urlscan.io logo urlscan.io
SecurityTrails logo

petunia.fun Open in urlscan Pro
31.43.161.6  Public Scan

Go To Rescan Add Verdict Report
URL: https://petunia.fun/
Submission: On November 10 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 17 HTTP transactions. The main IP is 31.43.161.6, located in Kyiv, Ukraine and belongs to AMAZON-02, US. The main domain is petunia.fun.
TLS certificate: Issued by E6 on November 7th 2024. Valid for: 3 months.
This is the only time petunia.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 31.43.161.6 16509 (AMAZON-02)
7 2600:9000:272... 16509 (AMAZON-02)
2 18.173.187.68 16509 (AMAZON-02)
2 142.250.186.67 15169 (GOOGLE)
1 2 23.36.163.33 20940 (AKAMAI-ASN1)
3 23.32.238.226 20940 (AKAMAI-ASN1)
1 54.230.228.65 16509 (AMAZON-02)
17 8
1    31.43.161.6 (Kyiv, Ukraine)

ASN16509 (AMAZON-02, US)
PTR: sites.framer.app
petunia.fun
7    2600:9000:2724:9800:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)
framerusercontent.com
2    18.173.187.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-68.muc50.r.cloudfront.net
events.framer.com
2    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
2    23.36.163.33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-33.deploy.static.akamaitechnologies.com
www.tiktok.com
3    23.32.238.226 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-226.deploy.static.akamaitechnologies.com
sf16-website-login.neutral.ttwstatic.com
1    54.230.228.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-65.muc50.r.cloudfront.net
framerusercontent.com
Apex Domain
Subdomains		 Transfer
8 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 26990
312 KB
3 ttwstatic.com
sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 7191
23 KB
2 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 4355
4 KB
2 gstatic.com
fonts.gstatic.com
62 KB
2 framer.com
events.framer.com — Cisco Umbrella Rank: 37544
7 KB
1 petunia.fun
petunia.fun
40 KB
17 6
Domain Requested by
8 framerusercontent.com petunia.fun
3 sf16-website-login.neutral.ttwstatic.com srcdoc
www.tiktok.com
2 www.tiktok.com 1 redirects sf16-website-login.neutral.ttwstatic.com
2 fonts.gstatic.com petunia.fun
2 events.framer.com petunia.fun
events.framer.com
1 petunia.fun
17 6

This site contains links to these domains. Also see Links.

Domain
dexscreener.com
www.tiktok.com
x.com
t.me
Subject Issuer Validity Valid
petunia.fun
E6		 2024-11-07 -
2025-02-05		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-14		 a year crt.sh
events.framer.com
Amazon RSA 2048 M03		 2024-04-09 -
2025-05-07		 a year crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.neutral.ttwstatic.com
RapidSSL TLS RSA CA G1		 2024-07-02 -
2025-07-01		 a year crt.sh
*.www.tiktok.com
RapidSSL ECC CA 2018		 2023-11-09 -
2024-12-09		 a year crt.sh

This page contains 3 frames:

Primary Page: https://petunia.fun/
Frame ID: A86E6CD52FAD94A828AFFFAFAF178857
Requests: 13 HTTP requests in this frame

Frame: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
Frame ID: 68E6EE0881965CF4F4BD333B2EBC8DFA
Requests: 4 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7431269993356004650?lang=de-DE&referrer=https%3A%2F%2Fpetunia.fun%2F
Frame ID: 6FE203BA287C5DF9C3566CE74A5B8F9F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

petunia

Page Statistics

17
Requests

94 %
HTTPS

14 %
IPv6

6
Domains

6
Subdomains

8
IPs

3
Countries

443 kB
Transfer

1079 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.tiktok.com/embed.js HTTP 302
  • https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
petunia.fun/ 		167 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://petunia.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.161.6 Kyiv, Ukraine, ASN16509 (AMAZON-02, US),
Reverse DNS
sites.framer.app
Software
Framer/398c04b /
Resource Hash
ef6e6d9afcc1427c078b3130980287a1635d97b88fda9c6dbafc926102f7e3e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
40261
content-type
text/html
date
Sun, 10 Nov 2024 03:25:53 GMT
etag
"2e479bf2c738ce6b9255190541406cec"
last-modified
Thu, 07 Nov 2024 18:11:24 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Framer/398c04b
server-timing
region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="398c04b"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
chunk-RBD3QB2V.mjs
framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/ 		620 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/chunk-RBD3QB2V.mjs
Requested by
Host: petunia.fun
URL: https://petunia.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7b738b0b00587044bec9ded6ac2309d4ca0ce26fba18e3729843dea213941b7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://petunia.fun
Referer
https://petunia.fun/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"94d02167bc7e60eecc56f24cc0e856c9"
x-amz-version-id
W3g5UY8lUXJMzSIl0epCFgdR2VSStd9i
age
207152
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
FzrRDiT-e37hOI5v6mDRM1ajIPWXU89qcU1o9tgIPeaDlpfFqzmVpA==
date
Thu, 07 Nov 2024 17:53:22 GMT
content-type
text/javascript
last-modified
Thu, 07 Nov 2024 07:12:22 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="FzrRDiT-e37hOI5v6mDRM1ajIPWXU89qcU1o9tgIPeaDlpfFqzmVpA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P12
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-2TUB4ERK.mjs
framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/chunk-2TUB4ERK.mjs
Requested by
Host: petunia.fun
URL: https://petunia.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c0b263435294af8e3e65a461834c058322206961c2745a7dc546f7c776b88dd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://petunia.fun
Referer
https://petunia.fun/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"447ff656ca08cade22f561e72c77a5e7"
x-amz-version-id
B22UwYfofPwrrlxyqjKnbuJazFcKLjp3
age
255618
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
EyZM4n6AtugWtAEigksKW9FyUhPyyGQKV07NKaUQeW4zhctWc-iJRA==
date
Thu, 07 Nov 2024 04:25:36 GMT
content-type
text/javascript
last-modified
Thu, 07 Nov 2024 04:17:56 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="EyZM4n6AtugWtAEigksKW9FyUhPyyGQKV07NKaUQeW4zhctWc-iJRA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=0
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P12
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-RIUMFBNJ.mjs
framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/ 		447 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/chunk-RIUMFBNJ.mjs
Requested by
Host: petunia.fun
URL: https://petunia.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://petunia.fun
Referer
https://petunia.fun/

Response headers

access-control-max-age
0
etag
"30ed32fa3444df726bb60d89113cf478"
x-amz-version-id
5Ezh.jR.g9zhTivmp9rgjw1UB_D..mml
age
255618
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
tuRblU6DbpxUv4UB3MtRN5Ax6OEk42W4mpC1D6fNLingfDvyoeIYGw==
date
Thu, 07 Nov 2024 04:25:36 GMT
content-type
text/javascript
last-modified
Thu, 07 Nov 2024 04:17:56 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
PENDING
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="tuRblU6DbpxUv4UB3MtRN5Ax6OEk42W4mpC1D6fNLingfDvyoeIYGw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
447
x-xss-protection
0
x-amz-cf-pop
FRA56-P12
server
CloudFront
x-amz-server-side-encryption
AES256
2Czc5JxZBd4c_dwjp6jk9-BG8uKyVI3Hq7dxsJ4XcjE.PXY3FQ76.mjs
framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/2Czc5JxZBd4c_dwjp6jk9-BG8uKyVI3Hq7dxsJ4XcjE.PXY3FQ76.mjs
Requested by
Host: petunia.fun
URL: https://petunia.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3f278f5bf4094b5425f8129b2755f4e558211322e82075f56ad47aba26d87c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://petunia.fun
Referer
https://petunia.fun/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"a899a93849841732861f7b8ebe838ca7"
x-amz-version-id
YQI1S7wUIwUFPQgDzvBSFbvpp9vHq0Pl
age
205843
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
jF8TgnJk5cDHJC4apsUatkL9r-UX-Oj9qlOuTsOGrlPs11R8RywCrw==
date
Thu, 07 Nov 2024 18:15:11 GMT
content-type
text/javascript
last-modified
Thu, 07 Nov 2024 18:11:23 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="jF8TgnJk5cDHJC4apsUatkL9r-UX-Oj9qlOuTsOGrlPs11R8RywCrw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P12
server
CloudFront
x-amz-server-side-encryption
AES256
chunk-S5XVMCR6.mjs
framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/ 		955 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/chunk-S5XVMCR6.mjs
Requested by
Host: petunia.fun
URL: https://petunia.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a072870691e06b13348f8dd52aac70d734c67571022b0959aee2d2bf0a6c1d8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://petunia.fun
Referer
https://petunia.fun/

Response headers

access-control-max-age
0
etag
"8da898b41ed194d54e5958741ed44191"
x-amz-version-id
LuwHuCOecdRlYO8uRYiHOUTdG1OiMw7y
age
205843
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
WeFdVjnkRhrqsGRqWOHiPBkgPjBtd5NtgoSlEfZgumJaQgzKIIDZJQ==
date
Thu, 07 Nov 2024 18:15:11 GMT
content-type
text/javascript
last-modified
Thu, 07 Nov 2024 18:11:23 GMT
vary
Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
PENDING
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="WeFdVjnkRhrqsGRqWOHiPBkgPjBtd5NtgoSlEfZgumJaQgzKIIDZJQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
955
x-xss-protection
0
x-amz-cf-pop
FRA56-P12
server
CloudFront
x-amz-server-side-encryption
AES256
script_main.NDWVDPOM.mjs
framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/3u2ligUJ03maKPAMRAcGV8/script_main.NDWVDPOM.mjs
Requested by
Host: petunia.fun
URL: https://petunia.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
aa6bea04c17b82a81b0f266122b52c9bc8a0319a2717eefddd06cfa92ca4541e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://petunia.fun
Referer
https://petunia.fun/

Response headers

access-control-max-age
0
content-encoding
br
etag
W/"afce7d7dadc8887da407db1dd21532ae"
x-amz-version-id
zp9iLbolESH8t2THj9avBomLAot4Zviq
age
205843
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
JH4HBDXmZDclOHTFGht_p56W4u7zqUgUQOT-eCd7xa9C4WyrHNEW-Q==
date
Thu, 07 Nov 2024 18:15:11 GMT
content-type
text/javascript
last-modified
Thu, 07 Nov 2024 18:11:23 GMT
vary
Accept-Encoding,Origin
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
PENDING
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="JH4HBDXmZDclOHTFGht_p56W4u7zqUgUQOT-eCd7xa9C4WyrHNEW-Q==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P12
server
CloudFront
x-amz-server-side-encryption
AES256
script
events.framer.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: petunia.fun
URL: https://petunia.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-68.muc50.r.cloudfront.net
Software
/
Resource Hash
89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://petunia.fun/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length
18177
timestamp
Sun, 10 Nov 2024 03:24:47 GMT
content-encoding
gzip
x-amz-apigw-id
BAsmYF9jIAMELKg=
x-amzn-trace-id
Root=1-673027c2-400476634f4d26e47fe44483
x-amzn-requestid
6f2b00ba-42af-4e1e-a7d1-62d1a77bd402
via
1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
6204
x-amz-cf-id
QsQJYHjBZHp6FuFL_EnH-3YcEv3Rh_ld84eZv158cdVEd0L8a0spYQ==
date
Sun, 10 Nov 2024 03:25:54 GMT
content-type
text/javascript
x-amz-cf-pop
MUC50-P4
8zBzaJyF6NLLENZc8qkHMLR9umk.png
framerusercontent.com/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/8zBzaJyF6NLLENZc8qkHMLR9umk.png?scale-down-to=1024
Requested by
Host: petunia.fun
URL: https://petunia.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:9800:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a20edd3f63ee1ee9e2a56ad8a54b5f65b72f28767fc2066bd133ca8bfd62578c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://petunia.fun/

Response headers

etag
"c91c52ee1d34283e157cdc3aa5ab9fdb"
age
258361
x-content-type-options
nosniff
x-amzn-requestid
03fb123c-14d0-48d3-808f-7b24bb472420
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
SX8PkgjbZVB2eS_PBUUcs36HLUDodKoBd3f5wbb9O_ZNi6hofVWpDw==
date
Thu, 07 Nov 2024 03:39:52 GMT
content-type
image/avif
vary
Accept
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P12",cdn-rid;desc="SX8PkgjbZVB2eS_PBUUcs36HLUDodKoBd3f5wbb9O_ZNi6hofVWpDw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-672c3686-02947d003a7432de3d10ab42;Sampled=1;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
FRA56-P12
K2F1fZFGl_JSR1tAWNG9R5qnJy8.woff2
fonts.gstatic.com/s/rampartone/v10/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rampartone/v10/K2F1fZFGl_JSR1tAWNG9R5qnJy8.woff2
Requested by
Host: petunia.fun
URL: https://petunia.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
e273bc3c757680c3b0bc6db61532bc9dc3a6342232766b472150e326b3c40b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://petunia.fun
Referer
https://petunia.fun/

Response headers

age
143576
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 11:32:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 11:32:57 GMT
last-modified
Tue, 06 Aug 2024 21:35:42 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39396
x-xss-protection
0
server
sffe
UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuGKYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v18/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuGKYAZ9hiA.woff2
Requested by
Host: petunia.fun
URL: https://petunia.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
62553d159189834af73c9a6264704be5b2bee9a08da66a14768d8e5c6ffd2cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://petunia.fun
Referer
https://petunia.fun/

Response headers

age
450803
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 04 Nov 2025 22:12:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 22:12:30 GMT
last-modified
Mon, 29 Jul 2024 22:45:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24304
x-xss-protection
0
server
sffe
embed_v1.0.12.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/ Frame 68E6
Redirect Chain
  • https://www.tiktok.com/embed.js
  • https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
23.32.238.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-226.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc15d2dbaaafa80d89a77adf365ea3a2a728c8eefc36b9872b06b78d7d919b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://petunia.fun/

Response headers

content-md5
9V0JLxhpwMvoJafbvKO0pQ==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
content-encoding
br
etag
b2f83e35-5705-4835-962f-dbe0d55871a0
x-check-cacheable
YES
x-content-type-options
nosniff
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Tue, 10 Dec 2024 03:25:53 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cache
TCP_MEM_HIT from a23-32-238-222.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Sun, 10 Nov 2024 03:25:53 GMT
last-modified
Mon, 22 Jan 2024 19:32:27 GMT
content-type
application/javascript
vary
Accept-Encoding
x-akamai-request-id
64a6286
opc-request-id
iad-1:Q2p2Cahv8nMtZ2DQvH9I_QNNRg3sEHGKBHyhD07jYWGs0vzxYmjfy38SWXloulyA
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
13fb1b8e-79ca-40e8-8dec-c5db316da63b
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
13353

Redirect headers

proxy-status
0000201302026000
expires
Sun, 10 Nov 2024 03:25:53 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=86
x-cache
TCP_MISS from a23-36-161-6.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-02978ab5588da6405be9084889a03f78) (-)
date
Sun, 10 Nov 2024 03:25:53 GMT
content-type
text/html
x-akamai-request-id
15d438ab
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e6705a041bce1da2a15bc12ad3f875c37778caa724c62fd83fdc2ef20f9c7abfaf057157ad96b19eea13ebbeca9c84a221
reporting-endpoints
csp-endpoint="https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
x-origin-response-time
86,23.36.161.6
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsco.re *.adsintegrity.net *.akamaized.net *.amazonaws.com *.arkoselabs.com *.billetlugen.dk *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.entradas.com *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.giphy.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ae *.google.at *.google.be *.google.bg *.google.bj *.google.by *.google.ca *.google.ch *.google.co.cr *.google.co.id *.google.co.il *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.uk *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bd *.google.com.br *.google.com.cy *.google.com.do *.google.com.ec *.google.com.gh *.google.com.lb *.google.com.mt *.google.com.my *.google.com.ng *.google.com.pe *.google.com.pk *.google.com.sa *.google.com.sg *.google.com.tr *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.gr *.google.hr *.google.hu *.google.ie *.google.iq *.google.is *.google.it *.google.lt *.google.lu *.google.lv *.google.md *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.se *.google.si *.google.sk *.google.td *.google.tn *.googleapis.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tenor.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com i.ticketweb.com images.universe.com interactives.ap.org media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; report-to csp-endpoint; report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=482c3ff4-a766-4e0e-aa09-72298aef70dc&scene=1; upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
location
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
content-security-policy-report-only
report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=482c3ff4-a766-4e0e-aa09-72298aef70dc&scene=1;report-to csp-endpoint;script-src 'unsafe-eval' apis.google.com c.paypal.com cdn.ampproject.org cdnjs.cloudflare.com client-api.arkoselabs.com code.jquery.com connect.facebook.net developers.kakao.com googleads.g.doubleclick.net googletagmanager.com interactives.ap.org js.hcaptcha.com js.hsforms.net pay.google.com recaptcha.google.com s20.tiktokcdn.com s3.amazonaws.com sf16-website-login.neutral.tiktokcdn-eu.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com sf16m-website-login.neutral.ttwstatic.com ssl.bing.com ssl.google-analytics.com unpkg.com vimeo.com www.google-analytics.com www.google.com www.googleadservices.com www.googleapis.com www.googletagmanager.com www.gstatic.com www.vimeo.com;worker-src www.tiktok.com/business/sw.js www.tiktok.com/creator/worker/ www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/help/sw.js www.tiktok.com/live/creator-networks/pdf.worker.min.js www.tiktok.com/live/static/player-worker/ www.tiktok.com/risk-appeal-ocr/BlinkCardWasmSDK.worker.min.js www.tiktok.com/series/worker/ www.tiktok.com/sw.js
x-tt-trace-id
00-2411100325527032088CB4C3B0BD195A-0E219FF343DA6028-00
content-length
136
x-tt-logid
202411100325527032088CB4C3B0BD195A
server
TLB
embed_lib_v1.0.12.css
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/ Frame 68E6 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-226.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c107541703c4d748d507c1827566254c8a950dc913e83f6ec490e5cec3eca0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://petunia.fun/

Response headers

content-md5
Ii2KDY04c+qhyedihYMYdg==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
content-encoding
br
etag
39224e5f-f8d6-4c55-ae56-505ef909cad1
x-check-cacheable
YES
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Tue, 10 Dec 2024 03:25:54 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=0
x-cache
TCP_MEM_HIT from a23-32-238-222.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Sun, 10 Nov 2024 03:25:54 GMT
last-modified
Mon, 22 Jan 2024 19:32:26 GMT
content-type
text/css
vary
Accept-Encoding
x-akamai-request-id
64a62bc
opc-request-id
iad-1:F-GmYTpkYt4vDKCxQ32P6nxr9VDw3mn9AP2-fBr-X2mRyQIYr7QV2qcFWqYCRzTY
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
13b130cc-bbd0-4b27-8c6e-b602952002cb
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1323
embed_lib_v1.0.12.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/ Frame 68E6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.238.226 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-238-226.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
837952667afe5b3e25ecaea19e3884e52add3125525a16d5c513270c9c50a8a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://petunia.fun/

Response headers

content-md5
VdrKLRPQL3RIZZVN/2qAoQ==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
content-encoding
br
etag
68841bda-6450-4a08-b6f6-faff4077f49a
x-check-cacheable
YES
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Tue, 10 Dec 2024 03:25:54 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=0
x-cache
TCP_MEM_HIT from a23-32-238-222.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date
Sun, 10 Nov 2024 03:25:54 GMT
last-modified
Mon, 22 Jan 2024 19:32:27 GMT
content-type
application/javascript
vary
Accept-Encoding
x-akamai-request-id
64a62be
opc-request-id
iad-1:yvN4bg8V8-n5uytG9lmowXEj__qYpCIackWLttBw9Erfjec96OfeMYVrdXo-gqes
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
b9e60eac-0991-435a-9f2a-a3f1f27e2397
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
5716
7431269993356004650
www.tiktok.com/embed/v2/ Frame 6FE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tiktok.com/embed/v2/7431269993356004650?lang=de-DE&referrer=https%3A%2F%2Fpetunia.fun%2F
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-33.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests ; report-to csp-endpoint; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsco.re *.adsintegrity.net *.akamaized.net *.amazonaws.com *.arkoselabs.com *.billetlugen.dk *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.entradas.com *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.giphy.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ae *.google.at *.google.be *.google.bg *.google.bj *.google.by *.google.ca *.google.ch *.google.co.cr *.google.co.id *.google.co.il *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.uk *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bd *.google.com.br *.google.com.cy *.google.com.do *.google.com.ec *.google.com.gh *.google.com.lb *.google.com.mt *.google.com.my *.google.com.ng *.google.com.pe *.google.com.pk *.google.com.sa *.google.com.sg *.google.com.tr *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.gr *.google.hr *.google.hu *.google.ie *.google.iq *.google.is *.google.it *.google.lt *.google.lu *.google.lv *.google.md *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.se *.google.si *.google.sk *.google.td *.google.tn *.googleapis.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tenor.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com i.ticketweb.com images.universe.com interactives.ap.org media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=482c3ff4-a766-4e0e-aa09-72298aef70dc&scene=1

Request headers

Referer
https://petunia.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
br
content-security-policy
upgrade-insecure-requests ; report-to csp-endpoint; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsco.re *.adsintegrity.net *.akamaized.net *.amazonaws.com *.arkoselabs.com *.billetlugen.dk *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.entradas.com *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.giphy.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ae *.google.at *.google.be *.google.bg *.google.bj *.google.by *.google.ca *.google.ch *.google.co.cr *.google.co.id *.google.co.il *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.uk *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bd *.google.com.br *.google.com.cy *.google.com.do *.google.com.ec *.google.com.gh *.google.com.lb *.google.com.mt *.google.com.my *.google.com.ng *.google.com.pe *.google.com.pk *.google.com.sa *.google.com.sg *.google.com.tr *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.gr *.google.hr *.google.hu *.google.ie *.google.iq *.google.is *.google.it *.google.lt *.google.lu *.google.lv *.google.md *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.se *.google.si *.google.sk *.google.td *.google.tn *.googleapis.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tenor.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com i.ticketweb.com images.universe.com interactives.ap.org media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=482c3ff4-a766-4e0e-aa09-72298aef70dc&scene=1
content-security-policy-report-only
report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=482c3ff4-a766-4e0e-aa09-72298aef70dc&scene=1;report-to csp-endpoint;script-src 'unsafe-eval' apis.google.com c.paypal.com cdn.ampproject.org cdnjs.cloudflare.com client-api.arkoselabs.com code.jquery.com connect.facebook.net developers.kakao.com googleads.g.doubleclick.net googletagmanager.com interactives.ap.org js.hcaptcha.com js.hsforms.net pay.google.com recaptcha.google.com s20.tiktokcdn.com s3.amazonaws.com sf16-website-login.neutral.tiktokcdn-eu.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com sf16m-website-login.neutral.ttwstatic.com ssl.bing.com ssl.google-analytics.com unpkg.com vimeo.com www.google-analytics.com www.google.com www.googleadservices.com www.googleapis.com www.googletagmanager.com www.gstatic.com www.vimeo.com;worker-src www.tiktok.com/business/sw.js www.tiktok.com/creator/worker/ www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/help/sw.js www.tiktok.com/live/creator-networks/pdf.worker.min.js www.tiktok.com/live/static/player-worker/ www.tiktok.com/risk-appeal-ocr/BlinkCardWasmSDK.worker.min.js www.tiktok.com/series/worker/ www.tiktok.com/sw.js
content-type
text/html; charset=utf-8
date
Sun, 10 Nov 2024 03:25:54 GMT
expires
Sun, 10 Nov 2024 03:25:54 GMT
pragma
no-cache
reporting-endpoints
csp-endpoint="https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server
TLB
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=162 inner; dur=151
x-akamai-request-id
e740ee.19328838
x-cache
TCP_MISS from a23-36-161-26.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-02978ab5588da6405be9084889a03f78) (-)
x-cache-remote
TCP_MISS from a23-46-157-155.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-02978ab5588da6405be9084889a03f78) (-)
x-origin-response-time
163,23.46.157.155
x-parent-response-time
250,23.36.161.26
x-pumbaa-web-avail
1
x-tt-logid
20241110032553A1AB221D419DBCBB10EC
x-tt-trace-host
01fe75e5e02a62fee538f8daf82e56f1e66181ab1fa03f8cb1d8b83c076329b19d292c8ad9f0c225ad6477fb7c218f0a749e58538d26ed090caaff26e1eb7d2a2dca31f67dc55e6756148d5bf119ce30eb1b648694619e3ac14709de7123aca5e5bba7032d4b3900ff8cf22b21db699f7d
x-tt-trace-id
00-241110032553A1AB221D419DBCBB10EC-35BAFB697FFB1C92-00
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
truncated
/ Frame 68E6 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5627593dfdcee05df1c67367479100ccd75ba5e075c16d11589823852fb5f06f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
anonymous
events.framer.com/ 		0
380 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-68.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://petunia.fun/

Response headers

x-amz-apigw-id
BAsmbEcLIAMEAMQ=
x-amzn-trace-id
Root=1-673027c2-5e26b1ea4697f7dd3513e78e;Parent=541472b70366efe0;Sampled=0;Lineage=1:c457ad49:0
x-amzn-requestid
78fe1f72-defa-4256-8702-68e0b110838e
via
1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
UKaflz83sd_jfEe4Pb13InXGuVB2iDjL7Y2RPgAPUCIDGspWB_n8eA==
date
Sun, 10 Nov 2024 03:25:54 GMT
content-type
application/json
x-amz-cf-pop
MUC50-P4
3IgzR9c9owPNVGP5etZMHpiM92k.png
framerusercontent.com/images/ 		61 KB
62 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/images/3IgzR9c9owPNVGP5etZMHpiM92k.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.228.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-65.muc50.r.cloudfront.net
Software
/
Resource Hash
77542aebdc38c20da77e5147c3333c50a9981a49814017ed0e2316fe097fdaca
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://petunia.fun/

Response headers

etag
"f0e592271e3ccc4ba2cee2bf1efbb04d"
age
256053
x-content-type-options
nosniff
x-amzn-requestid
87b0ab38-23f3-451e-b3fa-1dca31a14033
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-hit-layer;desc="EDGE",cdn-rid;desc="NrTH2IQfrPCh_DXhoY8ejzhBqD8Wy13o28NjtOcXetn-rqRyHxeL1w==",cdn-downstream-fbl=2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 04:18:21 GMT
content-type
image/avif
vary
Accept
x-amz-cf-id
NrTH2IQfrPCh_DXhoY8ejzhBqD8Wy13o28NjtOcXetn-rqRyHxeL1w==
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
cache-control
public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-amzn-trace-id
Root=1-672c3f8c-04150dd61c97eea86908a870;Parent=6ea5eefa48e55ff7;Sampled=0;Lineage=1:f456f256:0
referrer-policy
strict-origin-when-cross-origin
via
1.1 1bb53b906296a648bd25a4c81fe43650.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
0
x-amz-cf-pop
MUC50-P5

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| __framer_onRewriteBreakpoints object| animator function| MotionHandoffAnimation function| MotionHasOptimisedAnimation function| MotionHandoffMarkAsComplete function| MotionHandoffIsComplete function| MotionCheckAppearSync function| __framer_importFromPackage object| process object| __framer_events boolean| MotionIsMounted function| __send_framer_event

2 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: ttwid
Value: 1%7CL6R_Bvn54Si7LZGO5A0AMDf_zWH0WRFM44Jp58uybNY%7C1731209154%7Cfb89a48b4e102234fbe2af606a3e26d659178a904b54eff78d03c6ceb226f302
.tiktok.com/ Name: msToken
Value: 4nkmvyCriUoxSNcpZt-88Z-p-8ei3f7mVu6TsscvBy2gfl1DE1qMJp09__euchW-6B6sRJbyNGPd8dRONLUB1hIbCPTIBoQplx2A5Oi0Ewyg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.framer.com
fonts.gstatic.com
framerusercontent.com
petunia.fun
sf16-website-login.neutral.ttwstatic.com
www.tiktok.com
142.250.186.67
18.173.187.68
23.32.238.226
23.36.163.33
2600:9000:2724:9800:d:ada1:a280:93a1
31.43.161.6
54.230.228.65
3f278f5bf4094b5425f8129b2755f4e558211322e82075f56ad47aba26d87c41
5627593dfdcee05df1c67367479100ccd75ba5e075c16d11589823852fb5f06f
62553d159189834af73c9a6264704be5b2bee9a08da66a14768d8e5c6ffd2cdb
77542aebdc38c20da77e5147c3333c50a9981a49814017ed0e2316fe097fdaca
7b738b0b00587044bec9ded6ac2309d4ca0ce26fba18e3729843dea213941b7e
837952667afe5b3e25ecaea19e3884e52add3125525a16d5c513270c9c50a8a9
89e61318afc569842f98ccd196ff7cfbb36ec69bad3af935dd5c7149b494fde4
8c107541703c4d748d507c1827566254c8a950dc913e83f6ec490e5cec3eca0f
a072870691e06b13348f8dd52aac70d734c67571022b0959aee2d2bf0a6c1d8f
a20edd3f63ee1ee9e2a56ad8a54b5f65b72f28767fc2066bd133ca8bfd62578c
a9428e5e5f6c5ede3339114a8be6230e2cc39a2190d03f1092ae93bdaf556891
aa6bea04c17b82a81b0f266122b52c9bc8a0319a2717eefddd06cfa92ca4541e
c0b263435294af8e3e65a461834c058322206961c2745a7dc546f7c776b88dd4
dc15d2dbaaafa80d89a77adf365ea3a2a728c8eefc36b9872b06b78d7d919b49
e273bc3c757680c3b0bc6db61532bc9dc3a6342232766b472150e326b3c40b18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef6e6d9afcc1427c078b3130980287a1635d97b88fda9c6dbafc926102f7e3e0