ft-c143d6b1a3.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ft-c143d6b1a3.pages.dev/
Submission: On November 10 via api (November 10th 2024, 2:30:48 am UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 19 domains to perform 60 HTTP transactions. The main IP is 2606:4700:310c::ac42:2f79, located in United States and belongs to CLOUDFLARENET, US. The main domain is ft-c143d6b1a3.pages.dev.
TLS certificate: Issued by WE1 on November 8th 2024. Valid for: 3 months.

This is the only time ft-c143d6b1a3.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:310... 2606:4700:310c::ac42:2f79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700::68... 2606:4700::6811:470a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9613	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:395::1fcf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.173.156.247 18.173.156.247	16509 (AMAZON-02) (AMAZON-02)
12	23.213.161.209 23.213.161.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	104.18.37.185 104.18.37.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
60	20

4 2606:4700:310c::ac42:2f79 (United States)

ASN13335 (CLOUDFLARENET, US)

ft-c143d6b1a3.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:470a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.smehost.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9613 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.sonymusicfans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:395::1fcf (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

js-cdn.music.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.156.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-156-247.muc50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.213.161.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-209.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.37.185 (None, )

ASN13335 (CLOUDFLARENET, US)

tools.sonymusiccreative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	239 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	636 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
6	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 893 tr6.snapchat.com — Cisco Umbrella Rank: 1360	1 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 455 p.typekit.net — Cisco Umbrella Rank: 561	70 KB
4	pages.dev ft-c143d6b1a3.pages.dev	674 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	80 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	651 B
1	sonymusiccreative.com tools.sonymusiccreative.com — Cisco Umbrella Rank: 201202	1 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 962	393 B
1	t.co t.co — Cisco Umbrella Rank: 859	624 B
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1089	24 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	16 KB
1	apple.com js-cdn.music.apple.com — Cisco Umbrella Rank: 18432	54 KB
1	sonymusicfans.com forms.sonymusicfans.com — Cisco Umbrella Rank: 325126	3 KB
1	smehost.net 1 redirects cdn.smehost.net — Cisco Umbrella Rank: 428335	357 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412	31 KB
60	19

	Domain	Requested by
12	analytics.tiktok.com	ft-c143d6b1a3.pages.dev analytics.tiktok.com
7	www.googletagmanager.com	ft-c143d6b1a3.pages.dev www.googletagmanager.com
6	www.facebook.com	ft-c143d6b1a3.pages.dev
6	region1.google-analytics.com	www.googletagmanager.com
5	tr.snapchat.com	sc-static.net ft-c143d6b1a3.pages.dev
4	ft-c143d6b1a3.pages.dev	ft-c143d6b1a3.pages.dev
3	connect.facebook.net	ft-c143d6b1a3.pages.dev connect.facebook.net
3	use.typekit.net	ft-c143d6b1a3.pages.dev use.typekit.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	tr6.snapchat.com	sc-static.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	tools.sonymusiccreative.com	www.googletagmanager.com
1	analytics.twitter.com	ft-c143d6b1a3.pages.dev
1	t.co	ft-c143d6b1a3.pages.dev
1	www.google.com	www.googletagmanager.com
1	sc-static.net	ft-c143d6b1a3.pages.dev
1	static.ads-twitter.com	ft-c143d6b1a3.pages.dev
1	p.typekit.net	use.typekit.net
1	js-cdn.music.apple.com	ft-c143d6b1a3.pages.dev
1	forms.sonymusicfans.com	ft-c143d6b1a3.pages.dev
1	cdn.smehost.net	1 redirects
1	ajax.googleapis.com	ft-c143d6b1a3.pages.dev
60	22

This site contains links to these domains. Also see Links.

Domain
treasure.lnk.to
shoptreasureus.com
www.youtube.com
www.instagram.com
twitter.com
www.facebook.com
www.tiktok.com
sonymusic.com
www.sonymusic.com

Subject Issuer	Validity	Valid
ft-c143d6b1a3.pages.dev WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
authorize.music.apple.com Apple Public EV Server RSA CA 2 - G1	`2024-10-28` - `2025-01-22`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-19` - `2024-11-17`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-30` - `2025-09-29`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
sonymusiccreative.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://ft-c143d6b1a3.pages.dev/
Frame ID: 3D07CFCB87B61B3124C6D4B8B84AD367
Requests: 59 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fft-c143d6b1a3.pages.dev
Frame ID: EF90F4BC002F09D60450DD96CE6C0984
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=af0f7b9c-4a8f-49a3-a1b8-4c9fab88e3fc&u_scsid=527d05ce-6356-4115-934c-96061c41364c&u_sclid=6d7d5565-4546-4932-a4c2-226fe930d7a5
Frame ID: 1860127504E67628CA324CDF07918519
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Treasure | King Kong

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

98 %
HTTPS

65 %
IPv6

19
Domains

22
Subdomains

20
IPs

4
Countries

1865 kB
Transfer

4726 kB
Size

19
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://treasure.lnk.to/kingkong
Title: Listen Now

Search URL Search Domain Scan URL

URL: https://treasure.lnk.to/kingkongUSA/amazonmusic
Title: 

Search URL Search Domain Scan URL

URL: https://treasure.lnk.to/kingkongUSA/applemusic
Title: 

Search URL Search Domain Scan URL

URL: https://treasure.lnk.to/kingkongUSA/deezer
Title: 

Search URL Search Domain Scan URL

URL: https://treasure.lnk.to/kingkongUSA/itunes
Title: 

Search URL Search Domain Scan URL

URL: https://treasure.lnk.to/kingkongUSA/pandora
Title: 

Search URL Search Domain Scan URL

URL: https://treasure.lnk.to/kingkongUSA/spotify
Title: 

Search URL Search Domain Scan URL

URL: https://treasure.lnk.to/kingkongUSA/youtube
Title: 

Search URL Search Domain Scan URL

URL: https://treasure.lnk.to/kingkongUSA/youtubemusic
Title: 

Search URL Search Domain Scan URL

URL: http://shoptreasureus.com/
Title: Shop Now

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCx9hXYOCvUYwrprEqe4ZQHA
Title: 

Search URL Search Domain Scan URL

URL: https://www.instagram.com/yg_treasure_official
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/ygtreasuremaker
Title: 

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OfficialTreasure/
Title: 

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@yg_treasure_tiktok
Title: 

Search URL Search Domain Scan URL

URL: https://sonymusic.com/
Title: document.write((new Date()).getFullYear());2024 Sony Music Entertainment

Search URL Search Domain Scan URL

URL: https://www.sonymusic.com/feedback/index.html
Title: Send Us Feedback

Search URL Search Domain Scan URL

URL: https://www.sonymusic.com/privacypolicy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sonymusic.com/how-we-use-your-data/
Title: How We Use Your Data

Search URL Search Domain Scan URL

URL: https://www.sonymusic.com/ccpa-contact-form/
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.sonymusic.com/privacy-policy/#your-california-privacy-rights
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.sonymusic.com/privacy/termsandconditions.html
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://cdn.smehost.net/formssonymusicfanscom-appirioprod/apple-music/v1/amk.js HTTP 301
https://forms.sonymusicfans.com/apple-music/amk.js

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
ft-c143d6b1a3.pages.dev/ 47 KB
22 KB 537ms
68ms Document
text/html 2606:4700:310c::ac42:2f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ft-c143d6b1a3.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99a669a491932ec037e944c42de9c2f987fe11d2638b52cf4cccb8412bdc985b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8e029f164cc1d345-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 10 Nov 2024 02:30:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9APbrdPredUK0cubOPJLC9Ln2Jlh7v%2BzMklqinW9N2ZI4wn6uNje3OM8vTckKchP79nNP0S9rnTe%2FtQ90Dd4znEXLsyNKygKmMNuUd%2FR8kgS2uPvWGiwg6R7athHHoU4MgeFWIVxnDcV5t2BdLyTZiR5B5wTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=47124&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4203&recv_bytes=4437&delivery_rate=24401&cwnd=12000&unsent_bytes=0&cid=26754a50681ca749&ts=469&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 212ms
17ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: gzip
age: 95291
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 00:02:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 00:02:24 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H2 200 lre3nwl.css
use.typekit.net/ 2 KB
861 B 407ms
172ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lre3nwl.css

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

cc964171ebd060e4d1613cf15a618d26af1b4d43cde10777821f9ab295ee3b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 638
date: Sun, 10 Nov 2024 02:30:35 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
94 KB 773ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-716855806

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

081e297c63f0a44e0d8e6be08fb80907682295b0fa4ccaef5b168d564977c976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 10 Nov 2024 02:30:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 10 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96016
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

amk.js Show response
forms.sonymusicfans.com/apple-music/
Redirect Chain

https://cdn.smehost.net/formssonymusicfanscom-appirioprod/apple-music/v1/amk.js
https://forms.sonymusicfans.com/apple-music/amk.js

15 KB
3 KB

144ms
46ms

Script
application/javascript

2606:4700:4400::ac40:9613
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.sonymusicfans.com/apple-music/amk.js
Requested by: Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/
Protocol: H2
Server: 2606:4700:4400::ac40:9613 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5366ccca3b402fce7cfcb039db98f3f21c95315be731a5e8315c6aeda4b47d2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

x-platform: DM
cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"6728c2d5-3aa5"
pragma: public
age: 389317
cf-ray: 8e029f19bec8363e-FRA
expires: Mon, 10 Nov 2025 02:30:35 GMT
date: Sun, 10 Nov 2024 02:30:35 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 12:49:25 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=3600
location: https://forms.sonymusicfans.com/apple-music/amk.js
cf-ray: 8e029f189d8303f8-FRA
expires: Sun, 10 Nov 2024 03:30:35 GMT
content-length: 167
date: Sun, 10 Nov 2024 02:30:35 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 musickit.js Show response
js-cdn.music.apple.com/musickit/v1/ 230 KB
54 KB 250ms
16ms Script
application/javascript 2a02:26f0:480:395::1fcf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://js-cdn.music.apple.com/musickit/v1/musickit.js

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:395::1fcf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

0ccb2ab37cedaef2eab9c7044c99afdb8c73a122a29ad8b7344af644a15bd14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: gzip
etag: "728844cd8b5cdcdac8133296871f4b55"
apple-originating-system: UnknownOriginatingSystem
x-apple-request-uuid: d5c18bf3-396a-df41-e447-6e368fab75a6
x-daiquiri-instance: daiquiri:15887001:mr85p00it-hyhk03154901:7987:23RELEASE158:daiquiri-amp-all-shared-int-001-mr, daiquiri:18493001:mr85p00it-hyhk03154801:7987:23RELEASE158:daiquiri-amp-all-shared-ext-001-mr, daiquiri:12814002:mr85p00it-hyhk04104001:7987:23RELEASE158:daiquiri-amp-store-shared-ext-005-mr
apple-tk: false
date: Sun, 10 Nov 2024 02:30:35 GMT
content-type: application/javascript
last-modified: Thu, 5 Oct 2023 20:03:03 GMT
x-responding-instance: silverbullet-external:3002:mr28p00it-ztdg08092301:8301:22REL2
vary: Accept-Encoding
apple-seq: 0.0
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-transform, max-age=696
x-apple-version-number: 2340.4.0
access-control-allow-origin: *
content-length: 54285
x-apple-jingle-correlation-key: 2XAYX4ZZNLPUDZCHNY3I7K3VUY
server: daiquiri/3.0.0

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 93ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=lre3nwl&ht=tk&f=28977.28986&a=18419388&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lre3nwl.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "6649f74c-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Sun, 10 Nov 2024 02:30:35 GMT
content-type: text/css
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 787ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15926
date: Sun, 10 Nov 2024 02:30:36 GMT
x-tw-cdn: FT
last-modified: Tue, 29 Oct 2024 00:10:26 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000084-IAD, cache-fra-etou8220060-FRA
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 776ms
3ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-UtJF4TkE' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-UtJF4TkE' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=48, rtx=0, c=23, mss=1232, tbw=4710, tp=14, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: bxMaH63VYwHMy6gx/pEcPEQEk49nJBWJCRxdI/4/+vu/+Y1ix9QVTmdSBerJhAZ/FlI3ybw1+wZEKWHck+C1ew==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62105
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
24 KB 809ms
35ms Script
application/javascript 18.173.156.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.156.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-156-247.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 28c75e7153fbc73e34d837ff3122f258ff9369d14efcb5a4fadec6632ed14c1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23688
x-amz-cf-id: Gy-LFh2V2TbTOVQlCnGXNgaDUrEA-gOQ9nzuQLSQ9bePmaxGjIdKsQ==
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: MUC50-P3
server: CloudFront
access-control-allow-headers: Content-Type

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 985ms
212ms Script
application/javascript 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTTOBP8RQH54JI5RKAQ0&lib=ttq
Requested by: Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3ffe7c13a369280401c682882973cfb52853dc0395716aeea257275661bf119d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-218-220-146.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
expires: Sun, 10 Nov 2024 02:30:36 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=164, origin; dur=10, inner; dur=3
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 26074262.e9ce0209
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec975895dc58e30b075e5132a4d620ce57ad68d99bd3f615228cec7d0958cfaf37a510e1c80829b9d4e177567fed84ca6ab9ab318362971e44d1e10a4af605853fec0b4188496c94c2067f9e284b194b17f841911e1ca534b81592fe87eb019b4
x-origin-response-time: 10,23.218.220.146
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241110023036E03CBFF706A56FBCE1DA-5D2B141055973ED0-00
content-length: 1831
x-parent-response-time: 150,23.213.160.210
x-tt-logid: 20241110023036E03CBFF706A56FBCE1DA
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 894ms
121ms Script
application/javascript 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIFJUB3C77UDF7B2L630&lib=ttq
Requested by: Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a57c7fc3409253aa01c64748328d4f8400a8482096e4d2c02388688fb4544bd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-100-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
expires: Sun, 10 Nov 2024 02:30:36 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=7, inner; dur=4
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 75c761c.e9ce0208
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec975895dc58e30b075e5132a4d620ce50e1adf6d365ca6e72b9811505e711ad692d8a0fb4983561113f3016b44bc0fd3a09edd5ea8b591b56a4f3d9f4cb722d67b52d19955cbd8e0b62579f605fd7415aef37a93de6ae71b94f4969d7e98cc21
x-origin-response-time: 7,23.48.100.103
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2411100230369E16F8D159C68DC6D51A-4BAFF63967EC6C65-00
content-length: 2305
x-parent-response-time: 95,23.213.160.210
x-tt-logid: 202411100230369E16F8D159C68DC6D51A
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 457 KB
135 KB 696ms
48ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WP7WV3

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0022009ef0c61b9ac1bdc54c38b803abb7794883e2751e1df9f4171870f362f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 10 Nov 2024 02:30:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 10 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 137868
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 bg-kingkong.jpg
ft-c143d6b1a3.pages.dev/images/ 529 KB
530 KB 31ms
30ms Image
image/jpeg 2606:4700:310c::ac42:2f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ft-c143d6b1a3.pages.dev/images/bg-kingkong.jpg

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc8a0c7c0c051029f5877da931590f869d6767ffb6abf758c4498b42c222b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bf66bf0182996354bca7e3d291b81fd3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RgyGhCh2h8HjZ7T%2FDo020YqAX62%2Fvy33F6OSHJBkBoiiucEoS0Bdhbkz98kTC%2Fw7b5A11%2FKYEf0Q9rvkv6IH%2Ba6bitfs%2BZ%2FlDWZx8EvGHFoUgIvlnSSnV%2Fm72cT4JpjiABAQIvyWsH9%2BqEq2ngV5ov0xQwcw7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e029f1a5a3ed345-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 541764
server-timing: cfL4;desc="?proto=QUIC&rtt=24306&sent=54&recv=23&lost=0&retrans=0&sent_bytes=51095&recv_bytes=5617&delivery_rate=160883&cwnd=24000&unsent_bytes=0&cid=26754a50681ca749&ts=1080&x=1", cfHdrFlush;dur=5
date: Sun, 10 Nov 2024 02:30:35 GMT
content-type: image/jpeg
vary: Accept-Encoding
server: cloudflare

GET
H3 200 kingkong.png
ft-c143d6b1a3.pages.dev/images/ 119 KB
120 KB 26ms
25ms Image
image/png 2606:4700:310c::ac42:2f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ft-c143d6b1a3.pages.dev/images/kingkong.png

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cb34979f78678164bd7f8ed792e65efc6b4c2bc2af869c51fcbbff4085d577f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "13e60531ddf0dd6e77f3401c428c1e1e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=flLWnkaQLbgxBSXf8EPJsKy7eO68VnKjzR6I7fFZTgDyGAiTogI4R3C1fX7%2F5KnY09xIGPhBWm0K0rV1omSmBEE3sXrYsdmNcf%2BdGOGvPP6oi6kS3krY6ccihhiX0IP6k50eNFa5ZFNHLiwZWFMAumG6znqu%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e029f1a5a41d345-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 122332
server-timing: cfL4;desc="?proto=QUIC&rtt=24306&sent=34&recv=23&lost=0&retrans=0&sent_bytes=27095&recv_bytes=5617&delivery_rate=160883&cwnd=24000&unsent_bytes=0&cid=26754a50681ca749&ts=1076&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 02:30:35 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 l
use.typekit.net/af/1d76ab/00000000000000007735b21c/30/ 35 KB
35 KB 47ms
10ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1d76ab/00000000000000007735b21c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lre3nwl.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 74123d8bf8a3e13c67184335611f29e82f02c9ac28c40a42bfdce167f150ddaa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ft-c143d6b1a3.pages.dev
Referer: https://use.typekit.net/lre3nwl.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "63b18ed02c9ebef3e893ecb30b67ef62e946fd18"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 35400
date: Sun, 10 Nov 2024 02:30:35 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/275a7d/00000000000000007735b220/30/ 34 KB
35 KB 46ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/275a7d/00000000000000007735b220/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lre3nwl.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 09d968ff3f45ce360f83d4ae9fb0ef0a66f32de13ce366e31882b7b597e987fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ft-c143d6b1a3.pages.dev
Referer: https://use.typekit.net/lre3nwl.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "372dad2e36e1bd29b9f9afa8e69c6fe52c8fd4b1"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 35292
date: Sun, 10 Nov 2024 02:30:35 GMT
content-type: application/font-woff2
server: nginx

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53116b99badd50a8e90cd73914c68dfc3e7780819211349f96278b417af5442b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ft-c143d6b1a3.pages.dev
Referer

Response headers

Content-Type: application/octet-stream

POST
H3 200 collect
www.google.com/ccm/ 0
0 300ms
72ms Ping
text/plain 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1557076494.1731205837&auid=1788929921.1731205837&npa=1&gtm=45be4b70v871955284za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&tft=1731205836625&tfd=1856&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-716855806
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame EF90 0
0 158ms
25ms Document
text/html 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fft-c143d6b1a3.pages.dev

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-716855806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Nov 2024 02:30:36 GMT
expires: Mon, 10 Nov 2025 02:30:36 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsct
t.co/i/ 43 B
624 B 424ms
135ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=2&event_id=f1ed860c-541d-42da-b465-895756293505&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ebb36e73-a24e-4d33-898c-9a79d59bd749&tw_document_href=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4lx1&type=javascript&version=2.3.31

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 6b5f73daa3c1d60e
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 1c605cab7f1a623bb692df29dbea561f560abfc8c0a845dd04ce2bd3ac202ff0
cf-cache-status: DYNAMIC
cf-ray: 8e029f2189b3d26e-FRA
x-response-time: 101
content-length: 43
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_o

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 426ms
138ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=2&event_id=f1ed860c-541d-42da-b465-895756293505&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ebb36e73-a24e-4d33-898c-9a79d59bd749&tw_document_href=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4lx1&type=javascript&version=2.3.31

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 682272e85d399fcd
cache-control: no-cache, no-store, max-age=0
x-connection-hash: f02fe7d194114e3face2a9cfa951da11dc4f445367fbce0c22ee59be23e98f73
x-response-time: 102
content-length: 43
date: Sun, 10 Nov 2024 02:30:36 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_o

GET
H3 200 977700965768537 Show response
connect.facebook.net/signals/config/ 79 KB
15 KB 171ms
171ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/977700965768537?v=2.9.176&r=stable&domain=ft-c143d6b1a3.pages.dev&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e89e6b7497d9c15a87f0b1bb66da095e206b48506e6e5ddcc852113057b4fc00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-TTJXMauf' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-TTJXMauf' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=71, mss=1232, tbw=70566, tp=70, tpl=0, uplat=147, ullat=0
pragma: public
x-fb-debug: C75KHWNLcRnOpK9p2j7ARF6qRbOiVy4KsIvTWq7PVsYu5hTxaC5WTG8R1KMx9p1P82Ioy7nXfaz12aLSRaq7wg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
103 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8S2FYQC6T3&l=dataLayer&cx=c&gtm=45He4b70v71371796za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP7WV3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3450084c6acc6cf032d7711488e9d68d65b33612dbc9cf8c430b2912e9d35030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 10 Nov 2024 02:30:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105646
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
102 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X82QM69WT4&l=dataLayer&cx=c&gtm=45He4b70v71371796za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP7WV3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64a7464c8b8a11a60f0c5b55d16f5120e3f918b231b7bae206000fd731db81db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 10 Nov 2024 02:30:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104769
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
107 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5STHHB3P6V&l=dataLayer&cx=c&gtm=45He4b70v71371796za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP7WV3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0539e7ed83b340c98a58d3d080d27a1b9d7cd7f6da1bdfad52ed4b5b55f1eaf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 10 Nov 2024 02:30:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109311
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 227ms
13ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP7WV3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: gzip
age: 3862
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 10 Nov 2024 03:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 01:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 273 KB
94 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-716855806&l=dataLayer&cx=c&gtm=45He4b70v71371796za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP7WV3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6349c0b7d7e93a707be9acba0e0bf2aa02ea3b7a5c4d9c4784da4c247a7c971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sun, 10 Nov 2024 02:30:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 10 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96131
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 af0f7b9c-4a8f-49a3-a1b8-4c9fab88e3fc.json Show response
tr.snapchat.com/config/dev/ 101 B
390 B 345ms
145ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/dev/af0f7b9c-4a8f-49a3-a1b8-4c9fab88e3fc.json?v=3.33.3-2411062015

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f0e8f04bdec051cacda6984d4c2ff1b8afdac3ac3c6e2c08d3c92bbda69d3aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 93
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://ft-c143d6b1a3.pages.dev
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 1860 0
0 150ms
19ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=af0f7b9c-4a8f-49a3-a1b8-4c9fab88e3fc&u_scsid=527d05ce-6356-4115-934c-96061c41364c&u_sclid=6d7d5565-4546-4932-a4c2-226fe930d7a5

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://ft-c143d6b1a3.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 10 Nov 2024 02:30:37 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 sme-privacy.min.js Show response
tools.sonymusiccreative.com/sme_privacy/ 3 KB
1 KB 647ms
20ms Script
application/javascript 104.18.37.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.sonymusiccreative.com/sme_privacy/sme-privacy.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP7WV3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34c9e2687995d4c7e9a404b8a1ad82380e84df446e39c0193978716c94008eb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

x-platform: FT
cache-control: public, max-age=14400
content-encoding: br
cf-cache-status: HIT
etag: W/"6605ac2c-daa"
age: 5212
cf-ray: 8e029f24ee7d4dca-FRA
expires: Sun, 10 Nov 2024 06:30:37 GMT
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: application/javascript
last-modified: Thu, 28 Mar 2024 17:43:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 p
tr.snapchat.com/ 68 B
444 B 160ms
29ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=af0f7b9c-4a8f-49a3-a1b8-4c9fab88e3fc&ev=PAGE_VIEW&intg=gtm&pids=af0f7b9c-4a8f-49a3-a1b8-4c9fab88e3fc&u_c1=6ce51714-f78b-4225-b027-188690e79d59&cdid=%40-914c2ee3-b8c9-4a89-aa75-281bc396aa08&u_sclid=6d7d5565-4546-4932-a4c2-226fe930d7a5&u_scsid=527d05ce-6356-4115-934c-96061c41364c&bg=false&bt=1d53c387&df=true&huah=false&m_dcl=1132&m_fcps=1632&m_pi=1132&m_pl=0&m_pv=2&m_rd=2076&m_sh=1200&m_sl=1991&m_sw=1600&pl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&trackId=2414443c-88d0-4a49-83dd-58b08617e53f&ts=1731205836845&v=3.33.3-2411062015

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 2
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: image/png
server: API Gateway

GET
H2 200 p
tr.snapchat.com/ 68 B
266 B 45ms
34ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=af0f7b9c-4a8f-49a3-a1b8-4c9fab88e3fc&ev=PAGE_VIEW&intg=gtm&pids=af0f7b9c-4a8f-49a3-a1b8-4c9fab88e3fc&u_hem=FFF7b7416ec1f35b8a794c92887c2c62529b2179b6fa911173803c59c0c463ba572&u_c1=6ce51714-f78b-4225-b027-188690e79d59&cdid=%40-4bcaa9c0-980f-4f9e-845a-b6fd91337899&u_sclid=6d7d5565-4546-4932-a4c2-226fe930d7a5&u_scsid=527d05ce-6356-4115-934c-96061c41364c&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=1132&m_fcps=1632&m_pi=1132&m_pl=0&m_pv=2&m_rd=2317&m_sh=1200&m_sl=1991&m_sw=1600&pl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&trackId=5c34f3a4-2dfc-4a2b-b167-7de63b572522&ts=1731205837086&v=3.33.3-2411062015

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 2
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: image/png
server: API Gateway

GET
H2 200 main.MWQ2ODQwNTg2MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 341 KB
95 KB 57ms
44ms Script
application/javascript 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIFJUB3C77UDF7B2L630&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 40780f31a9399252b5f948ced83fc2a4e79cde535e3ebb8e001b911a71729bdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-241107125613AD17C6DAD8E9FC94401E-511BECE8328F9F70-00
content-length: 96643
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241107125613AD17C6DAD8E9FC94401E
server: nginx
x-akamai-request-id: e9ce07e8
x-tt-trace-host: 010d206fb2f0df01aea66dfb0a2e86d25b385637899058c9b707289f85dcc5992324dcf19597f048e434f6238ab6688dda5d997c3656c3c1457b8a4da731a99ea34c1804294093d3ef4aea263d5a684d97252950e3249ba7aca2359d4a214217a4

GET
H2 200 main.MWQ2ODQwNTg2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 335 KB
93 KB 115ms
112ms Script
application/javascript 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTTOBP8RQH54JI5RKAQ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e510525512914182f11c0b1928d19bf4623a2cbd897694b007e0e31a93b7a605

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
x-tt-trace-id: 00-2411071256099325FEFA952D55488736-4120B0A70E12A8B7-00
content-length: 95035
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202411071256099325FEFA952D55488736
server: nginx
x-akamai-request-id: e9ce07e9
x-tt-trace-host: 0170e5c6f1807a877537de20b1135552f421c95d969412949eaf06a209954ddef4428b663d0d18fc3a2d91c2f1b70f6496c79c43293faa083a8b613840b4ca3bbeb2ebf02029132338f0c10e2f73b4fdd1af5cd6400771fb20df9d13b5d9cfb553

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 452ms
23ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X82QM69WT4&gtm=45je4b70v877624050z871371796za200zb71371796&_p=1731205835875&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1515886993.1731205837&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731205837&sct=1&seg=0&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&dt=Treasure%20%7C%20King%20Kong&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Page=%2F&ep.SMEHostname=ft-c143d6b1a3.pages.dev&ep.LabelTerritory=SME%20US%20Columbia&ep.Artist=%40ygtreasuremaker&tfd=2478
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X82QM69WT4&l=dataLayer&cx=c&gtm=45He4b70v71371796za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ft-c143d6b1a3.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 403ms
24ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8S2FYQC6T3&gtm=45je4b70v870693422z871371796za200zb71371796&_p=1731205835875&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1515886993.1731205837&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731205837&sct=1&seg=0&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&dt=Treasure%20%7C%20King%20Kong&en=page_view&_fv=1&_ss=1&ep.Page=%2F&ep.SMEHostname=ft-c143d6b1a3.pages.dev&tfd=2529
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8S2FYQC6T3&l=dataLayer&cx=c&gtm=45He4b70v71371796za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ft-c143d6b1a3.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 357ms
25ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5STHHB3P6V&gtm=45je4b70v9184191634z871371796za200zb71371796&_p=1731205835875&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1515886993.1731205837&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731205837&sct=1&seg=0&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&dt=Treasure%20%7C%20King%20Kong&en=page_view&_fv=1&_ss=1&ep.Page=%2F&ep.SMEHostname=ft-c143d6b1a3.pages.dev&ep.Artist=%40ygtreasuremaker&tfd=2578
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5STHHB3P6V&l=dataLayer&cx=c&gtm=45He4b70v71371796za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ft-c143d6b1a3.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 1241586466537704 Show response
connect.facebook.net/signals/config/ 29 KB
4 KB 152ms
151ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1241586466537704?v=2.9.176&r=stable&domain=ft-c143d6b1a3.pages.dev&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8331e2cb765f459c8e7f37721d56f25805f4eb5f042284e7445970a7dc3be37c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-SC6UwWhN' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SC6UwWhN' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=84, mss=1232, tbw=87478, tp=87, tpl=0, uplat=142, ullat=0
pragma: public
x-fb-debug: um3i1Hd26jn7yNRehgMMM7ZCC3nYUWhuQUBZ3twsrw45Zuhxl4P9+jFu/zmZKot9CutZ9xZwxqW65dK0P1amLw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 345ms
29ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=977700965768537&ev=PageView&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&rl=&if=false&ts=1731205837391&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.2.1731205837374.138267971201045159&cs_est=true&ler=empty&cdl=API_unavailable&it=1731205836754&coo=false&rqm=GET

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=2945, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 481ms
166ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=977700965768537&ev=PageView&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&rl=&if=false&ts=1731205837391&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.2.1731205837374.138267971201045159&cs_est=true&ler=empty&cdl=API_unavailable&it=1731205836754&coo=false&rqm=FGET

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7435472453528435136"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: WOzXyDQ5eUgq4Md96depDHD+TneHAOZ7Plz1mWsHLdm1rw5lqguUlQ7d+ctjFajxEWj+i37X7Z/+FzqwzGSlsw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7435472453528435136", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=1, c=21, mss=1328, tbw=3627, tp=-1, tpl=-1, uplat=142, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
426 B 16ms
15ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=65006066&t=pageview&_s=1&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&ul=de-de&de=UTF-8&dt=Treasure%20%7C%20King%20Kong&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=287553085&gjid=1777740162&cid=1515886993.1731205837&tid=UA-84801927-10&_gid=1828066666.1731205837&_slc=1&gtm=45He4b70n71WP7WV3v71371796za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&npa=1&z=367676659

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:37 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://ft-c143d6b1a3.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
651 B 331ms
31ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-84801927-10&cid=1515886993.1731205837&jid=287553085&gjid=1777740162&_gid=1828066666.1731205837&npa=1&_u=YCDAgAABAAAAAG~&z=881295256

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:37 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://ft-c143d6b1a3.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 16ms
16ms Script
application/javascript 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-24083002252950025D613AEAED5E2E70-5FCAA6CF46C69E27-00
content-length: 39330
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024083002252950025D613AEAED5E2E70
server: nginx
x-akamai-request-id: e9ce0c31
x-tt-trace-host: 0143abac0f4003bd96af5c29253b82c47e8db99c3db24377a0ec0f593a97ff9053ed8bacb2facd45510bd70fd5888da7ef0bb467635bf5910beb0397f1ea6f235de9eceeaeab5dc847218a3c21479232eaedc14dee6e452a6b12499eec72aa4719

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
721 B 202ms
201ms Ping
text/plain 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 10 Nov 2024 02:30:37 GMT
server-timing: inner; dur=23, cdn-cache; desc=MISS, edge; dur=8, origin; dur=126
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sun, 10 Nov 2024 02:30:37 GMT
x-akamai-request-id: e9ce0c81
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec975895dc58e30b075e5132a4d620ce515be6803aa4cb654d3e784caf89d195730e5aa5ed28f48b7a92b20108dbd775d125e8b440772e90827954f161ea6438aa3db4b93a3d6dcc327beb1b0e65782a9
x-origin-response-time: 127,23.213.160.210
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2411100230378142F10B22C9B9BF6BC8-6D6116C53F897083-00
content-length: 0
x-tt-logid: 202411100230378142F10B22C9B9BF6BC8
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
879 B 200ms
199ms Ping
text/plain 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

x-cache-remote: TCP_MISS from a23-218-220-146.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 10 Nov 2024 02:30:37 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=35, inner; dur=31
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sun, 10 Nov 2024 02:30:37 GMT
x-akamai-request-id: 260752d3.e9ce0c82
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec975895dc58e30b075e5132a4d620ce57ad68d99bd3f615228cec7d0958cfaf37a510e1c80829b9d4e177567fed84ca6ffc7a8821aab19820cf1b6ea7972dfa947d27b755f91681cd2b83dacd2710437d2f61862d5c8062ea3dd3e81b9dd82f4
x-origin-response-time: 36,23.218.220.146
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241110023037E03CBFF706A56FBCE206-2402758F82095F64-00
content-length: 0
x-parent-response-time: 123,23.213.160.210
x-tt-logid: 20241110023037E03CBFF706A56FBCE206
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 152ms
143ms Script
application/javascript 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTTOBP8RQH54JIRKAQO&lib=ttq
Requested by: Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 150aac4be68c05ab1566bfd1f7ce6694cb80f55a87f6e8e62f9c92fb09a574d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-218-220-137.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
expires: Sun, 10 Nov 2024 02:30:37 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=7, inner; dur=4
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 25e9be6d.e9ce0ed0
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec975895dc58e30b075e5132a4d620ce5b3d0dd0f728c60932fb141c9d890582058fb2b3fc22b31fdc99114f2cb4cdb4770b4fd33307c7d53f930c1c4b7e290069284cdb48eacf00728b4766fcdcc3f44ab5482a6822c825bda2cc49ef07544a1
x-origin-response-time: 7,23.218.220.137
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241110023037DC723C7A568A91BF0E87-578329957C887EB6-00
x-parent-response-time: 95,23.213.160.210
x-tt-logid: 20241110023037DC723C7A568A91BF0E87
server: nginx

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 29ms
28ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1241586466537704&ev=PageView&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&rl=&if=false&ts=1731205837702&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.2.1731205837374.138267971201045159&cs_est=true&ler=empty&cdl=API_unavailable&it=1731205836754&coo=false&rqm=GET

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=3358, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
845 B 191ms
189ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1241586466537704&ev=PageView&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&rl=&if=false&ts=1731205837702&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.2.1731205837374.138267971201045159&cs_est=true&ler=empty&cdl=API_unavailable&it=1731205836754&coo=false&rqm=FGET

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7435472454251520605"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: mlNW0g83BDRprP7llhOJqKJ7SR33tqbJfe9A4cZp2XlY/4GjndN6NWQtGR2ccQtbqoEPkmeIu/3AWaw0EsUBUg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7435472454251520605", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=1, c=21, mss=1328, tbw=6408, tp=-1, tpl=-1, uplat=173, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
101 B 30ms
29ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=977700965768537&ev=PageView&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&rl=&if=false&ts=1731205837706&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.2.1731205837374.138267971201045159&cs_est=true&ler=empty&cdl=API_unavailable&it=1731205836754&coo=false&tm=1&rqm=GET

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=3473, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
848 B 205ms
204ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=977700965768537&ev=PageView&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&rl=&if=false&ts=1731205837706&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12318&fbp=fb.2.1731205837374.138267971201045159&cs_est=true&ler=empty&cdl=API_unavailable&it=1731205836754&coo=false&tm=1&rqm=FGET

Requested by

Host: ft-c143d6b1a3.pages.dev
URL: https://ft-c143d6b1a3.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7435472454366051956"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: KdXyittStlFJUGcKguqfclhjAs2M0UEeyINBLM9ziguLZkQ0gVnWDKv1Z/d+YtH1fVUz38qO7eB1JPFywPd/mg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7435472454366051956", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=1, c=21, mss=1328, tbw=7275, tp=-1, tpl=-1, uplat=193, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
721 B 182ms
174ms Ping
text/plain 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 10 Nov 2024 02:30:37 GMT
server-timing: inner; dur=35, cdn-cache; desc=MISS, edge; dur=10, origin; dur=149
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sun, 10 Nov 2024 02:30:37 GMT
x-akamai-request-id: e9ce0f4c
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec975895dc58e30b075e5132a4d620ce5586c8f059b2ef9fa3bfff0eb7f403713920faedd0511b012c071c57debf31ca244dbd631c57121052728a71c4066f56f8b54f608b42c962eafd1013269f016b8
x-origin-response-time: 149,23.213.160.210
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241110023037DC84A1783CA856BFFCA5-12AFFC02522DD21B-00
content-length: 0
x-tt-logid: 20241110023037DC84A1783CA856BFFCA5
server: nginx

POST
H2 200 p
tr6.snapchat.com/ 0
47 B 48ms
18ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 10 Nov 2024 02:30:37 GMT
x-envoy-upstream-service-time: 0
server: API Gateway

GET
H2 200 main.MWQ2ODQwNTg2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 335 KB
0 0ms
0ms Script
application/javascript 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTTOBP8RQH54JIRKAQO&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e510525512914182f11c0b1928d19bf4623a2cbd897694b007e0e31a93b7a605

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
x-tt-trace-id: 00-2411071256099325FEFA952D55488736-4120B0A70E12A8B7-00
content-length: 95035
date: Sun, 10 Nov 2024 02:30:37 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202411071256099325FEFA952D55488736
server: nginx
x-akamai-request-id: e9ce07e9
x-tt-trace-host: 0170e5c6f1807a877537de20b1135552f421c95d969412949eaf06a209954ddef4428b663d0d18fc3a2d91c2f1b70f6496c79c43293faa083a8b613840b4ca3bbeb2ebf02029132338f0c10e2f73b4fdd1af5cd6400771fb20df9d13b5d9cfb553

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
723 B 246ms
219ms Ping
text/plain 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 10 Nov 2024 02:30:38 GMT
server-timing: inner; dur=29, cdn-cache; desc=MISS, edge; dur=18, origin; dur=178
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sun, 10 Nov 2024 02:30:38 GMT
x-akamai-request-id: e9ce1101
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec975895dc58e30b075e5132a4d620ce56d03ac4d3b72e2743294e7cb12a1bcf3e0a204f883d4e3a9634285b675e82a71ea77c4e12d4b5bf2efc0f9310bca715218a687fbb3a40ad33bb242b1cbef026f
x-origin-response-time: 178,23.213.160.210
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2411100230379154FBD457CC58BAF9D3-68D0F8B67D180C9C-00
content-length: 0
x-tt-logid: 202411100230379154FBD457CC58BAF9D3
server: nginx

POST
H2 200 p
tr.snapchat.com/ 0
96 B 26ms
24ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://ft-c143d6b1a3.pages.dev
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 10 Nov 2024 02:30:37 GMT
server: API Gateway

GET
H3 200 favicon-32x32.png
ft-c143d6b1a3.pages.dev/images/favicon/ 2 KB
2 KB 38ms
37ms Other
image/png 2606:4700:310c::ac42:2f79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ft-c143d6b1a3.pages.dev/images/favicon/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

032bda7b3b93b16d04c958f3f5f1dc11d7df81b6fd77a6991d23a1742cf86848

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "fdfd29fcffec3c3376a839605de0b74a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y26n3AwoYCTvNa3%2B%2BqvAwfzK2rjR3JSSKlAvFxmqVYu6D6NX0r7Beu8WScUBl%2FrhTg4KFKsRUCPduI4F%2B8lf%2FD0Fu1JM8C%2Bbh8JeLi2mcIusDp80W3oN7K6Nky%2Bg7A4TLQplfKsPbjXl4IExw6pw8xwLn%2F4cew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e029f278ae8d345-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1852
server-timing: cfL4;desc="?proto=QUIC&rtt=26408&sent=605&recv=112&lost=0&retrans=0&sent_bytes=707604&recv_bytes=10294&delivery_rate=2703363&cwnd=333600&unsent_bytes=0&cid=26754a50681ca749&ts=3196&x=1", cfHdrFlush;dur=0
date: Sun, 10 Nov 2024 02:30:38 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
722 B 209ms
208ms Ping
text/plain 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 10 Nov 2024 02:30:38 GMT
server-timing: inner; dur=28, cdn-cache; desc=MISS, edge; dur=11, origin; dur=139
x-cache: TCP_MISS from a23-213-160-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sun, 10 Nov 2024 02:30:38 GMT
x-akamai-request-id: e9ce136e
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ec975895dc58e30b075e5132a4d620ce5b7a4d16dce6161908d400b0786db99d2c55a9b84457bbef5c75ac4ddbdc9174377dcf05ebf2bfc47744f804ac782571f0129e6bf0c3bbffd39ac89e7e8b8d35c
x-origin-response-time: 140,23.213.160.210
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24111002303876C32FC22F1ABD54A0BA-30C08A9D757A75B7-00
content-length: 0
x-tt-logid: 2024111002303876C32FC22F1ABD54A0BA
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 17ms
16ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X82QM69WT4&gtm=45je4b70v877624050za200zb71371796&_p=1731205835875&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1515886993.1731205837&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731205837&sct=1&seg=0&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&dt=Treasure%20%7C%20King%20Kong&en=scroll&ep.Page=%2F&ep.SMEHostname=ft-c143d6b1a3.pages.dev&ep.LabelTerritory=SME%20US%20Columbia&ep.Artist=%40ygtreasuremaker&epn.percent_scrolled=90&_et=168&tfd=7650
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X82QM69WT4&l=dataLayer&cx=c&gtm=45He4b70v71371796za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ft-c143d6b1a3.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:42 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 17ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8S2FYQC6T3&gtm=45je4b70v870693422za200zb71371796&_p=1731205835875&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1515886993.1731205837&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731205837&sct=1&seg=0&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&dt=Treasure%20%7C%20King%20Kong&en=scroll&ep.Page=%2F&ep.SMEHostname=ft-c143d6b1a3.pages.dev&epn.percent_scrolled=90&_et=124&tfd=7663
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8S2FYQC6T3&l=dataLayer&cx=c&gtm=45He4b70v71371796za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ft-c143d6b1a3.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:42 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 26ms
24ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5STHHB3P6V&gtm=45je4b70v9184191634za200zb71371796&_p=1731205835875&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1515886993.1731205837&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731205837&sct=1&seg=0&dl=https%3A%2F%2Fft-c143d6b1a3.pages.dev%2F&dt=Treasure%20%7C%20King%20Kong&en=scroll&ep.Page=%2F&ep.SMEHostname=ft-c143d6b1a3.pages.dev&ep.Artist=%40ygtreasuremaker&epn.percent_scrolled=90&_et=84&tfd=7676
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5STHHB3P6V&l=dataLayer&cx=c&gtm=45He4b70v71371796za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ft-c143d6b1a3.pages.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ft-c143d6b1a3.pages.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 10 Nov 2024 02:30:42 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 00:54:52	Name: X-AB Value: c2075ee9444149d6b2ff54a8d6aa40e6
.ft-c143d6b1a3.pages.dev/	1970-01-21 03:03:01	Name: _gcl_au Value: 1.1.1788929921.1731205837
.ft-c143d6b1a3.pages.dev/	1970-01-21 10:23:12	Name: _scid Value: dERs5RcU94siJZInGIaQ551ZKGA3OunM
.tiktok.com/	1970-01-21 10:15:01	Name: _ttp Value: 2odiQOrBhNcmatkXTAa9ZaLJU0i
.ft-c143d6b1a3.pages.dev/	1970-01-21 10:23:12	Name: _scid_r Value: jcRs5RcU94siJZInGIaQ551ZKGA3OunM036tJg
.snapchat.com/	1970-01-21 10:15:01	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIDg951sHoFAxvi3LjeSmvq8XWhVQWhW6XntEbOqNBXdjJGHzFZ2AQMgAAAA==
.t.co/	1970-01-21 10:29:25	Name: muc_ads Value: 67ec0217-1106-4393-b8e1-9492c8e734d8
.t.co/	1970-01-21 00:53:27	Name: __cf_bm Value: RjvgoomEK31dITRh2xbM5fmv4uW0ZXz.81OcgO7VRMA-1731205837-1.0.1.1-ZfiNcDwP4Cs18Rt2Kr2pPo6n1ih8Z4ycLff67pTo9zzfk7D4HoUwOrNTBTpAaQ0f9bLhnJZunhoMgVcMlDmfJg
.twitter.com/	1970-01-21 10:29:25	Name: personalization_id Value: "v1_WPrm2uFL3KbDohckjInDQg=="
.ft-c143d6b1a3.pages.dev/	1970-01-21 03:03:01	Name: _fbp Value: fb.2.1731205837374.138267971201045159
.ft-c143d6b1a3.pages.dev/	1970-01-21 10:29:25	Name: _ga Value: GA1.3.1515886993.1731205837
.ft-c143d6b1a3.pages.dev/	1970-01-21 00:54:52	Name: _gid Value: GA1.3.1828066666.1731205837
.ft-c143d6b1a3.pages.dev/	1970-01-21 00:53:25	Name: _dc_gtm_UA-84801927-10 Value: 1
.ft-c143d6b1a3.pages.dev/	1970-01-21 10:29:25	Name: _ga_X82QM69WT4 Value: GS1.1.1731205837.1.0.1731205837.0.0.0
.ft-c143d6b1a3.pages.dev/	1970-01-21 10:29:25	Name: _ga_8S2FYQC6T3 Value: GS1.1.1731205837.1.0.1731205837.0.0.0
.ft-c143d6b1a3.pages.dev/	1970-01-21 10:29:25	Name: _ga_5STHHB3P6V Value: GS1.1.1731205837.1.0.1731205837.0.0.0
.ft-c143d6b1a3.pages.dev/	1970-01-21 10:15:01	Name: _tt_enable_cookie Value: 1
.ft-c143d6b1a3.pages.dev/	1970-01-21 10:15:01	Name: _ttp Value: Pm-gmIRhZHsXSrmFU8mJmslzadB
.ft-c143d6b1a3.pages.dev/	1970-01-21 01:03:30	Name: _ScCbts Value: %5B%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.tiktok.com
analytics.twitter.com
cdn.smehost.net
connect.facebook.net
forms.sonymusicfans.com
ft-c143d6b1a3.pages.dev
js-cdn.music.apple.com
p.typekit.net
region1.google-analytics.com
sc-static.net
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tools.sonymusiccreative.com
tr.snapchat.com
tr6.snapchat.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.18.37.185
104.244.42.67
146.75.120.157
162.159.140.229
18.173.156.247
2001:4860:4802:34::36
23.213.161.209
2606:4700:310c::ac42:2f79
2606:4700:4400::ac40:9613
2606:4700::6811:470a
2a00:1450:4001:803::200e
2a00:1450:4001:808::2008
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2004
2a00:1450:400c:c09::9c
2a02:26f0:3500:16::215:1495
2a02:26f0:480:395::1fcf
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
35.190.43.134
0022009ef0c61b9ac1bdc54c38b803abb7794883e2751e1df9f4171870f362f7
032bda7b3b93b16d04c958f3f5f1dc11d7df81b6fd77a6991d23a1742cf86848
0539e7ed83b340c98a58d3d080d27a1b9d7cd7f6da1bdfad52ed4b5b55f1eaf1
081e297c63f0a44e0d8e6be08fb80907682295b0fa4ccaef5b168d564977c976
09d968ff3f45ce360f83d4ae9fb0ef0a66f32de13ce366e31882b7b597e987fd
0ccb2ab37cedaef2eab9c7044c99afdb8c73a122a29ad8b7344af644a15bd14b
150aac4be68c05ab1566bfd1f7ce6694cb80f55a87f6e8e62f9c92fb09a574d9
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
28c75e7153fbc73e34d837ff3122f258ff9369d14efcb5a4fadec6632ed14c1d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
3450084c6acc6cf032d7711488e9d68d65b33612dbc9cf8c430b2912e9d35030
34c9e2687995d4c7e9a404b8a1ad82380e84df446e39c0193978716c94008eb7
3ffe7c13a369280401c682882973cfb52853dc0395716aeea257275661bf119d
40780f31a9399252b5f948ced83fc2a4e79cde535e3ebb8e001b911a71729bdd
53116b99badd50a8e90cd73914c68dfc3e7780819211349f96278b417af5442b
5366ccca3b402fce7cfcb039db98f3f21c95315be731a5e8315c6aeda4b47d2e
64a7464c8b8a11a60f0c5b55d16f5120e3f918b231b7bae206000fd731db81db
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
74123d8bf8a3e13c67184335611f29e82f02c9ac28c40a42bfdce167f150ddaa
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
8331e2cb765f459c8e7f37721d56f25805f4eb5f042284e7445970a7dc3be37c
99a669a491932ec037e944c42de9c2f987fe11d2638b52cf4cccb8412bdc985b
9cb34979f78678164bd7f8ed792e65efc6b4c2bc2af869c51fcbbff4085d577f
9fc8a0c7c0c051029f5877da931590f869d6767ffb6abf758c4498b42c222b29
a57c7fc3409253aa01c64748328d4f8400a8482096e4d2c02388688fb4544bd8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
cc964171ebd060e4d1613cf15a618d26af1b4d43cde10777821f9ab295ee3b83
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d6349c0b7d7e93a707be9acba0e0bf2aa02ea3b7a5c4d9c4784da4c247a7c971
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e510525512914182f11c0b1928d19bf4623a2cbd897694b007e0e31a93b7a605
e89e6b7497d9c15a87f0b1bb66da095e206b48506e6e5ddcc852113057b4fc00
f0e8f04bdec051cacda6984d4c2ff1b8afdac3ac3c6e2c08d3c92bbda69d3aa1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ft-c143d6b1a3.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2f79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

65 %IPv6

19 Domains

22 Subdomains

20 IPs

4 Countries

1865 kBTransfer

4726 kBSize

19 Cookies

22 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ft-c143d6b1a3.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f79 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

65 %
IPv6

19
Domains

22
Subdomains

20
IPs

4
Countries

1865 kB
Transfer

4726 kB
Size

19
Cookies

60 HTTP transactions
1 data transactions