21947d80d27c062396aa3db418720b1f35a65382f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 core Show response
js.driftt.com/ Frame BC6B 2 KB
1 KB 116ms
116ms Document
text/html 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1691716200000/ihh6bvri2z5y.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

70560ba9138d04a53b3d50ad24c6ba38a16a2cacb591ddaf7aabb312f0330a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://getcreditsecrets.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 11 Aug 2023 01:05:31 GMT
etag: W/"07075ae30994d62a00de2f301bdfb11a"
last-modified: Fri, 28 Jul 2023 18:57:16 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-id: 8uAR2sB-vUnivjADJUGTOSmL8a7RoZVhdUxcq2UQYMpIgE95jaOl-Q==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: PE8zep.NHo.o1SZeIPA0xq.0zsXy2Uat
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 17

GET
H2 200 chat Show response
js.driftt.com/core/ Frame E46C 2 KB
1 KB 125ms
124ms Document
text/html 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1691716200000/ihh6bvri2z5y.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

70560ba9138d04a53b3d50ad24c6ba38a16a2cacb591ddaf7aabb312f0330a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://getcreditsecrets.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 11 Aug 2023 01:05:31 GMT
etag: W/"07075ae30994d62a00de2f301bdfb11a"
last-modified: Fri, 28 Jul 2023 18:57:16 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-id: lqyxyCoud5ZpW7iJneKfKBhHM4WqnrOatM5Vdzmgsgg-POh07aaQMg==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: PE8zep.NHo.o1SZeIPA0xq.0zsXy2Uat
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 15

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 11ms
10ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241965936397399&ev=connectretarget&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&rl=&if=false&ts=1691715930861&cd[creditsecrets_date]=1691712000&sw=1600&sh=1200&v=2.9.121&r=stable&ec=3&o=30&fbp=fb.1.1691715930367.226442832&it=1691715930186&coo=false&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:05:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
10ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241965936397399&ev=connectretarget&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&rl=&if=false&ts=1691715930863&cd[creditsecrets_language]=en-US&sw=1600&sh=1200&v=2.9.121&r=stable&ec=4&o=30&fbp=fb.1.1691715930367.226442832&it=1691715930186&coo=false&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:05:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241965936397399&ev=connectretarget&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&rl=&if=false&ts=1691715930874&cd[creditsecrets_session_count]=1&sw=1600&sh=1200&v=2.9.121&r=stable&ec=5&o=30&fbp=fb.1.1691715930367.226442832&it=1691715930186&coo=false&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:05:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame BF84 4 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 01:05:30 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0CC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-dmwr72QFKd-CVnaU7oVNbDym-G45gpxfy8IZeQ&google_cm&google_hm=ay1kbXdyNzJRRktkLUNWbmFVN29WTmJEeW0tRzQ1Z3B4Z...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dmwr72QFKd-CVnaU7oVNbDym-G45gpxfy8IZeQ&google_gid=CAESEIeOMPN0lKDFsR7yePvsmbk&google_cver=1&google_ula=913071,0

43 B
370 B

81ms
23ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dmwr72QFKd-CVnaU7oVNbDym-G45gpxfy8IZeQ&google_gid=CAESEIeOMPN0lKDFsR7yePvsmbk&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 654138
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dmwr72QFKd-CVnaU7oVNbDym-G45gpxfy8IZeQ&google_gid=CAESEIeOMPN0lKDFsR7yePvsmbk&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 0CC7 43 B
146 B 127ms
9ms Image
image/gif 35.157.68.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-gGxRdWQFKd-CVnaU7oVNbDym-G7yNR68uIGrwA&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.68.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-68-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 0CC7
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6193695566076172175

43 B
369 B

44ms
24ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6193695566076172175

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 840323
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:31 GMT
an-x-request-uuid: 2744e4e5-800a-4457-9995-0b7941f539b2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6193695566076172175
x-proxy-origin: 178.162.209.132; 178.162.209.132; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame 0CC7
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-J8VRkmQFKd-CVnaU7oVNbDym-G6HUqoo0rZKEw
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-J8VRkmQFKd-CVnaU7oVNbDym-G6HUqoo0rZKEw

43 B
906 B

18ms
17ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-J8VRkmQFKd-CVnaU7oVNbDym-G6HUqoo0rZKEw

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:31 GMT
an-x-request-uuid: bdca56e5-4887-4b6e-b500-6ffeafe239f5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.132; 178.162.209.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:31 GMT
an-x-request-uuid: 83b8b3bf-56df-4b66-8c26-7bb67fe1a6a6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-J8VRkmQFKd-CVnaU7oVNbDym-G6HUqoo0rZKEw
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.132; 178.162.209.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 0CC7 61 B
793 B 314ms
196ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-cIcCXGQFKd-CVnaU7oVNbDym-G71HKgNrzHmzQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 11 Aug 2023 01:05:31 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Fri, 11 Aug 2023 01:05:31 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 0CC7 0
239 B 167ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-MPIRYmQFKd-CVnaU7oVNbDym-G6MC8EdW5FRTw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 0CC7 0
35 B 147ms
13ms Image
text/plain 18.195.183.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-KJSJw2QFKd-CVnaU7oVNbDym-G4wkTNUlgrt-g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.183.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-183-142.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 0CC7 43 B
114 B 164ms
20ms Image
image/gif 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-F9lHCGQFKd-CVnaU7oVNbDym-G6mKQCcyuDVxg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0CC7 0
99 B 153ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-LuGajmQFKd-CVnaU7oVNbDym-G4pWQMz0-ULPg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13172

GET
H2 200 um
criteo-sync.teads.tv/ Frame 0CC7 23 B
163 B 90ms
33ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-fCkTM2QFKd-CVnaU7oVNbDym-G4LsnH8Xs14_g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Fri, 11 Aug 2023 01:05:31 GMT
pragma: no-cache
date: Fri, 11 Aug 2023 01:05:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 0CC7 37 B
140 B 61ms
10ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-oKMd_GQFKd-CVnaU7oVNbDym-G59r133uB9WfA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 0CC7 0
125 B 74ms
14ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-rg-832QFKd-CVnaU7oVNbDym-G5h7sUZ7F-yPQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 0CC7 43 B
163 B 136ms
23ms Image
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-Ikyoo2QFKd-CVnaU7oVNbDym-G7RxFL2FCQ6Ig
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
last-modified: Thu, 27 Jul 2023 11:18:06 GMT
server: nginx
accept-ranges: bytes
etag: "64c2526e-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 0CC7 49 B
342 B 77ms
23ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-j6KgwGQFKd-CVnaU7oVNbDym-G5uNGqejHqJsw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:30 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 0CC7
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KL7GAWQFKd-CVnaU7oVNbDym-G7paoKqqzvJxQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KL7GAWQFKd-CVnaU7oVNbDym-G7paoKqqzvJxQ&C=1

43 B
766 B

11ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-KL7GAWQFKd-CVnaU7oVNbDym-G7paoKqqzvJxQ&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Aug 2023 01:05:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 11 Aug 2023 01:05:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-KL7GAWQFKd-CVnaU7oVNbDym-G7paoKqqzvJxQ&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 0CC7
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=szbhLyvjFBopUrTj9_qUj7qLYHpDsuOE
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=szbhLyvjFBopUrTj9_qUj7qLYHpDsuOE

42 B
942 B

39ms
39ms

Image
image/gif

52.30.115.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=szbhLyvjFBopUrTj9_qUj7qLYHpDsuOE

Protocol

HTTP/1.1

Server

52.30.115.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-115-249.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0d9ec62d4.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wBEnGGBYQSo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-064b86ed4.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: gI/a5oW9Rl0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=szbhLyvjFBopUrTj9_qUj7qLYHpDsuOE
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 0CC7
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-a4sEzGQFKd-CVnaU7oVNbDym-G5bbzTAZ3Skiw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-a4sEzGQFKd-CVnaU7oVNbDym-G5bbzTAZ3Skiw

43 B
447 B

37ms
36ms

Image
image/gif

54.78.21.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-a4sEzGQFKd-CVnaU7oVNbDym-G5bbzTAZ3Skiw
Protocol: H2
Server: 54.78.21.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-21-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 01:05:31 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-a4sEzGQFKd-CVnaU7oVNbDym-G5bbzTAZ3Skiw
access-control-allow-origin: *
date: Fri, 11 Aug 2023 01:05:31 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 0CC7 42 B
274 B 72ms
22ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-DYm0IWQFKd-CVnaU7oVNbDym-G4EannyWNcvgw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 0CC7 0
882 B 60ms
15ms Image
text/html 3.64.114.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-YQ3f4mQFKd-CVnaU7oVNbDym-G6VuRRYne3TFw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.114.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-114-92.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 0CC7 0
145 B 352ms
86ms Image
text/plain 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-85xEXGQFKd-CVnaU7oVNbDym-G5aI8RP5ry6ug&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 01:05:31 GMT
Cache-Control: no-cache
X-TraceId: bdaef55fbb59ca00d24bf19076666a1f
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 0CC7 42 B
579 B 108ms
31ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-6S5mS2QFKd-CVnaU7oVNbDym-G7_K61Kj4lLRA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 11 Aug 2023 01:05:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 0CC7 43 B
398 B 322ms
92ms Image
image/gif 2600:1f18:612b:4200:afa3:28fc:4d3:4fa2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-EBicq2QFKd-CVnaU7oVNbDym-G6xUHsTt-sYdg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:afa3:28fc:4d3:4fa2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 11 Aug 2023 01:05:31 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 0CC7 43 B
153 B 96ms
31ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-IvZQhmQFKd-CVnaU7oVNbDym-G7LNAGhaBr5iQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 01:05:31 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 0CC7 0
400 B 87ms
24ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-DFnF9mQFKd-CVnaU7oVNbDym-G6MD66SUUwwtQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Aug 2023 01:05:31 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Thu, 10 Aug 2023 01:05:31 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 0CC7 0
38 B 188ms
33ms Image
text/plain 34.250.36.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-QNQTzmQFKd-CVnaU7oVNbDym-G6Pb59DydOsoQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.36.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-36-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 0CC7 0
44 B 82ms
13ms Image
text/plain 52.58.249.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-gYTtRmQFKd-CVnaU7oVNbDym-G5NQqqhM_5-_Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.249.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-249-168.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
server: awselb/2.0

GET
H3 204 generate_204
www.youtube.com/ Frame BF84 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?5SF_Xg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:05:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241965936397399&ev=connectretarget&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&rl=&if=false&ts=1691715930987&cd[creditsecrets_source]=direct&sw=1600&sh=1200&v=2.9.121&r=stable&ec=6&o=30&fbp=fb.1.1691715930367.226442832&it=1691715930186&coo=false&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:05:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
10ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241965936397399&ev=connectretarget&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&rl=&if=false&ts=1691715930995&cd[creditsecrets_visiting_device]=desktop&sw=1600&sh=1200&v=2.9.121&r=stable&ec=7&o=30&fbp=fb.1.1691715930367.226442832&it=1691715930186&coo=false&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:05:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 23ms
22ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 11 Aug 2023 01:05:30 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame BF84 28 B
54 B 43ms
43ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
X-Goog-Request-Time: 1691715931018
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
X-YouTube-Client-Version: 1.20230806.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs0VXlTSkkwTmxCZyjaktamBg%3D%3D
X-YouTube-Ad-Signals: dt=1691715930429&flash=0&frm=2&u_tz=120&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKqeeAwaAhU_8szEiyi9kSPPp6svu8yetjJ5q5VPPEeGcLz7J47-H-5Hdtv2vIK7T0YBkjXAA9jJmt8UCnkleiLwHyZmRw

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 11 Aug 2023 01:05:31 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/115/ Frame BF84 51 KB
15 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/115/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 02:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 15 May 2023 15:08:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 11 Aug 2023 02:33:37 GMT

GET
H2 200 runtime~main.d3870f72.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 6 KB
3 KB 12ms
11ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d74324ac5719aa202221018cd0181776040570d0d6b94112fef8e841ef3d6c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: nYREScR.bpGpZR41m1r79Ea9oNUo0dkc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1145296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"ee97d74de0a92e3518199e701c19ee0f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VrA97V4-NQFvXzFYT-F3lsfiOt-zPZ1NEtsfA2KgoVJGY4Tuzsw37g==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 35 KB
13 KB 13ms
12ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: hzm2Healt7ZjvNDM3nYQ47BRwWjFuLrw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16875635
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:22 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pGWxMSJT1VLR-1UlBhqdcTab7Ds4BmlRmC8heNiocriquObGklaXqw==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 7 KB
3 KB 14ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 02:18:12 GMT
x-amz-version-id: UAS9fZEsWJhy55_yzrvbe0LqT9eTyvUT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2933239
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 75
last-modified: Thu, 29 Jun 2023 18:36:40 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JNZvi73rxK4LlEvGw4zcX077vWDHRrc1JX-68wO3Q7nblSN4Glwtiw==

GET
H2 200 runtime~main.d3870f72.js Show response
js.driftt.com/core/assets/js/ Frame E46C 6 KB
3 KB 11ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d74324ac5719aa202221018cd0181776040570d0d6b94112fef8e841ef3d6c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: nYREScR.bpGpZR41m1r79Ea9oNUo0dkc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1145296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"ee97d74de0a92e3518199e701c19ee0f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eTIO4U7zOiK1U96y8xXdB9e2j3Y8GC6FHaUbl39ZX89oC_Ddyf357A==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 35 KB
13 KB 12ms
11ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: hzm2Healt7ZjvNDM3nYQ47BRwWjFuLrw
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16875635
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 27 Jan 2023 17:00:22 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: j4-ZRvyDJStMS7hofPXFaxL2fZI38D9VP_5HXtifE9UE_z3BdDkO4Q==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 7 KB
3 KB 13ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 02:18:12 GMT
x-amz-version-id: UAS9fZEsWJhy55_yzrvbe0LqT9eTyvUT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2933239
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 75
last-modified: Thu, 29 Jun 2023 18:36:40 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aGAdCFMHmiGVXJKmBnYoumahpIiS0WBNM2uBjW77VV95Ex6LJaRTJg==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 23 KB
8 KB 11ms
11ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: 5TonZ2q4BzUrPKpbgBIsyV0ypFLgVCeU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4486651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 78
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Kt9iLx0h5B9MFsKVwsXJs7rDTRYRVw1ywmgOWy7U4iBlRuD_IVbcnw==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 36 KB
10 KB 12ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:30:14 GMT
x-amz-version-id: qXDwNGmcU.i_gy6zABPrFxJLJu0M1pqs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3116117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Thu, 29 Jun 2023 18:36:39 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: H8ue5gfQCkJFLuwAeiFlSOi4mU5K1n5SjT0M7Y2ypvBFjNZBK5veEA==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 32 KB
11 KB 12ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id: zK.I5gIdSwLDVz8paigwY_NlFGMXuMgL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4441424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Tue, 20 Jun 2023 14:23:09 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vHjOEwz5MuozTHST_2Xs37wpFxUEXnl8ERfMpdtzLI4mn6_rUKG9qQ==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 17 KB
6 KB 12ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 06:35:14 GMT
x-amz-version-id: NhB69SBKJZmuUtXDH0xsEetKhzurSV2H
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5769017
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Wed, 31 May 2023 20:40:09 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 69jyhVLGuSRXxW75j13aDnoE4-t0147Ym0eeQXbXhUL3EQDN8SxBhw==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 25 KB
8 KB 13ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:25:03 GMT
x-amz-version-id: aw1f3uGwXuU6S2OomkpX1DCMYaDfscU9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3015627
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 30 Jun 2023 16:16:09 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DhB6gbeymtGhQbTOilkO93Cgv1W-fIjAfDaCWEg5LbmFUHysSxs6mA==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 74 KB
23 KB 14ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: ukuXMqZaBoE6xID056KmWB0xEHmIXKmX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4486651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Fri, 16 Jun 2023 20:26:54 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uErfcpaYYj0W7aJmMIr6Pzbanju-ptiSQCP5WPrH6iSzEr4SsxWhhg==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 66 KB
20 KB 16ms
12ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 25 May 2023 07:08:48 GMT
x-amz-version-id: pbTO4uU1iA_kBPCkMqV8rm3AioPcDtRp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6717403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Wed, 24 May 2023 17:36:06 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dFopY0XUrBjvUj7j3hVMsPDZtx2q_T2lR1VpATH_Y8KzMN5mBrm5cg==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 91 KB
28 KB 16ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 12:05:00 GMT
x-amz-version-id: SrUur3gTkOE1yjoDcy53ibL6t3rDB5tT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2984431
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 30 Jun 2023 16:16:08 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rrd0cD26gz6v_GX5C9bv2lH8WVXgxOduwvzTPMLxt00mkCpu-vnosA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 23 KB
7 KB 21ms
18ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 30 May 2023 11:02:53 GMT
x-amz-version-id: IgOK_MQbEszp7MebOhF6oyS1BThWXb5o
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6271358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 26 May 2023 19:24:42 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Zv7cY3cEJACFv4SKCwt0w0iLhhUP31yEKY6aTgJ6HSaY3xn5bPa33A==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 62 KB
20 KB 22ms
18ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:01:51 GMT
x-amz-version-id: 4sXKEKnf1MP6Oxg8R9s.0Ul7nOjxTe89
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3798220
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Mon, 26 Jun 2023 20:12:19 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nqCpOHrVAzXm3S3LwKXI5mOeHXZoi2hczZyX7FCO6iUitQvi6MGhHQ==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 105 KB
34 KB 22ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: gBpCCsntSn2IWEffEf2F8DC2OtX8qv0J
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4486651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 100
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x2rCXVKgyj9YTR3nRy8FsJZXGDAdiOQqtG4NO_aaT0JALpjprZZrfg==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 12 KB
4 KB 24ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:53:30 GMT
x-amz-version-id: d.D0r_vXgX7w1FTWdc3SLpv412I4sjOB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6646321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
last-modified: Wed, 24 May 2023 17:52:54 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: K92gdf0AwiarJ9c4nMsDCB9Bi_cpVIhrbOr73C1kfgU1dWi-lT7vwg==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 13 KB
6 KB 24ms
21ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: ncEfPgGiy8bvtpJNwnTX.NMziBwYghK4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4486651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n0F5sdb1MgOc6rKSzARvnTjd9DYcuhr3QDssXY-g7qtlli_hW0NRxA==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 17 KB
7 KB 25ms
22ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:24:39 GMT
x-amz-version-id: VsfA8TLYa9RNEpzywKZv5LmrplRhx_G6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5758852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 72
last-modified: Wed, 31 May 2023 20:40:09 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QJKTjj0T3paouZmrnAxF5Q4vqPRjBFIFi8awh1EuAoe_asjRtlul1Q==

GET
H2 200 8.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame BC6B 31 KB
4 KB 27ms
24ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: a7.YLqd37JZcdeCbrfXC3CfVjfFxsQd4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4486651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 16 Jun 2023 14:07:10 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W5XZ05zRpVmxS_TIU2WALZl72UWdrfUplcHiWPR4SEDdRqkj8gH3mg==

GET
H2 200 8.94b86ac7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 81 KB
25 KB 28ms
25ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.94b86ac7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 20:11:10 GMT
x-amz-version-id: sKS3NtYZ5xBkpnwyRKt297s4ZL0aCKra
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2091261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 17 Jul 2023 15:59:42 GMT
server: istio-envoy
etag: W/"c01af04dcc374efd61d695b2f1e6a2c5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aFUGe2IDIcx1IAjBF7VW98WzXFeGb1LP0GzPhZsxMSSDWN2EE-mswQ==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame BC6B 24 B
697 B 28ms
25ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 12 May 2023 13:09:31 GMT
x-amz-version-id: C6GeoJGSzHnxQmfIIaJPtsDdeomKLjJo
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 7818960
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
content-length: 24
last-modified: Thu, 11 May 2023 20:21:34 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MmDbRnwYD1yOp7hREfAAJTHYQN8P0rAVwmXnxlzFAVdPHPxgEiTeSw==

GET
H2 200 16.8bd9e5a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 91 KB
23 KB 29ms
26ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: rzljacJzqN37r9cYvWsZXzr5I9pj.xER
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1145296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"ef144ff505a111b4fe4731aaba1cffed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SdPx9p8_OiwUWgL6of4FHIe8DrrGdPUtq6D8g7GBIgWtSh8ITNgMMQ==

GET
H2 200 24.1fcb23fd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 50 KB
14 KB 33ms
30ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1fcb23fd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6e60af994c94f52d951f4ba72ce1ad110d02331dc2ab55b61110cd3be60c83f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: mhEzNs3jM3iyiDrVTPsVGu6p3AXJxHOl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1145296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"dfa4b7771ab513175144a5ffeb70e72d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GpxFtdymzp5j_JCpxm9CBc7Qy6Cx5LFpeAKiA6E2fz8-NKoLxi7FkA==

GET
H2 200 17.a71bb070.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 40 KB
13 KB 33ms
31ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.a71bb070.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6fa317686874e2babbb154c505e6d34dea75adf4cc6621773e1b40970a89419b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: W_RhZ8nhV9MfFiIuzCtGrNuJHr5uhnLe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1145296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"8f716b28dee3e1937ef5c37d59f4213c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9u0bO_aW8TfbCJLjEHARUXBKM20rw3dvroeKgB52U9a64t7-ow3RdQ==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 23 KB
8 KB 26ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: 5TonZ2q4BzUrPKpbgBIsyV0ypFLgVCeU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4486651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 78
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cCJAN5mST5GSowF3k58vZeUh8W_BFDDjfqXKoI0y7EpzyquFp4wudA==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 36 KB
10 KB 27ms
11ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:30:14 GMT
x-amz-version-id: qXDwNGmcU.i_gy6zABPrFxJLJu0M1pqs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3116117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Thu, 29 Jun 2023 18:36:39 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _ArRwQutyUaP9G7YiJfyreECUQTSL_pAnSA8X-KfXpL8x0qiMNnM1Q==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 32 KB
11 KB 28ms
11ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id: zK.I5gIdSwLDVz8paigwY_NlFGMXuMgL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4441424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Tue, 20 Jun 2023 14:23:09 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3x8N4NO1dqBtkqAbq39spSA6-yWy7Kw_Tt8ObVywtM5QJZOlkBvvGg==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 17 KB
6 KB 29ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 06:35:14 GMT
x-amz-version-id: NhB69SBKJZmuUtXDH0xsEetKhzurSV2H
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5769017
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Wed, 31 May 2023 20:40:09 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aw0edf5BPdrozHoU13u5NeFUrEZ_pvkL8uDkvaSG1ejx4IPp1LwHvg==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 25 KB
8 KB 29ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:25:03 GMT
x-amz-version-id: aw1f3uGwXuU6S2OomkpX1DCMYaDfscU9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3015627
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 30 Jun 2023 16:16:09 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zAB5Iw2P5lpVRgieBJbZLVzynGu3zMIUapmsjr8PyNB2s3t2KxD_qA==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 74 KB
23 KB 29ms
14ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: ukuXMqZaBoE6xID056KmWB0xEHmIXKmX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4486651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 69
last-modified: Fri, 16 Jun 2023 20:26:54 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y_xHeQOyikqnRd8zBP-X2_p8aRcb9Zvq2xO6or09vDpNopF3vSWtYQ==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 66 KB
20 KB 30ms
14ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 25 May 2023 07:08:48 GMT
x-amz-version-id: pbTO4uU1iA_kBPCkMqV8rm3AioPcDtRp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6717403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Wed, 24 May 2023 17:36:06 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hOuZBZlGgHgWv1KCf2Ju89ZJvCvWNqI78oJWMHk2Xpil33whJosYpw==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 91 KB
28 KB 31ms
15ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 12:05:00 GMT
x-amz-version-id: SrUur3gTkOE1yjoDcy53ibL6t3rDB5tT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2984431
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 30 Jun 2023 16:16:08 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mE1Aa7IGCydzkCmYxB_hPZ2_HF8oIqFIl_H3MUlyrmw6vIO5QSE6zw==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 23 KB
7 KB 31ms
17ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 30 May 2023 11:02:53 GMT
x-amz-version-id: IgOK_MQbEszp7MebOhF6oyS1BThWXb5o
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6271358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 26 May 2023 19:24:42 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wWFnt6NHS4liWaMLaZTrPn88JhvsS7HU0bkpYCUoTTkek6KgbLbTCA==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 62 KB
20 KB 31ms
17ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:01:51 GMT
x-amz-version-id: 4sXKEKnf1MP6Oxg8R9s.0Ul7nOjxTe89
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3798220
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Mon, 26 Jun 2023 20:12:19 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JhpmJPrFwiojh0kIxEJjrrCm77ZIwx5IsTdo0ClfF-QqMTvPj1FEyA==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 105 KB
34 KB 32ms
18ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: gBpCCsntSn2IWEffEf2F8DC2OtX8qv0J
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4486651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 100
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N3ohXIJ8U77GRBxbvtfmnT3aJrRjetflRGONe8Lo-iCjObYL-6Tvsw==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 12 KB
4 KB 33ms
19ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:53:30 GMT
x-amz-version-id: d.D0r_vXgX7w1FTWdc3SLpv412I4sjOB
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6646321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
last-modified: Wed, 24 May 2023 17:52:54 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xBVGulzqATrfvqHLh8yJTMmTJUF9mmXRejLUXIw6mXOSRF1hK5hyUQ==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 13 KB
6 KB 33ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: ncEfPgGiy8bvtpJNwnTX.NMziBwYghK4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4486651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3D71yXRLpwjvmlqv1czy9QSuOpr9_FBuWUfgcdIhv9wsvPOEEwCK_w==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 17 KB
7 KB 35ms
21ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:24:39 GMT
x-amz-version-id: VsfA8TLYa9RNEpzywKZv5LmrplRhx_G6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5758852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 72
last-modified: Wed, 31 May 2023 20:40:09 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YzvTOw4oAWr2eOalVO_H3YKSjTJMUqRns23q6UK-HvosjxjDIDR8HA==

GET
H2 200 8.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame E46C 31 KB
4 KB 21ms
8ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: a7.YLqd37JZcdeCbrfXC3CfVjfFxsQd4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4486651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 16 Jun 2023 14:07:10 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ruw60jSeh3duhBVyGn-L4b_lfHHUawRHogADHbyEjml4jRZ6ZIBe_Q==

GET
H2 200 8.94b86ac7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 81 KB
25 KB 35ms
22ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.94b86ac7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 20:11:10 GMT
x-amz-version-id: sKS3NtYZ5xBkpnwyRKt297s4ZL0aCKra
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2091261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 17 Jul 2023 15:59:42 GMT
server: istio-envoy
etag: W/"c01af04dcc374efd61d695b2f1e6a2c5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pnyYmWCA7fDR2lAJtF1X54DX--xqLIWCcod4FpI0qLCpLFPsbstZbg==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame E46C 24 B
697 B 22ms
9ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 12 May 2023 13:09:31 GMT
x-amz-version-id: C6GeoJGSzHnxQmfIIaJPtsDdeomKLjJo
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 7818960
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
content-length: 24
last-modified: Thu, 11 May 2023 20:21:34 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pHcRppcIoG6zZ5azJ_jZgnxVDwxve3HKZNfujGI0heYPaNdPTvCaNQ==

GET
H2 200 16.8bd9e5a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 91 KB
23 KB 36ms
23ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: rzljacJzqN37r9cYvWsZXzr5I9pj.xER
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1145296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"ef144ff505a111b4fe4731aaba1cffed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8AQcsr8eNDoJjBprLIXMR9XAFnF5vCT8gY_Mcnq0pu_PvKXMyEAhmQ==

GET
H2 200 24.1fcb23fd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 50 KB
14 KB 37ms
25ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1fcb23fd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6e60af994c94f52d951f4ba72ce1ad110d02331dc2ab55b61110cd3be60c83f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: mhEzNs3jM3iyiDrVTPsVGu6p3AXJxHOl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1145296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"dfa4b7771ab513175144a5ffeb70e72d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XVoenomagAkXFlBRpHxW2738B-ZknZ8T_YQvRRbjMoBbJADMVVEaRQ==

GET
H2 200 17.a71bb070.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 40 KB
13 KB 38ms
25ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.a71bb070.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6fa317686874e2babbb154c505e6d34dea75adf4cc6621773e1b40970a89419b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: W_RhZ8nhV9MfFiIuzCtGrNuJHr5uhnLe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1145296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"8f716b28dee3e1937ef5c37d59f4213c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8WMEGeurnDFCXE6LZUW8x-sPLaodb9f7CyL8lLn8u6ys9JhQyvl9sQ==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0CC7
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=p1CIbBcQicGX0tZEoe3CLd9205BzptRt

0
338 B

110ms
31ms

Image
text/plain

52.31.154.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=p1CIbBcQicGX0tZEoe3CLd9205BzptRt
Protocol: H2
Server: 52.31.154.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-154-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: beacon-n010-dub-prod.krxd.net
date: Fri, 11 Aug 2023 01:05:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1691715931
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=p1CIbBcQicGX0tZEoe3CLd9205BzptRt
date: Fri, 11 Aug 2023 01:05:31 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 786497
content-length: 0

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 9 KB
3 KB 12ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:21 GMT
x-amz-version-id: 11XPwI2xxVbguG7UE_GEw7u.mY1XZ4Ws
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1321930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Wed, 26 Jul 2023 13:14:41 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sDF71L6BJv39QQDNmoI8ZL4EQA8NyIn-hMohBY-HMc8STzaN1TpqxQ==

GET
H2 200 27.01c2bea5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 35 KB
10 KB 13ms
11ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.01c2bea5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:02:59 GMT
x-amz-version-id: nle0j8birQ7TqZcCTCj2_Aiuc4PU4FBJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4489352
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Fri, 16 Jun 2023 14:07:13 GMT
server: istio-envoy
etag: W/"04a233a42dcf8c50a83bfecea8ba552d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xXNlOx1O9SJTu1TuZqUjt-N7paitKQ2fJDtt5Re-AtXGB78GTPwtuQ==

GET
H2 200 28.b5e8f5e1.chunk.css
js.driftt.com/core/assets/css/ Frame BC6B 8 KB
2 KB 10ms
8ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.b5e8f5e1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:30:40 GMT
x-amz-version-id: o5Mqj_3FT3WjX9660DbCXWXmwKjwNZDi
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1337691
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 26 Jul 2023 13:12:09 GMT
server: istio-envoy
etag: W/"e7107bc29ccb3c6d928f0f8f10a0f22d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jQVrd5FRfkgHeKTthMbxQCPKOn7hkWSfyvtOZslB6XVBnJJgxD5mpA==

GET
H2 200 28.bdd92ff2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 14 KB
6 KB 14ms
12ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.bdd92ff2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id: FN2mK9FP.1iG0EPXu5GaP7vFrDcTGt2G
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4441424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Tue, 20 Jun 2023 14:23:09 GMT
server: istio-envoy
etag: W/"260fbabe310bd2cae5c44538f3d833ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ryPvygs8RGPF33vhCMpwVpRT1ILeMiZS9GJaxl0QjNXMBWGpDRt1qA==

GET
H2 200 25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame BC6B 365 B
1 KB 11ms
10ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id: ZuuQmAv287PLv09x8YJDQ63ijAfFLcLS
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P5
age: 4441424
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
content-length: 365
last-modified: Tue, 20 Jun 2023 14:23:06 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bxWcKtcnSUGd6o43AZhWVS8gIBhbrrWaPYoVNYm_bpPidId03q7dhg==

GET
H2 200 25.a9a52994.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 91 KB
25 KB 13ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.a9a52994.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 20:11:11 GMT
x-amz-version-id: gwpLuUCx14LwmyLJHh.v9ArijcPAHA0d
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2091260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 67
last-modified: Mon, 17 Jul 2023 15:59:41 GMT
server: istio-envoy
etag: W/"34109a0bf2906f78b21b4a9f5fa4ab8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KWzwDCYqmrIOQYGQZx2IPcEJM1d8vUuDNAwrvyi1364sY2lf1vpCpw==

GET
H2 200 37.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame E46C 3 KB
1 KB 8ms
7ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/37.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 00:43:49 GMT
x-amz-version-id: 6S9dem0QqRNKdsXJa9pt.hiZoFHo8G8.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3111702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 58
last-modified: Fri, 30 Jun 2023 16:16:07 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vhn_jxTc5jljWQONLZnujbVY-KSJL7f7Lf6QYcE0_hef3bIi-NQzuw==

GET
H2 200 37.298cbb69.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 3 KB
2 KB 9ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.298cbb69.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 04:59:35 GMT
x-amz-version-id: Fv09MwZ9_aib0TbI3DWT7N_8oqF8DxL_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4478756
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 16 Jun 2023 14:07:13 GMT
server: istio-envoy
etag: W/"86b289eeb2bf9d30034f30d9794e8041"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sjmH9kXIVNKF2wqnOk0fHXCKVj3LqS_EBxK9t8rONjCVpxj8jNEAZg==

GET
H2 200 seg-19-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 224 KB
225 KB 16ms
16ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-19-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 6a407cf97d40ab923e7666216cc8a22c43ea8db0aa1db61c4957343f085f417c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:10:14 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 150917
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 58
content-length: 228984
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: LrqzTId6dzAzKL10lfFM3QlTwdq5fjk3NjbWTjSHL189NQ8Pf9GJgw==
expires: Thu, 08 Aug 2024 07:10:14 GMT

GET
H2

200

cs
s.thebrighttag.com/ Frame 0CC7
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=x8O6ZtoQ2AvwxMxzps5uezQWoAD4C-ME

35 B
268 B

333ms
106ms

Image
image/gif

18.191.127.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=x8O6ZtoQ2AvwxMxzps5uezQWoAD4C-ME
Protocol: H2
Server: 18.191.127.2 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-127-2.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 01:05:31 GMT
x-bt-requestid: 2b37b8c0-37e3-11ee-9069-0000ac170193
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=x8O6ZtoQ2AvwxMxzps5uezQWoAD4C-ME
date: Fri, 11 Aug 2023 01:05:30 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 528417
content-length: 0

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 9 KB
3 KB 11ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:21 GMT
x-amz-version-id: 11XPwI2xxVbguG7UE_GEw7u.mY1XZ4Ws
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1321930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
last-modified: Wed, 26 Jul 2023 13:14:41 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -bSAP3fulgwyQvw29sxHDcUJuQqfu7UXWz2X1K3jGZ-cx7bwfyaA8w==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame E46C 7 KB
2 KB 9ms
7ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:21 GMT
x-amz-version-id: Ov831I2a5yEZEgVNkzjL3jR4iYT4qeoU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1321930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Wed, 26 Jul 2023 13:12:09 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JV1Fv2bajByQNiVbmJLifpxFlC4wS43aUqFSbCByR30kueVTd7lQ7g==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 54 KB
15 KB 11ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 09:32:39 GMT
x-amz-version-id: jXTrJe6220Uy3oL4jKw8LE4E7PDU6e2f
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1351972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Tue, 25 Jul 2023 18:08:14 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7Sb7j-doz3n3DC7Q7P_y-raSDI6F2JjnE68umNoWwJkE4iBAdXp1fw==

GET
H2 200 1.12ba17b6.chunk.css
js.driftt.com/core/assets/css/ Frame E46C 44 KB
7 KB 10ms
8ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.12ba17b6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 19:01:02 GMT
x-amz-version-id: 19YOPtagzF0I0emgnq_seBKB.3mPQekh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1836269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 62
last-modified: Thu, 20 Jul 2023 18:22:08 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gO1r7axoTOTsp40rZmh7AWT6s1PC81593J749FVREUg9kt33DzXU0A==

GET
H2 200 1.be8346b1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 54 KB
17 KB 12ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.be8346b1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

14c31b1fc92b43518a568d37d84d9f67783605ba8a894a17e2eef5d7de283f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id: PLfb_l_4aFe.aYN3FEG.I5zIcM2Rb4sy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3650322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 29 Jun 2023 18:36:38 GMT
server: istio-envoy
etag: W/"c2bd45f4e9f02db923342d39137bf141"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HImA9n9oyG3MGmSIsf7zGqROlz9_UZ3qm5VXs435t10UF3QRrhfCqA==

GET
H2 200 4.9d776499.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 23 KB
10 KB 12ms
11ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.9d776499.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 18:55:58 GMT
x-amz-version-id: uGJ36CDXFf5jc7zFgfXUohqg1i8mPHWM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1404573
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Tue, 25 Jul 2023 18:08:15 GMT
server: istio-envoy
etag: W/"cc02ad980b6b04f3bba61e68883356d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iCkS8C4_iqWZBoAqwHsBN3gozFHbgeSDWGvJCQNjLnMAs2NY3jIN-A==

GET
H2 200 34.0504aac4.chunk.css
js.driftt.com/core/assets/css/ Frame E46C 16 KB
3 KB 10ms
9ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.0504aac4.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id: Y0eUMP8TZIUm_xphXPO8Cb7kobR8Sp8P
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3650322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Thu, 29 Jun 2023 18:36:37 GMT
server: istio-envoy
etag: W/"95b017fb41a8751bd7175f8a73f035f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZDY76BkHEK3oLCwWEjYP4Pp5IcCB6wiq4QuTFR7OwYRAU6VSc7SFxQ==

GET
H2 200 34.26535e57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 12 KB
5 KB 12ms
11ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.26535e57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c7076a6235cd12720cc675334102d16bd5e46a33910f1b3ada0425b74ed020d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id: pP4ZKQ0wl7_jYctuYheBxCj9PF_v.ESa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3650322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 29 Jun 2023 18:36:39 GMT
server: istio-envoy
etag: W/"d1f726d8d49e4c3e218775f6ce78039f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FpRi3As3lqEjNTBs25LWwLktzmXwvomuTwQBabzkQ7sQ4xaUg1XahA==

GET
H2 200 seg-20-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 303 KB
304 KB 14ms
13ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-20-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: c32d18ba0c3736d8fa8019e9ef594cd2035bb79268775b530fac7e7998f4ed54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:27 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456004
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 55
content-length: 310200
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: F1_ne6BXTa2E_nT8a2pWSj64NL-QjJiDBw0CDoGwZfUFffE41IMmAA==
expires: Sun, 04 Aug 2024 18:25:27 GMT

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame BC6B 147 B
587 B 332ms
106ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8ff8ea6c7f06bb7d48ee991b3d25b72825da0c66968d02eb4e2212c9762d8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: bd41b81fa90d60e
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147

GET
H2 200 seg-21-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 268 KB
269 KB 12ms
12ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-21-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 26255a879e32ea1144002e79075d52f7c5bde6b53be24fdcb423a39f8a12a1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:25:28 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 456003
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 86
content-length: 274104
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 8m6ZtQ6zurBAIAFM0cpmLeKUV6WyMqncTTarFdcONnlO7y3hEoiIGA==
expires: Sun, 04 Aug 2024 18:25:28 GMT

GET
H2 200 seg-22-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 326 KB
327 KB 14ms
14ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-22-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 376f8df3503e8ca4f46f5f345e9cd1870846c80401a129a0b5ad167cd62ea1ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:10:15 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 150915
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 368
content-length: 334264
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3FzCgqBK3nS4_5y9uTJBYSw-jQ5lY8xUBgOYHkih4g62JLF4wjApPg==
expires: Thu, 08 Aug 2024 07:10:15 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241965936397399&ev=Microdata&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&rl=&if=false&ts=1691715931885&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Credit%20Secrets%22%2C%22meta%3Adescription%22%3A%22The%20Ultimate%20DIY%20Resource%20for%20Repairing%20Your%20Credit%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&ec=8&o=30&fbp=fb.1.1691715930367.226442832&it=1691715930186&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:05:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame BC6B 25 B
88 B 142ms
117ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 7a36478d355d608
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame BC6B 8 KB
4 KB 280ms
279ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

5c9b62991e15a4a33d845454196461ec1dc6f347228fcd5498ba3d63b3892f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Aug 2023 01:05:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: c267d60be3f4441b
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 181
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 3652

GET
H2 204 unip Show response
trc-events.taboola.com/1243026/log/3/ 0
248 B 57ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1243026/log/3/unip?en=pre_d_eng_tb&tos=1565&scd=0&ssd=1&est=1691715930378&ver=36&isls=true&src=i&invt=1500&msa=9879&rv=1&tim=1691715931943&vi=1691715930376&ri=96748dd32573b73d071c1497667b78f1&ref=null&cv=20230730-6-RELEASE&item-url=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1243026/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: https://getcreditsecrets.net
pragma: no-cache
date: Fri, 11 Aug 2023 01:05:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame BF84 28 B
55 B 78ms
77ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
X-Goog-Request-Time: 1691715932648
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Ja2THbW2Q1M?&theme=dark&autohide=2&modestbranding=1&showinfo=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fgetcreditsecrets.net
X-YouTube-Client-Version: 1.20230806.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs0VXlTSkkwTmxCZyjaktamBg%3D%3D
X-YouTube-Ad-Signals: dt=1691715930429&flash=0&frm=2&u_tz=120&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKqeeAwaAhU_8szEiyi9kSPPp6svu8yetjJ5q5VPPEeGcLz7J47-H-5Hdtv2vIK7T0YBkjXAA9jJmt8UCnkleiLwHyZmRw

Response headers

date: Fri, 11 Aug 2023 01:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 11 Aug 2023 01:05:32 GMT

POST
H2 200 track Show response
event.api.drift.com/ Frame BC6B 572 B
635 B 100ms
100ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

6db752b67b203354c2d6cecd56f3733aaa333810b99b9fd87898f0c7ebeb6ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxOTEwNDcyNzkzNyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjEzMzE2NTkiLCJleHAiOjE3MjMzMzgzMzIsImlhdCI6MTY5MTcxNTkzMn0.fqXlcuqu5n2lNGkG_e30ukfloxzzCUz-2QTsMMcW3sISafhehTdlNH28faY4V6J_xtjhUiy6HACnz6qPYqhyGg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Aug 2023 01:05:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: cf5e674a02b762ba
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 572

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 124ms
100ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Fri, 11 Aug 2023 01:05:32 GMT
requestid: drift7bec74043eb80eed0c8f75bfcba
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame BC6B 19 KB
7 KB 14ms
14ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=ihh6bvri2z5y&eId=ihh6bvri2z5y&region=US&forceShow=false&skipCampaigns=false&sessionId=89ed0fe7-b5f9-4574-86d0-588cfd42ad67&sessionStarted=1691715930.82&campaignRefreshToken=9f339b48-ac84-4081-8fc5-d85891d87e2b&hideController=false&pageLoadStartTime=1691715927516&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:16:11 GMT
x-amz-version-id: gdLzK0_qjU8jtmmLbxCIMiiKO3ne3if8
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3844161
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Mon, 26 Jun 2023 20:12:20 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GcF7ApH0KlpV7L2tDG-12SFvyeJksr8SJ9Wue30_7gCT72ecv-OfBA==

GET
H2 200 common.js Show response
maps.google.com/maps-api-v3/api/js/53/14/intl/de_ALL/ 260 KB
57 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/53/14/intl/de_ALL/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyBgbu1wMY8oJ9rjXTUiqTr9puEi6qU25SI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa7fcb7413f7b6cb9c0a76aadaa23a5e73ea367785cfc859a21dda19f6f226c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 00:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57809
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 04:14:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Aug 2024 00:22:42 GMT

GET
H2 200 util.js Show response
maps.google.com/maps-api-v3/api/js/53/14/intl/de_ALL/ 159 KB
50 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/53/14/intl/de_ALL/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyBgbu1wMY8oJ9rjXTUiqTr9puEi6qU25SI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21627001b40dde45bb3ba2d7d613cd6f42c438eb81ab924ddc56e14052b932e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 13:03:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 216125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51142
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 04:14:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 13:03:27 GMT

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E46C 19 KB
7 KB 14ms
14ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691715927516
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:16:11 GMT
x-amz-version-id: gdLzK0_qjU8jtmmLbxCIMiiKO3ne3if8
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3844161
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Mon, 26 Jun 2023 20:12:20 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BZ7DI74QrYYZ4mHnqgBzXf8nXoXRynoGHzW10X0ArG7oC3KGMrEXtw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame BC6B 38 KB
39 KB 9ms
9ms Font
font/woff2 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:43:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6913321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ewV6jn3y4v67JtkqF3n6STH1RvZ9hwxl_UT2u8x8Wt6jKhQZ-5M74Q==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame E46C 38 KB
39 KB 11ms
10ms Font
font/woff2 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:43:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6913321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1Dk_euN_53FDXARt0qdY4dqSct36nqszLFPB6aJ598mK_L6lV95jfg==

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame BC6B 25 B
111 B 110ms
110ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Aug 2023 01:05:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: be867d2bc28c284
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

GET
H2 200 seg-23-v1-a1.ts Show response
embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/ 259 KB
260 KB 14ms
14ms XHR
video/mp2t 2600:9000:21f3:a000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed-cloudfront.wistia.com/deliveries/8d11507edcfdb46996b07b50c68c1e2b71ab0c9b.m3u8/seg-23-v1-a1.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 5b067b0c7b00d22c4ac7472e86516f8b94bbbeb8b5be896ac99cbccfe2cad66b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:10:17 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 150917
edge-cache-tag: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 279
content-length: 265080
surrogate-key: 8d11507edcfdb46996b07b50c68c1e2b71ab0c9b-hls-segment
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
server: envoy
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mbGmTOtTne6ZPPzfwNS5enLZVDVC7ztWORZXfFTkj1WuiuZDdVqwHA==
expires: Thu, 08 Aug 2024 07:10:17 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1243026/log/3/ 0
248 B 15ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1243026/log/3/unip?en=pre_d_eng_tb&tos=4566&scd=0&ssd=1&est=1691715930378&ver=36&isls=true&src=i&invt=3000&msa=9879&rv=1&tim=1691715934945&vi=1691715930376&ri=96748dd32573b73d071c1497667b78f1&ref=null&cv=20230730-6-RELEASE&item-url=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1243026/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: https://getcreditsecrets.net
pragma: no-cache
date: Fri, 11 Aug 2023 01:05:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241965936397399&ev=connectretarget&dl=https%3A%2F%2Fgetcreditsecrets.net%2F%3Fdeal%3Dsuccess%26dbvid%3D3710&rl=&if=false&ts=1691715935551&cd[creditsecrets_pagetimer]=5&sw=1600&sh=1200&v=2.9.121&r=stable&ec=9&o=30&fbp=fb.1.1691715930367.226442832&it=1691715930186&coo=false&exp=a1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getcreditsecrets.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Aug 2023 01:05:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=ro3d3BH5gJb0OV8X&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fgetcreditsecrets.net%2F&lact=2089&cl=554318840&mos=0&volume=100&cbr=Chrome&cbrver=115.0.5790.170&c=WEB_EMBEDDED_PLAYER&cver=1.20230806.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=754&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24208765%2C24362628%2C24380264%2C24415864%2C24416291%2C24439361%2C24524098%2C24544702%2C24549485%2C24559328%2C24563545%2C24564582%2C51000316&muted=0&docid=Ja2THbW2Q1M

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: AIFt6H6IpzA
.youtube.com/	1970-01-20 18:14:27	Name: VISITOR_INFO1_LIVE Value: 4UySJI0NlBg
.getcreditsecrets.net/	1970-01-20 14:38:27	Name: 075d100d-be5e-45fa-b171-97876e904c4c_uuid Value: 09b3e254-779e-42fb-891e-cb07f693c662
.getcreditsecrets.net/	1970-01-20 14:38:27	Name: getcreditsecrets.net_activitySource Value: %7B%22deal%22%3A%22success%22%7D
getcreditsecrets.net/	1970-01-20 14:16:51	Name: variation_path Value: 3710
.getcreditsecrets.net/	1970-01-20 16:04:51	Name: _gcl_au Value: 1.1.1742924343.1691715930
.criteo.com/	1970-01-20 23:16:51	Name: uid Value: 2d9e1881-d538-41ff-b697-a6773712b512
.doubleclick.net/	1970-01-20 23:16:51	Name: IDE Value: AHWqTUnQdEBs9wP2ql5wwXWxIJD4BHvaTOSxYaLUQUtBkEgoPi9Sk19yfuzzGkZa
.getcreditsecrets.net/	1970-01-20 13:56:42	Name: _gid Value: GA1.2.1108579203.1691715930
.getcreditsecrets.net/	1970-01-20 13:55:15	Name: _dc_gtm_UA-75241181-3 Value: 1
.getcreditsecrets.net/	1970-01-20 23:31:15	Name: _ga_YVX9HJM1JB Value: GS1.1.1691715930.1.0.1691715930.60.0.0
.getcreditsecrets.net/	1970-01-20 23:31:15	Name: _ga Value: GA1.2.444975325.1691715930
.getcreditsecrets.net/	1970-01-20 13:55:15	Name: _gat_UA-75241181-3 Value: 1
.getcreditsecrets.net/	1970-01-20 15:21:39	Name: _fprom_ref Value: success
.getcreditsecrets.net/	1970-01-20 15:21:39	Name: _fprom_tid Value: 1cff20b3-f774-489c-b9fe-d79177b208df
.getcreditsecrets.net/	1970-01-20 23:24:39	Name: cto_bundle Value: O8vPRF91WmI2REhHZlhrT2ZnWHJabGJkeW9teTlpJTJGJTJCQ0IlMkZ0cW9wSElWbFZJcGViVzJwJTJCJTJCNWcyanJ2MVNwTlZoQ0hIeXl6eE80Wm1JMDNGSUpkT043bGRSdTFsamptZGs2NHRRSldsWkw5Nm05M1JvVWZyVFJoZ1E1ZU1HRU1LeTBTYzJ0Umd1R2RXSW44cEY2VWlVVXA1SXZDUURSbmNHWFRTMENpJTJCUlolMkZXNVlMTSUzRA
.getcreditsecrets.net/	1970-01-20 16:04:51	Name: _fbp Value: fb.1.1691715930367.226442832
.yahoo.com/	1970-01-20 22:41:13	Name: A3 Value: d=AQABBFqJ1WQCELiJlRqtdtbrcpi41_0l-OUFEgEBAQHa1mTfZOAQyiMA_eMAAA&S=AQAAAt_mVyeCAB-gQo6wNSg3R3s
getcreditsecrets.net/	1970-01-20 22:42:25	Name: boostpixel_cookie Value: 1
prism.app-us1.com/	1970-01-20 14:38:27	Name: prism_26017210 Value: 6b3d2e5b-e712-4504-865a-c0a5ce055826
getcreditsecrets.net/	1970-01-20 13:55:17	Name: drift_campaign_refresh Value: 9f339b48-ac84-4081-8fc5-d85891d87e2b
.adnxs.com/	1970-01-20 16:04:51	Name: uuid2 Value: 6193695566076172175
.adnxs.com/	1970-01-20 16:04:51	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GU'q)jvD!]tbPl@/D!9hy6]/CwiG.yT05ukk5:JxSR32>xA8Opj(Zz0m=:.R3P.Lk1-G?TBnBASG[pCYbpRzqF1`ba<?+LLm@
.demdex.net/	1970-01-20 18:14:27	Name: demdex Value: 89431031887499271303068945384570997162
.omnitagjs.com/	1970-01-20 14:38:27	Name: ayl_visitor Value: a02b091c3d090f838f5d50fc347f12e5
.casalemedia.com/	1970-01-20 22:40:51	Name: CMID Value: ZNWJW9wrlaIC8SMr1ebJxQAA
.casalemedia.com/	1970-01-20 16:04:51	Name: CMPS Value: 1202
.casalemedia.com/	1970-01-20 16:04:51	Name: CMPRO Value: 1202
.dpm.demdex.net/	1970-01-20 18:14:27	Name: dpm Value: 89431031887499271303068945384570997162
exchange.mediavine.com/	1970-01-20 14:15:25	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%222ae4b6c0-37e3-11ee-a6bb-6b5e04431934%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:15:25	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%222ae4b6c0-37e3-11ee-a6bb-6b5e04431934%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:15:25	Name: am_tokens Value: %7B%22mv_uuid%22%3A%222ae4b6c0-37e3-11ee-a6bb-6b5e04431934%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:15:25	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%222ae4b6c0-37e3-11ee-a6bb-6b5e04431934%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 14:15:25	Name: criteo Value: %7B%22id%22%3A%22k-YQ3f4mQFKd-CVnaU7oVNbDym-G6VuRRYne3TFw%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-20 22:40:51	Name: visitor-id Value: 3347175311491600000V10
.media.net/	1970-01-20 14:38:27	Name: data-c-ts Value: 1691715931
.media.net/	1970-01-20 14:38:27	Name: data-c Value: k-cIcCXGQFKd-CVnaU7oVNbDym-G71HKgNrzHmzQ~~3
.pubmatic.com/	1970-01-20 14:38:27	Name: KRTBCOOKIE_97 Value: 3385-uid:k-6S5mS2QFKd-CVnaU7oVNbDym-G7_K61Kj4lLRA&KRTB&23144-uid:k-6S5mS2QFKd-CVnaU7oVNbDym-G7_K61Kj4lLRA&KRTB&23286-uid:k-6S5mS2QFKd-CVnaU7oVNbDym-G7_K61Kj4lLRA&KRTB&23287-uid:k-6S5mS2QFKd-CVnaU7oVNbDym-G7_K61Kj4lLRA
.pubmatic.com/	1970-01-20 14:38:27	Name: PugT Value: 1691715929
.360yield.com/	1970-01-20 16:04:51	Name: tuuid Value: 58c13f26-0b41-4d89-a1bf-9fbd93da9447
.360yield.com/	1970-01-20 16:04:51	Name: tuuid_lu Value: 1691715931
.360yield.com/	1970-01-20 16:04:51	Name: um Value: !38,iaL3IehXW11pA9W4WWDaB0ACgOcTqOqtULvoQJluBmw-h640L-HKO-9btow9zzhXL7CXTCUr,1699491931
.360yield.com/	1970-01-20 16:04:51	Name: umeh Value: !38,0,1753923931,-1
.krxd.net/	1970-01-20 18:14:27	Name: _kuid_ Value: PulEPNUe
.tremorhub.com/	1970-01-20 22:41:12	Name: tvid Value: f92a3985f6e14d96a4df9e636bb093b5
.tremorhub.com/	1970-01-20 14:38:27	Name: tv_UICR Value: k-EBicq2QFKd-CVnaU7oVNbDym-G6xUHsTt-sYdg
getcreditsecrets.net/	1970-01-20 23:31:15	Name: drift_aid Value: 531b8aac-0ea0-4fba-8eec-6697e57add8c
getcreditsecrets.net/	1970-01-20 23:31:15	Name: driftt_aid Value: 531b8aac-0ea0-4fba-8eec-6697e57add8c

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://getcreditsecrets.net/vsl/images/email.png Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

177758.t.hyros.com
177758.tracking.hyros.com
a.twiago.com
ad.360yield.com
ad.yieldlab.net
ajax.googleapis.com
amplify.outbrain.com
assets.revcontent.com
beacon.krxd.net
bootstrap.api.drift.com
cdn.firstpromoter.com
cdn.taboola.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
connectio.s3.amazonaws.com
contextual.media.net
core.thedatabot.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d3os7c1voccrkz.cloudfront.net
d7s870zeth355.cloudfront.net
diffuser-cdn.app-us1.com
dis.criteo.com
distillery.wistia.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
embed-cloudfront.wistia.com
event.api.drift.com
exchange.mediavine.com
fast.wistia.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
getcreditsecrets.net
googleads.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
jnn-pa.googleapis.com
js.driftt.com
maps.google.com
maps.googleapis.com
match.sharethrough.com
matching.ivitrack.com
maxcdn.bootstrapcdn.com
metrics.api.drift.com
mug.criteo.com
pipedream.wistia.com
pixel.rubiconproject.com
prism.app-us1.com
queenofcreditscores.com
r.casalemedia.com
rec.smartlook.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
s.yimg.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.firstpromoter.com
tr.outbrain.com
tracking.graphly.io
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
us-central1-gtm-server-377914.cloudfunctions.net
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.lhn0etrk.com
www.youtube.com
x.bidswitch.net
www.youtube.com
13.248.245.213
141.226.228.48
148.251.128.81
151.101.1.44
151.139.128.10
172.104.231.58
172.217.18.98
178.250.1.11
178.250.1.9
178.250.7.11
18.191.127.2
18.195.183.142
18.66.112.39
18.66.121.156
184.30.17.243
184.30.17.67
185.255.84.153
185.64.191.210
185.80.39.216
185.86.139.104
185.89.210.90
185.89.211.12
2.16.97.41
2001:4860:4802:32::36
2001:4860:4802:36::36
212.82.100.181
2600:1f18:612b:4200:afa3:28fc:4d3:4fa2
2600:9000:21f3:a000:1e:c86:4140:93a1
2600:9000:223e:4a00:15:a0d3:77c0:93a1
2600:9000:223f:4400:f:a14c:a8c0:21
2600:9000:236e:1400:1e:b6b6:9ac0:93a1
2606:4700::6810:175e
2606:4700::6810:185e
2606:4700::6812:acf
2a00:1288:80:807::2
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2016
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9b
2a02:2638:3::3
2a02:2638:d::d
2a02:6ea0:c700::17
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::644
2a04:4e42:400::644
3.64.114.92
3.75.62.37
34.117.157.22
34.193.113.164
34.194.253.69
34.210.103.97
34.232.107.162
34.235.217.206
34.239.79.61
34.250.36.253
35.157.68.83
35.169.181.77
35.244.234.248
37.157.6.232
52.2.56.64
52.216.102.59
52.30.115.249
52.31.154.19
52.58.249.168
54.78.21.60
69.173.144.138
70.42.32.255
74.119.119.150
85.215.5.31
95.101.148.20
009194e0ef2b6a718d82152d400833d2f9d7e06c6aaf958044338cfa12b69a7e
06a24ee7edf4326337bd4fb6abd5173b5c98c3d3cc257e453406cfc23812fcbe
071efa07b0d6e464d38022115bdd7a5ba0716ca16b4e915fe121c5ee67f1b5c2
0887d375a9a37c5f50361119f6d17e24ab5b4eb19b89ffa682fe89455f9e0249
08fb723ce8b5e8cc61eafeb21947d80d27c062396aa3db418720b1f35a65382f
0a4f226d50cbe90930addc9c77c732d92f79aefcf7818aff44e864099aea1d0b
0adf509b393fd1a0990626e44307ec895184f9a3718fc2e284075539fe0b87ad
0b8669d169d54c6ccae97048c541a28be34236b0c1af963d89b051f1a25b44d7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
128b08c1b43f7ca089c66a62966fc3a4cdec30479d6c31a54c32bd087545dbf7
14bfa1b53f5beab07b9c1fe255d8430c762f3d96ec928f4d2371e3d352b46f7d
14c31b1fc92b43518a568d37d84d9f67783605ba8a894a17e2eef5d7de283f9c
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
17c5d01c8aa053a6bd774804fdbf9172115d690ca9f991e896f7ed232fe0a5a9
1874ee7bb1cff8e621ebc443da998f18417756ca9266289732ab2893cded1148
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
19fe4681a9058e73e0010615c2d21f3c13450d625c888cf60ae6968083c23988
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f28bac589311c93815c1d93a953123bc976d62e79a6c6632659c13404022421
21627001b40dde45bb3ba2d7d613cd6f42c438eb81ab924ddc56e14052b932e4
21db150bafe4774375b96c3edb018838750a23ed7c967d51044cc6fc079dd422
2433394b69ff29c1ee9230af856dc0fe53c3e497dd486721a0b144aa509eb5fa
25149bd4ed96d10d75010c6894f84202c902a1452f761be7dddd5f2a86173c32
26255a879e32ea1144002e79075d52f7c5bde6b53be24fdcb423a39f8a12a1c2
28446c8e467f56e3f6d4636b5e640961f22a439f1c13ff09c4fd467dbfc1000f
289d1db682c6270fd1fe93b1c973727b1bf00a225cff8d30a75557582b432773
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e
2c0c7a720767f4ab7eb096007bfcbd574cf82430488e2c0901694400eafcf66a
31e61b1d103d593ae11e1e690f2c9322b08f7e83c81f39819d890d15e5775bf5
3275df2b5884f5ac10dd566eb8db449ce777dd7374224737742d3c4518b229bd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3411e9c68144e7fa20b9736a843df9ade0894ff5d807c9d9fb7fedb05eeead59
376f8df3503e8ca4f46f5f345e9cd1870846c80401a129a0b5ad167cd62ea1ed
3e1dc30229d2b4ab712917e2cbcf1f26b633d50e049652f822e063003b7bb87c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fb7120979b79e0a6a533d36b67a46b217feef83f4ff49cd765abf42556047d8
4026f4ffc5edb96d122cc7d41856c93b04faa2430f5ee0d352e69a5456d76266
428fefa036de5a227b40945c94be22b37a89516bc6b8a5c0dd09b88e17fd9ddf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
4a02a307f66b630c33aaf1dabba97f0a8502653a517e503addaf23bfe072b6e8
4aea5a8fc5cdf8175f192f9717bdc364bbf8ac9fc9dd2468722386e6f216a04e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5107cc26a01a677b58bbf027ffacdb23b2d96dd93e1cf93d54fa1f1e01718c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
5064acbb1155bfa79558bf63d8b613413a91d24da1874d70840a4c52f01adde8
521b858a4fcc33d56f0248f7aa72997c4acf17e0843bbb00e144f8ae41a40f82
52bd8782a93d9a468a75291c43902fd90b4a03956a32660eae72ce98e32dbb9f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5784476a2395f70902fb329da66da8ed69a5ff2ba8280c1331373e4106c256a5
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b067b0c7b00d22c4ac7472e86516f8b94bbbeb8b5be896ac99cbccfe2cad66b
5c9b62991e15a4a33d845454196461ec1dc6f347228fcd5498ba3d63b3892f02
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1
5e968a349dd81eaaa0ff2faa45900afeeed53feba42e4ed89aadfe8907982a13
5ff00bd48a27ef70080829a7c61412ca64a37e759c1b83becbaf90e979b7eec5
602abac3ef7117d37d44b1d775708c66007efd0f697ce35a4037d01fc7da2214
622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec
62d089e415e6d3b3ceb6b0e2075b40d564aee461b44e9712d7cdd5c17868eb91
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
6a407cf97d40ab923e7666216cc8a22c43ea8db0aa1db61c4957343f085f417c
6a58546cb940d230111d3c27196baa14363086f5b1deb9592cca0a9b3b32e3b0
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
6db752b67b203354c2d6cecd56f3733aaa333810b99b9fd87898f0c7ebeb6ec1
6e60af994c94f52d951f4ba72ce1ad110d02331dc2ab55b61110cd3be60c83f3
6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a
6fa317686874e2babbb154c505e6d34dea75adf4cc6621773e1b40970a89419b
702eea1a051794206fa6e78f9ed7d9c7596e142685ce6354903008a6bf75e887
70560ba9138d04a53b3d50ad24c6ba38a16a2cacb591ddaf7aabb312f0330a9f
71aa681da14918a139b74037bef5c2368658ae3d80ceb7e2694752c26782ea02
7425038d7ecfec6a8a0149f3e72f22c31410f1ab3424874d36d16d0675a59f01
746dc6d89056f014813d3530199d3018a0f577b14b69fbbcc4672ca4f428e507
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b5b37c131b1498218d8b156c88c070a20acfaa7ac8fd746fa2f34ff8436c8ae
7d94bce93f7bfcd1bf104dde3faee0722c22620c012a2aa9c3fc7539c010534c
7e736e133b36e2645095b2b6d4366d295db69cc1fb5f4d6c367839f2545a3c98
8000140119e336e4a0ab746ff21206ad9311978ccbd2844e24d0be8043b8a622
81ee68c69ef7ec91029b1d80c7190b6cd68e1924356d884e397a67668a7ce2f3
82ae581e5e53c0fabf5f1417b86a04822fecc5d7df8bce5d88e8140922c59477
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b0eefd82802df73b213e6aad199c6d5e0ff8d2b57e0c9553bff3688ad279d8
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a
894694eee28fc463a83875d519e70afaf5f40ac7c042d6114c4ee86d156b4067
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d81dd50d0c3e6347ba625e469681e8e19d4a8144d1cde13ccd01514a6aa2d94
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
90b8e8f8fa0826107195aa91ef63285976ed00f37f37de2b358d7d227d32f20a
938a19aa964680c64c663d113e941222a537fbc54e315382fdc6569bf088ac21
93c5482e92260a23f9b7a1d48b7a452adf61e3d307723c0636b844205eed44f3
990e42a6564ebbaed7e4a3b913b9106f10c4b30d7d73e0bf5efd450c2ce81c79
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9b79795aa5c740a0f230a5fc7a0fdede829b6fb60901f7a796d0c97350451737
9bac7fb8ed7afa7242d70381ac4e83585191cffade0809d5e1f767cfcc7c248d
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
9d68204b7936a771c0edd34b35e53e274b42f560ef4e30937fa3100bfa240805
9d7886b366e43a9ff360fa7a58e270a7f23d090b13df446a0f32c0f72c0b2276
9dfeb5b8d4f485f9eb4fac971e5c59542c0d3140287ad5c98ed4fd9ceb450117
9dfee1bff906d6398fbf82797ae0eca9ce2dd97ebf457b195619b2824163eacc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a71c748edf69e69e7457cd712c09d67c3e53ef46a5b0ac1bc280a559c45b130b
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8ae4a37d003da47b51ce6a0fa0138ef9fd77bc560218fe9457f94d8d26aa221
ac626297dfb1e38d2b1bcf8962caf6e9efe3d6abaa787b1446e6d5aca45f8cea
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bd7e3e7efc0b8c44a898c57b9a749616561af26f89b9fee18833312403e5ea
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b7361293c1b47c479fc3de58ef8d5a774dafb08ca8d632c3e2b0cdd4a1ae4067
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b8619f4204b5cf79535c3be2b98d3c85ac4d1d0832c06da7723afd2092ce72fb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
bc343a54cc596c6ef6f89a9eec0dd5531c8465a1412c0ea26052f54be50a636f
bcf1c5cf09bc329f4b036e778ce1753e3a9390e811cf3b2c7e367bb8cecbce81
be2dd52904f6ca2e12dc5c30cc4ab022312dd6a6244e79b6693edcd6692d89f7
bf9ef0a82a9d99630f6043f3f3cb6dbcbb98f818f16ffab9eef6968e16ff4113
c32d18ba0c3736d8fa8019e9ef594cd2035bb79268775b530fac7e7998f4ed54
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c5de238031343d4bbbfd89d75b58e83948448ae693652965e0ba58d244fde6d7
c61d8ab1e559f25435b1e298d7668737345030e87840b08f3602faa354a14fea
c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2
c7036b7c79a900d0b8f511b0a461f51dee459b6a58d9ac12f1003740827b94fa
c7076a6235cd12720cc675334102d16bd5e46a33910f1b3ada0425b74ed020d3
c75799ae286708d2a3811bab758459aabdf830f8cd921f2c4e93f6f662c0ec3f
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
c9191dba6c5e3835751f01cfd3051d334baba94d67cfa690276f70b77f9b8c30
c9d7070c305a9eeba9b7995168b15455a5facd3d7aac0c8bd3a891b201bbd96f
ca1095763d4859373c1a3cb7fde2cee2784ec01a43f08f6387bee3f1c1388af7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ce04d0926e3aa679682b9a0e90a44742c1efa4dc06b3105116118242db22de42
d0f6ab7e8e761975927a3449ee69bcdda201f8683309aba6dfc6b0479a4bf0ba
d0fc94874e1ca0397778453147105f3ee640c22fd76a17dbb166fcf420a208f2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d20c4c5570adc31ba98518ca8e152e736c9ee2a43ddb114193c5bf31c3027ddf
d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3
d3bf6d29392571243836f2345d61aa9e3f63f8fd24275a9c6b00398d8791774a
d3fbca2e62ceacfc96a6873cdebaa1caad96d023170969dde87f193ae9ebe319
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
d5d5874f77af2c6260187a1dea1f8c77fcac82e19f7f71f60ed4c99cd78e8721
d6cc19d3b6c530344c573a7dd7dcb625ceab4f186533d06b94cd4e2256767798
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
d74324ac5719aa202221018cd0181776040570d0d6b94112fef8e841ef3d6c13
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d86be96d618c5d5ef98be186d5ca8385056652440446aeac07c1678a72b00dfb
da3bb5f52d7c5486c6098f350daa32542a535ffcebcacbe226e54cf909451fc4
dc413ec02755f98e42351bed44e5cdcc4be3fa22cb8bece0a2f23a4aa2d159a6
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0a5df872acd477e9dc58fcae321903aacc4a9ae494ffd50a564d66b97d9f5e4
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d653cf287a3212e8c5f8d68f2af6563d062b2aaf37348d0b1c5c1798dc22a0
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e4bbb40a93b78a46993330280056e799b669bd522cd5f77d84a228dbcd223525
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e8877146f9852208b86f8bb56d44aac64b22ae576eff01cb6aeaef85f3f4ebe8
e92bf0876825d17507874f18e98c576bddc5d158b8e5f61880a0b7c12790620f
e96996a58c4db49d96bff0ef94b3f4704dca3854f1b713fe143023ed3309f001
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed069a73aa9c7e004ba2483c7daab5396bb64f26265e4d411155d40059503595
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
ed8485219812dde91489058f817bb678a6132a410b23057b6a660e45d5948d2c
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68e531718065514cf31e7eecd1e3162cf79b5507a1d4c018d57ba4bb058682b
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8ff8ea6c7f06bb7d48ee991b3d25b72825da0c66968d02eb4e2212c9762d8f6
f97bb1d8931c5312339957ee36f99467f0539ec6dd0fbb969967c456e14cc36b
fa7fcb7413f7b6cb9c0a76aadaa23a5e73ea367785cfc859a21dda19f6f226c9
fb5bc8da06689a8cf4d1f7a456dfbd7b1f848c3b908fea1a895d07f76d22690a
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
ff4ed2c5883af741384d7b034e495eb0c040d567e9a3c1d0ec5bbdf9d0bd014a

getcreditsecrets.net Open in urlscan Pro 148.251.128.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

303 Requests

96 %HTTPS

41 %IPv6

59 Domains

89 Subdomains

80 IPs

9 Countries

17232 kBTransfer

24600 kBSize

48 Cookies

4 Outgoing links

Page URL History

Redirected requests

303 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

getcreditsecrets.net Open in urlscan Pro
148.251.128.81 Public Scan

Screenshot
Live screenshot

Full Image

303
Requests

96 %
HTTPS

41 %
IPv6

59
Domains

89
Subdomains

80
IPs

9
Countries

17232 kB
Transfer

24600 kB
Size

48
Cookies

303 HTTP transactions
1 data transactions