d3jeae8gjacsek.cloudfront.net Open in urlscan Pro
2600:9000:26fa:1200:2:7f24:3300:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d3jeae8gjacsek.cloudfront.net/
Submission: On December 18 via api (December 18th 2023, 3:59:39 pm UTC) from US — Scanned from US

Summary HTTP 55 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 55 HTTP transactions. The main IP is 2600:9000:26fa:1200:2:7f24:3300:93a1, located in United States and belongs to AMAZON-02, US. The main domain is d3jeae8gjacsek.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time d3jeae8gjacsek.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2600:9000:26f... 2600:9000:26fa:1200:2:7f24:3300:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
7	23.212.248.19 23.212.248.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4004:c07::8b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
1	23.222.5.91 23.222.5.91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
10	54.230.163.23 54.230.163.23	16509 (AMAZON-02) (AMAZON-02)
16	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.135.78.2 18.135.78.2	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f0:1800:4:1957:6500:93a1	16509 (AMAZON-02) (AMAZON-02)
55	13

4 2600:9000:26fa:1200:2:7f24:3300:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3jeae8gjacsek.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.212.248.19 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-248-19.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.5.91 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-5-91.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.230.163.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-23.ewr53.r.cloudfront.net

app.leadfinery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.78.2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-78-2.eu-west-2.compute.amazonaws.com

api.adtopiaglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:1800:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-js.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	525 B
10	leadfinery.com app.leadfinery.com	4 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	150 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	196 KB
4	cloudfront.net d3jeae8gjacsek.cloudfront.net	683 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	300 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	172 KB
1	ringba.com b-js.ringba.com — Cisco Umbrella Rank: 114441	13 KB
1	adtopiaglobal.com api.adtopiaglobal.com
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2266	828 B
55	12

	Domain	Requested by
16	www.facebook.com	d3jeae8gjacsek.cloudfront.net
10	app.leadfinery.com	d3jeae8gjacsek.cloudfront.net
7	analytics.tiktok.com	d3jeae8gjacsek.cloudfront.net analytics.tiktok.com
5	connect.facebook.net	d3jeae8gjacsek.cloudfront.net connect.facebook.net
4	d3jeae8gjacsek.cloudfront.net	d3jeae8gjacsek.cloudfront.net
3	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	d3jeae8gjacsek.cloudfront.net
2	www.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	d3jeae8gjacsek.cloudfront.net www.googletagmanager.com
1	b-js.ringba.com	d3jeae8gjacsek.cloudfront.net
1	api.adtopiaglobal.com	d3jeae8gjacsek.cloudfront.net
1	analytics.pangle-ads.com	analytics.tiktok.com
55	12

This site contains links to these domains. Also see Links.

Domain
www.healthcare.gov
seguroparalatinos.org

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-26` - `2023-12-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.leadfinery.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.api.adtopiaglobal.com Amazon RSA 2048 M03	`2023-09-13` - `2024-10-12`	a year	crt.sh
*.ringba.com Amazon RSA 2048 M03	`2023-11-27` - `2024-12-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://d3jeae8gjacsek.cloudfront.net/
Frame ID: 186D7FD8B96BBEEA3B3CAEA4E38A5B65
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sindeuda.co

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

55
Requests

98 %
HTTPS

67 %
IPv6

12
Domains

12
Subdomains

13
IPs

2
Countries

1268 kB
Transfer

2577 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.healthcare.gov/
Title: healthcare.gov

Search URL Search Domain Scan URL

URL: https://seguroparalatinos.org/Privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://seguroparalatinos.org/Terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://seguroparalatinos.org/Cookies-policy
Title: Cookies Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
d3jeae8gjacsek.cloudfront.net/ 2 KB
3 KB 597ms
422ms Document
text/html 2600:9000:26fa:1200:2:7f24:3300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jeae8gjacsek.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:1200:2:7f24:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ec7a0ca961bcf998357641f6559cdb62bb1f3370a4e76607a0cbf4631adb993

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 2462
content-type: text/html
date: Mon, 18 Dec 2023 15:59:33 GMT
etag: "8656229d5e690deef95a5193a715c06b"
last-modified: Fri, 15 Dec 2023 17:43:16 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
x-amz-cf-id: hGgZmUAsXPsOvirHx6lzqNqdDpfIrbrYildYMiC79jOvUxQczdSQHA==
x-amz-cf-pop: JFK52-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/snda083-fe-prod-builder:aaa20d33-0f8f-4ac8-a285-4612c2284015
x-amz-meta-codebuild-content-md5: 0e41b98a0dc80371c73071f789afd856
x-amz-meta-codebuild-content-sha256: 04926cdbd7a99e0e581cbe9e30856ef231266b148dedceec2d07e74704229714
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 main.5688ea89.chunk.css
d3jeae8gjacsek.cloudfront.net/static/css/ 235 KB
236 KB 409ms
407ms Stylesheet
text/css 2600:9000:26fa:1200:2:7f24:3300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jeae8gjacsek.cloudfront.net/static/css/main.5688ea89.chunk.css
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:1200:2:7f24:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c54d4ea75c8bc3af89d6b090a0bae2530a143fcc4483c92bafebfca452d3782

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 15:59:34 GMT
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/snda083-fe-prod-builder:aaa20d33-0f8f-4ac8-a285-4612c2284015
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 0e41b98a0dc80371c73071f789afd856
content-length: 240672
last-modified: Fri, 15 Dec 2023 17:43:17 GMT
server: AmazonS3
etag: "a1d2a2f761687b6fc4218bba4c3b37b2"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 04926cdbd7a99e0e581cbe9e30856ef231266b148dedceec2d07e74704229714
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: 7moZCDSyS0QvUNntYXtumtx-cRnvH2R1rj4qGob4QsxpeFOnvLGdSA==

GET
H2 200 2.bbbf473d.chunk.js Show response
d3jeae8gjacsek.cloudfront.net/static/js/ 322 KB
323 KB 409ms
408ms Script
application/x-javascript 2600:9000:26fa:1200:2:7f24:3300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jeae8gjacsek.cloudfront.net/static/js/2.bbbf473d.chunk.js
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:1200:2:7f24:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e62fccf89ce24ba64caa6bf337592584a8beae7d07fc380125d700fdef865e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 15:59:34 GMT
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/snda083-fe-prod-builder:aaa20d33-0f8f-4ac8-a285-4612c2284015
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 0e41b98a0dc80371c73071f789afd856
content-length: 330006
last-modified: Fri, 15 Dec 2023 17:43:16 GMT
server: AmazonS3
etag: "f62153eae3ac154e80797af2451ce67e"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 04926cdbd7a99e0e581cbe9e30856ef231266b148dedceec2d07e74704229714
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: CRuAvssEEQMWot-i8g8VZ6al28Sf7TVNPQlasddEsLxm9MViCfn46w==

GET
H2 200 main.24e212d8.chunk.js Show response
d3jeae8gjacsek.cloudfront.net/static/js/ 120 KB
121 KB 444ms
443ms Script
application/x-javascript 2600:9000:26fa:1200:2:7f24:3300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3jeae8gjacsek.cloudfront.net/static/js/main.24e212d8.chunk.js
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:1200:2:7f24:3300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13b6c47d8b4b0f5526209cd44e24ab26b139c9f9cf54aa03c63656ed583a0cce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 15:59:34 GMT
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/snda083-fe-prod-builder:aaa20d33-0f8f-4ac8-a285-4612c2284015
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 0e41b98a0dc80371c73071f789afd856
content-length: 123058
last-modified: Fri, 15 Dec 2023 17:43:17 GMT
server: AmazonS3
etag: "20a891ef704c26323e08fbd7dec8d007"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 04926cdbd7a99e0e581cbe9e30856ef231266b148dedceec2d07e74704229714
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: mlSqTkSsNz_bdp9yDrpgXiVqTAJ2WrnYKerKh6QTm3s-FzhHf0mXtg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
81 KB 171ms
63ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WK99DXT

Requested by

Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea5c0b19a1a058597b015ab4381affb1a7692f51d8b20911df8f1d6772c0624f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 15:59:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82324
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Dec 2023 15:59:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 64ms
62ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91HGQ5JVGN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WK99DXT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f358d11bfc2b6c48b1e6800cbdd7195404d5d8bc1473842e67bc69f4f655def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 15:59:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92986
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 15:59:33 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 204ms
65ms Script
application/javascript 23.212.248.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGMOQ9RC77UBEG41AJAG&lib=ttq
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.19 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: eab027087194e761b51262be04ccb63bd24f90484a0cd8783529e1b6517d1171

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 243bee5c.4a225da
date: Mon, 18 Dec 2023 15:59:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312181559331CF948435A189A56F05B-3C835C01C67788D9-00
x-cache: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 9,23.220.104.19
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=6, inner; dur=3
content-length: 1574
pragma: no-cache
server: nginx
x-tt-logid: 202312181559331CF948435A189A56F05B
x-cache-remote: TCP_MISS from a23-220-106-141.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.106.141
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd19c320504777431158d736f3b1f26ca4b708ffaecd2379b9aa4eeac4c2281fa03e317f1552ebb1d8fff8109d6453fb02604f7d9052e6571db95a57c9ed47309e73ac1f90f0c9a524c5c4077a9e98ae64c03593ef09bae2de2b74b3c85200926118
expires: Mon, 18 Dec 2023 15:59:33 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 233ms
94ms Script
application/javascript 23.212.248.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIK4JD3C77U3LS6JS1PG&lib=ttq
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.19 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8897095500bbc219ebf2a293e0aaa2ded7b72213cb8741a136a398e02ab5259d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 810f7065.4a225d9
date: Mon, 18 Dec 2023 15:59:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121815593308F16ED32921824916BB-3C885106741E0020-00
x-cache: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 37,23.220.104.19
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=26, inner; dur=3
content-length: 1526
pragma: no-cache
server: nginx
x-tt-logid: 2023121815593308F16ED32921824916BB
x-cache-remote: TCP_MISS from a104-78-78-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 26,104.78.78.12
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd19f52255340f23bfb615a330f314ae38f6051358c798ca1ea6cbe6bfa4e05993027e39977d3fd836ad752477d7f6eebafb95729d149271c03d844619811a2087aa4ce362b5a17a06fb7e719a150c10fac22a25aaa18deb915b464638edd6097a92
expires: Mon, 18 Dec 2023 15:59:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 161ms
53ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 15:59:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 3qcj/8viqXGagyGAl+n8MWMHdbRYeOUAcT1zbx6GykUalHfl8MfIBEg/RS1qg16fEYBqxHr2gBjfwJkicOJYrA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
255 B 309ms
60ms Ping
text/plain 2607:f8b0:4004:c07::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-91HGQ5JVGN&gtm=45je3bt0v9133384110z89132857080&_p=1702915172863&gcd=11l1l1l1l1&dma=0&cid=2028985560.1702915173&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702915173&sct=1&seg=0&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2F&dt=sindeuda.co&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1075
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91HGQ5JVGN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 15:59:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d3jeae8gjacsek.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 59ms
59ms Script
application/javascript 23.212.248.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGMOQ9RC77UBEG41AJAG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.19 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 4a227fc
date: Mon, 18 Dec 2023 15:59:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073132AEE93ECA2BDC65D51AF5
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01910aa9a5a302a168d42e29b3ad6b4cb05b36d6e040f095326e8fb43d5133f730beab6b68ad14303faf077f3ef8cb25443d604b92e181cf65b0aaddce78aa9d8088cc8597fce911988b03a8bb5ddad69a85c9e9404b3778ca44d01885c4e7091b8627141ba1d54b672e14e7282f7ab407
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 108398

GET
H2 200 901443270982030 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 173ms
172ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/901443270982030?v=2.9.138&r=stable&domain=d3jeae8gjacsek.cloudfront.net

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74b836ea8e7c1e80556463e7aa2ab3950649390eecb5844d98759be28dd83df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 15:59:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 9y11LnWOqfRzghlmc2p1EiEhE9vcjubOqtjF4H8jsORUYS8PYLb4/rFNnaQAjwLpRffxOw4JzieTiTQsuI8ngw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
1 KB 172ms
63ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/static/css/main.5688ea89.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Dec 2023 15:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 14:28:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Dec 2023 15:59:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
970 B 170ms
62ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/static/css/main.5688ea89.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Dec 2023 15:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 14:10:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Dec 2023 15:59:33 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 57ms
56ms Script
application/javascript 23.212.248.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.19 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 4a22e3b
date: Mon, 18 Dec 2023 15:59:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073133E8DE3B5AF29DF8E8E4F0
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010221525dacb8768dd426bfe44bc94749a35dddc4e7de0b3a8711486ed6f38dc0fce29950570b114d433e25914f24926a9a107d86946137eb9776993eae09e1513c04726f0269dcfcbc27b59e7e14ac2849928db3a1001caa40f5949a7961e0f62f697baeafb0c5abbefbbb8c97b64bed
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=9
content-length: 36197

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
828 B 296ms
164ms Ping
text/plain 23.222.5.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.5.91 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-222-5-91.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d3jeae8gjacsek.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d42d4870
date: Mon, 18 Dec 2023 15:59:33 GMT
x-bytefaas-request-id: 202312181559334235B82F80208B6DCA97
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312181559334235B82F80208B6DCA97-0F1C3E9F7C6B01F8-00
x-cache: TCP_MISS from a23-209-100-91.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
server-timing: inner; dur=111, cdn-cache; desc=MISS, edge; dur=0, origin; dur=114
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312181559334235B82F80208B6DCA97
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 110.15
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd19ef52e17abc566be02cab4766bcd7ed7684766407109aa7031e22f22549ea1eac807bff5136829f939c5cb0b3ae805a17a3588f1f29c4836ed1a908d604437a9b78f3cf3669d65a31e2e10beab5d48e0c
x-origin-response-time: 114,23.209.100.91
access-control-allow-headers: *
expires: Mon, 18 Dec 2023 15:59:33 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
843 B 163ms
162ms Ping
text/plain 23.212.248.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.19 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d3jeae8gjacsek.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1aae9858.4a2308a
date: Mon, 18 Dec 2023 15:59:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121815593317688B20169821E5DBDB-623A058090C48788-00
x-cache: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 96,23.220.104.19
server-timing: cdn-cache; desc=MISS, edge; dur=35, origin; dur=73, inner; dur=59
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121815593317688B20169821E5DBDB
x-cache-remote: TCP_MISS from a23-220-106-149.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 73,23.220.106.149
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd19c320504777431158d736f3b1f26ca4b7d5dccf80500f2f6db8310c9c65e804e8627d899dd0ac253c2f8232f8757050559481b069f595faba236b7d1af9dede0f736ecd087f8af857f9cddcf36825ac16d339d255bff8c4d395d071a22cb5a41b
access-control-allow-headers: Authorization,*
expires: Mon, 18 Dec 2023 15:59:33 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
843 B 140ms
139ms Ping
text/plain 23.212.248.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.19 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d3jeae8gjacsek.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2156c641.4a230b3
date: Mon, 18 Dec 2023 15:59:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312181559339E4160C887566C61D1E2-630DDA1CADFC4C05-00
x-cache: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 52,23.220.104.19
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=50, inner; dur=47
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312181559339E4160C887566C61D1E2
x-cache-remote: TCP_MISS from a23-220-106-150.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 50,23.220.106.150
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd19c320504777431158d736f3b1f26ca4b70ba985fd3f90661c154018cdc4357f673a3471a2f1b6d8fa71f654a62c1fcf595dc00f85d8db5267324bad5bfcfc443f13a95e948e16ee9f173ac411972254ae176027f63f37aa4c5a507ed81b3e7610
access-control-allow-headers: Authorization,*
expires: Mon, 18 Dec 2023 15:59:33 GMT

GET
H3 200 2060170190837421 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 163ms
162ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2060170190837421?v=2.9.138&r=stable&domain=d3jeae8gjacsek.cloudfront.net

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0465c634671103fe1860c75a4e81c33edbdb39d72a61359c776c61e97d8e319f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 15:59:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Onjhs+8yed6ML3JZCXZ7Xq0yHTqJHfvrvya6NEtCJXWWoDcwNCFmNKQwrmc1Ipp2OlrFqxcY8NciC+QKW8sihg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 161ms
53ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d3jeae8gjacsek.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 08:46:27 GMT
x-content-type-options: nosniff
age: 285186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 08:46:27 GMT

POST
H2 200 get-uuid Show response
app.leadfinery.com/api/snda083/live/v1/ 116 B
581 B 133ms
133ms XHR
application/json 54.230.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/snda083/live/v1/get-uuid
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/static/js/2.bbbf473d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-23.ewr53.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ddfc5a1a0f922e8f3a13f5f6a55291e4f2708326014d4b5032553936a4a29355

Request headers

Accept: application/json
Referer: https://d3jeae8gjacsek.cloudfront.net/
accept-language: en-US,en;q=0.9
Authorization: Bearer M1cxEp4imrX92W3D0el6JsK7YwqT5GZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Dec 2023 15:59:34 GMT
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: EWR53-C3
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: nLXRM_EVLRdOzkGhsTcmUwzudwCKdnHciNcBTtxi7nkInubp3YF7jQ==

OPTIONS
H2 200 get-uuid
app.leadfinery.com/api/snda083/live/v1/ 0
0 512ms
345ms Preflight
application/json 54.230.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/snda083/live/v1/get-uuid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-23.ewr53.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://d3jeae8gjacsek.cloudfront.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Mon, 18 Dec 2023 15:59:34 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
x-amz-cf-id: lGHiaSALzuMv-kXD9OjkTdSFbw4gCVyntAwQs01KNFqeP102Vkbgfw==
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
843 B 105ms
105ms Ping
text/plain 23.212.248.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.19 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d3jeae8gjacsek.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1370e1d3.4a2382e
date: Mon, 18 Dec 2023 15:59:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231218155933997CFB085CC43573FA43-3EF8C84AADE3CE3F-00
x-cache: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 40,23.220.104.19
server-timing: cdn-cache; desc=MISS, edge; dur=14, origin; dur=37, inner; dur=34
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231218155933997CFB085CC43573FA43
x-cache-remote: TCP_MISS from a23-48-200-205.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 37,23.48.200.205
x-tt-trace-host: 01ba74338425f636b53c4524cf4f46fd19c320504777431158d736f3b1f26ca4b7f4733ec7a267b84ae8bb59cd86206e25faf694b3adcdf83728ae34e6567ecab0228091a75234ab70372d952db2d5879aeb2526ae354a5e1fd53e35024c21ee866f689ad5552e76aba7c8a6f60b32c56a
access-control-allow-headers: Authorization,*
expires: Mon, 18 Dec 2023 15:59:33 GMT

GET
H3 200 3374464979550893 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 180ms
179ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3374464979550893?v=2.9.138&r=stable&domain=d3jeae8gjacsek.cloudfront.net

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef81f4c698c068aac8d8f311240627018412efa502e612ef671d6d3f4fe5c145

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 15:59:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: HvGfK6dSBYWdOa6d+pGeozPsrcQE2GGhB2V8tp5ztR7kDdrysDrXO9azrdtFqWVJasyh4yR101dyFAkjxGBuLQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1370605930515370 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 147ms
147ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1370605930515370?v=2.9.138&r=stable&domain=d3jeae8gjacsek.cloudfront.net

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06f7dc3263691ce0630b9458ad32fd49d11b220944eae002d403c0ad1e23002d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 15:59:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: lDeg4TMr/WgxhmhitUZnEJ4tRIFdHuDwdLvCt0veFouu45WH1GxaRKdkDI8U/Vzy3lSxsIJuqnGrL6aTNtZKbg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 164ms
55ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2F&rl=&if=false&ts=1702915174279&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Requested by

Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 164ms
54ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2F&rl=&if=false&ts=1702915174282&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&cs_est=true&it=1702915173480&coo=false&rqm=GET

Requested by

Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 164ms
55ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2F&rl=&if=false&ts=1702915174283&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Requested by

Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 163ms
54ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2F&rl=&if=false&ts=1702915174284&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Requested by

Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 400 loader
api.adtopiaglobal.com/ 0
0 436ms
131ms Preflight
text/plain 18.135.78.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adtopiaglobal.com/loader
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.78.2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-78-2.eu-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://d3jeae8gjacsek.cloudfront.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 600
content-length: 22
content-type: text/plain; charset=utf-8
date: Mon, 18 Dec 2023 15:59:34 GMT
server: nginx/1.18.0
vary: Origin

POST loader
api.adtopiaglobal.com/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 56ms
54ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915174857&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 55ms
54ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915174859&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&cs_est=true&it=1702915173480&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 55ms
54ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915174860&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 56ms
55ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915174862&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 CA6a4510c2df6f4f1fbeee19c7a0623a2b Show response
b-js.ringba.com/ 13 KB
13 KB 327ms
84ms Script
text/html 2600:9000:24f0:1800:4:1957:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-js.ringba.com/CA6a4510c2df6f4f1fbeee19c7a0623a2b
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/static/js/2.bbbf473d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:1800:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 62fc0f3eca51431144d7f6dbf0ea3bdc5a883d3cf817f5f26139d0d965e6681b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-runtime: 2.0000
date: Mon, 18 Dec 2023 15:59:34 GMT
via: 1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: JFK50-P3
x-powered-by: ASP.NET
access-control-max-age: 300
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public
content-length: 13212
x-amz-cf-id: lB4CNLesfeCQzP3rN3C7vOwcCXRUTC1A8JEiZ1TXVFDSQQbb4yaMaQ==
expires: Mon, 18 Dec 2023 16:04:35 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b61233c8ba0d92fa4edd2eabe3d6b84aa305f249440e998ba688b5cde8c114e4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 55ms
52ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d3jeae8gjacsek.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 01:12:01 GMT
x-content-type-options: nosniff
age: 312453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 01:12:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 70ms
68ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d3jeae8gjacsek.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 07:12:49 GMT
x-content-type-options: nosniff
age: 290805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 07:12:49 GMT

POST
H2 200 user-agent Show response
app.leadfinery.com/api/snda083/live/v1/ 1 KB
2 KB 364ms
362ms XHR
application/json 54.230.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/snda083/live/v1/user-agent
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/static/js/2.bbbf473d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-23.ewr53.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ee0c7e07287d57a5741e93f609ca19e0911aaffcb3aca92242b0901b250e782c

Request headers

Accept: application/json
Referer: https://d3jeae8gjacsek.cloudfront.net/
accept-language: en-US,en;q=0.9
Authorization: Bearer M1cxEp4imrX92W3D0el6JsK7YwqT5GZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Dec 2023 15:59:35 GMT
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: EWR53-C3
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: Nt264vaLFivCnovsTLemeqNqlfGk1Jc9fhrj43AJT5qNc6eu1yfCQw==

POST
H2 200 ringba-online Show response
app.leadfinery.com/api/snda083/live/v1/ 66 B
531 B 365ms
364ms XHR
application/json 54.230.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/snda083/live/v1/ringba-online
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/static/js/2.bbbf473d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-23.ewr53.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2c7e4e010bfcfb57d626827abd74efb741ac39828778fce53ece4df33bb018c2

Request headers

Accept: application/json
Referer: https://d3jeae8gjacsek.cloudfront.net/
accept-language: en-US,en;q=0.9
Authorization: Bearer M1cxEp4imrX92W3D0el6JsK7YwqT5GZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Dec 2023 15:59:35 GMT
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: EWR53-C3
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: 4GSw3MumYcp6jZRt6pOAoArZn8J7ZKNVzAHUd25BoQR-eFSu0jgVgQ==

OPTIONS
H2 200 user-agent
app.leadfinery.com/api/snda083/live/v1/ 0
0 346ms
346ms Preflight
application/json 54.230.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/snda083/live/v1/user-agent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-23.ewr53.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://d3jeae8gjacsek.cloudfront.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Mon, 18 Dec 2023 15:59:35 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
x-amz-cf-id: 9Ox5r3oQAitjHf1-NxwnxkRTlsalugVA4y-n5iuqFVoFT3UZ6k_M4w==
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront

OPTIONS
H2 200 ringba-online
app.leadfinery.com/api/snda083/live/v1/ 0
0 346ms
346ms Preflight
application/json 54.230.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/snda083/live/v1/ringba-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-23.ewr53.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://d3jeae8gjacsek.cloudfront.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Mon, 18 Dec 2023 15:59:35 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
x-amz-cf-id: XW24NYwtk--WabN1C86T7ZfHYsDjjH4CzhVo1W-Y33x-_BExnSqpYQ==
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront

OPTIONS
H2 200 data-ingestion-pipeline
app.leadfinery.com/api/snda083/live/v1/ 0
0 342ms
342ms Preflight
application/json 54.230.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/snda083/live/v1/data-ingestion-pipeline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-23.ewr53.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://d3jeae8gjacsek.cloudfront.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Mon, 18 Dec 2023 15:59:35 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
x-amz-cf-id: MkM1crjqWRnJdzSSngeHYj2h9xDkXOWqS9UPPt-6wzG4q6b4ThqejA==
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront

POST
H2 200 data-ingestion-pipeline Show response
app.leadfinery.com/api/snda083/live/v1/ 20 B
484 B 462ms
462ms XHR
application/json 54.230.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/snda083/live/v1/data-ingestion-pipeline
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/static/js/2.bbbf473d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-23.ewr53.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Accept: application/json
Referer: https://d3jeae8gjacsek.cloudfront.net/
accept-language: en-US,en;q=0.9
Authorization: Bearer M1cxEp4imrX92W3D0el6JsK7YwqT5GZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Dec 2023 15:59:36 GMT
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: EWR53-C3
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: ooaJ_VB1p67j6QCDpw8a4_f7ItHoVOngIxMhU0AlL10Ixqz6Qp0Nhg==

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 54ms
53ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830%26uuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915175598&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 58ms
56ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830%26uuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915175599&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&cs_est=true&it=1702915173480&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 59ms
57ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830%26uuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915175600&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 60ms
58ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830%26uuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915175600&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 61ms
59ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915175604&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 61ms
60ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915175605&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&cs_est=true&it=1702915173480&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 62ms
60ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915175605&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 62ms
61ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2FSDA_V1%3Fuuid%3DSNDA083-7000aa70-9dbe-11ee-a6ef-b1d603d55830&rl=&if=false&ts=1702915175606&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.2.1702915174277.1485669708&ler=empty&it=1702915173480&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d3jeae8gjacsek.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 15:59:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 save-journey-status Show response
app.leadfinery.com/api/snda083/live/v1/ 0
536 B 382ms
382ms XHR
text/html 54.230.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/snda083/live/v1/save-journey-status
Requested by: Host: d3jeae8gjacsek.cloudfront.net
URL: https://d3jeae8gjacsek.cloudfront.net/static/js/2.bbbf473d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-23.ewr53.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://d3jeae8gjacsek.cloudfront.net/
accept-language: en-US,en;q=0.9
Authorization: Bearer M1cxEp4imrX92W3D0el6JsK7YwqT5GZU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Dec 2023 15:59:36 GMT
content-encoding: gzip
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: EWR53-C3
vary: Authorization,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: LFJS4EBF1vRz4gX2DnSR0_V-xSz9bLsQt1Xk4zxIx5SiUOtKH-mvnA==

OPTIONS
H2 200 save-journey-status
app.leadfinery.com/api/snda083/live/v1/ 0
0 343ms
342ms Preflight
application/json 54.230.163.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadfinery.com/api/snda083/live/v1/save-journey-status
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-23.ewr53.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://d3jeae8gjacsek.cloudfront.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Mon, 18 Dec 2023 15:59:35 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
x-amz-cf-id: -t7-iChVXKqU4xB7TpUzyAPWlhScsUG2CoLj1MaYFKtBtygt5BSUZA==
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b734021a55a815f65cfe992974a5d88dce75f628be7878713ba126a95a2e20ff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 731b803d06dc23ada35c4e4fe12626b3af1ed2e352d484734ccda7a7d86c04f3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 61ms
61ms Ping
text/plain 2607:f8b0:4004:c07::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-91HGQ5JVGN&gtm=45je3bt0v9133384110&_p=1702915172863&gcd=11l1l1l1l1&dma=0&cid=2028985560.1702915173&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1702915173&sct=1&seg=0&dl=https%3A%2F%2Fd3jeae8gjacsek.cloudfront.net%2F&dt=sindeuda.co&_s=2&tfd=6090
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91HGQ5JVGN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d3jeae8gjacsek.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 15:59:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d3jeae8gjacsek.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.adtopiaglobal.com
URL: https://api.adtopiaglobal.com/loader

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.d3jeae8gjacsek.cloudfront.net/	1970-01-20 19:11:31	Name: _gcl_au Value: 1.1.1561082072.1702915173
.d3jeae8gjacsek.cloudfront.net/	1970-01-21 02:37:55	Name: _ga Value: GA1.1.2028985560.1702915173
.tiktok.com/	1970-01-21 02:23:31	Name: _ttp Value: 2ZiqJDsoERpn7gm3tdcdOLmLBXh
.d3jeae8gjacsek.cloudfront.net/	1970-01-21 02:23:31	Name: _tt_enable_cookie Value: 1
.d3jeae8gjacsek.cloudfront.net/	1970-01-21 02:23:31	Name: _ttp Value: bDFxh3SGuzaPvDKTmYki83mNnxN
.d3jeae8gjacsek.cloudfront.net/	1970-01-20 19:11:31	Name: _fbp Value: fb.2.1702915174277.1485669708
.d3jeae8gjacsek.cloudfront.net/	1970-01-21 02:37:55	Name: _ga_91HGQ5JVGN Value: GS1.1.1702915173.1.1.1702915176.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://d3jeae8gjacsek.cloudfront.net/ Message: Access to XMLHttpRequest at 'https://api.adtopiaglobal.com/loader' from origin 'https://d3jeae8gjacsek.cloudfront.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.adtopiaglobal.com/loader Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.pangle-ads.com
analytics.tiktok.com
api.adtopiaglobal.com
app.leadfinery.com
b-js.ringba.com
connect.facebook.net
d3jeae8gjacsek.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
api.adtopiaglobal.com
18.135.78.2
23.212.248.19
23.222.5.91
2600:9000:24f0:1800:4:1957:6500:93a1
2600:9000:26fa:1200:2:7f24:3300:93a1
2607:f8b0:4004:c07::8b
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::61
2607:f8b0:4004:c1d::5e
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
54.230.163.23
0465c634671103fe1860c75a4e81c33edbdb39d72a61359c776c61e97d8e319f
06f7dc3263691ce0630b9458ad32fd49d11b220944eae002d403c0ad1e23002d
13b6c47d8b4b0f5526209cd44e24ab26b139c9f9cf54aa03c63656ed583a0cce
1e62fccf89ce24ba64caa6bf337592584a8beae7d07fc380125d700fdef865e2
2c7e4e010bfcfb57d626827abd74efb741ac39828778fce53ece4df33bb018c2
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ec7a0ca961bcf998357641f6559cdb62bb1f3370a4e76607a0cbf4631adb993
5f358d11bfc2b6c48b1e6800cbdd7195404d5d8bc1473842e67bc69f4f655def
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
62fc0f3eca51431144d7f6dbf0ea3bdc5a883d3cf817f5f26139d0d965e6681b
731b803d06dc23ada35c4e4fe12626b3af1ed2e352d484734ccda7a7d86c04f3
74b836ea8e7c1e80556463e7aa2ab3950649390eecb5844d98759be28dd83df1
8897095500bbc219ebf2a293e0aaa2ded7b72213cb8741a136a398e02ab5259d
9c54d4ea75c8bc3af89d6b090a0bae2530a143fcc4483c92bafebfca452d3782
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b61233c8ba0d92fa4edd2eabe3d6b84aa305f249440e998ba688b5cde8c114e4
b734021a55a815f65cfe992974a5d88dce75f628be7878713ba126a95a2e20ff
ddfc5a1a0f922e8f3a13f5f6a55291e4f2708326014d4b5032553936a4a29355
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5c0b19a1a058597b015ab4381affb1a7692f51d8b20911df8f1d6772c0624f
eab027087194e761b51262be04ccb63bd24f90484a0cd8783529e1b6517d1171
ee0c7e07287d57a5741e93f609ca19e0911aaffcb3aca92242b0901b250e782c
ef81f4c698c068aac8d8f311240627018412efa502e612ef671d6d3f4fe5c145
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

d3jeae8gjacsek.cloudfront.net Open in urlscan Pro 2600:9000:26fa:1200:2:7f24:3300:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

67 %IPv6

12 Domains

12 Subdomains

13 IPs

2 Countries

1268 kBTransfer

2577 kBSize

7 Cookies

4 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

d3jeae8gjacsek.cloudfront.net Open in urlscan Pro
2600:9000:26fa:1200:2:7f24:3300:93a1 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

67 %
IPv6

12
Domains

12
Subdomains

13
IPs

2
Countries

1268 kB
Transfer

2577 kB
Size

7
Cookies

55 HTTP transactions
3 data transactions