urlscan.io logo urlscan.io
SecurityTrails logo

h6ws.tiktokworld.com Open in urlscan Pro
104.21.235.166  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://notification.walmartcard.top/0.5752774665720255
Effective URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRed...
Submission: On October 26 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 9 domains to perform 33 HTTP transactions. The main IP is 104.21.235.166, located in and belongs to CLOUDFLARENET, US. The main domain is h6ws.tiktokworld.com.
TLS certificate: Issued by E6 on October 11th 2024. Valid for: 3 months.
This is the only time h6ws.tiktokworld.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 104.21.1.180 13335 (CLOUDFLAR...)
2 104.21.235.166 13335 (CLOUDFLAR...)
13 172.67.129.176 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 172.67.219.157 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 104.21.17.25 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
33 16
1    2606:4700:3034::6815:3c31 (United States)

ASN13335 (CLOUDFLARENET, US)
notification.walmartcard.top
2    104.21.1.180 (None, )

ASN13335 (CLOUDFLARENET, US)
t.y1h1.com
2    104.21.235.166 (None, )

ASN13335 (CLOUDFLARENET, US)
h6ws.tiktokworld.com
13    172.67.129.176 (United States)

ASN13335 (CLOUDFLARENET, US)
rs.y1h1.com
t.y1h1.com
1    2607:f8b0:400d:c07::67 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:400d:c0e::8b (Morganton, United States)

ASN15169 (GOOGLE, US)
translate.google.com
1    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:400d:c0e::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    172.67.219.157 (United States)

ASN13335 (CLOUDFLARENET, US)
pushservice.xyz
1    2607:f8b0:400d:c07::66 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:400d:c0c::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    2607:f8b0:400d:c07::68 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    104.21.17.25 (None, )

ASN13335 (CLOUDFLARENET, US)
rs.pushservice.xyz
1    2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 y1h1.com
t.y1h1.com — Cisco Umbrella Rank: 79152
rs.y1h1.com
43 KB
4 pushservice.xyz
pushservice.xyz — Cisco Umbrella Rank: 557116
rs.pushservice.xyz — Cisco Umbrella Rank: 557224
33 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
225 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
translate.google.com — Cisco Umbrella Rank: 1139
30 KB
2 tiktokworld.com
h6ws.tiktokworld.com
13 KB
1 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 941
74 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
101 KB
1 walmartcard.top
notification.walmartcard.top
723 B
33 9
Domain Requested by
12 rs.y1h1.com h6ws.tiktokworld.com
rs.y1h1.com
3 www.gstatic.com www.google.com
www.gstatic.com
3 t.y1h1.com notification.walmartcard.top
rs.y1h1.com
2 rs.pushservice.xyz h6ws.tiktokworld.com
2 pushservice.xyz rs.y1h1.com
2 www.google.com h6ws.tiktokworld.com
www.gstatic.com
2 h6ws.tiktokworld.com
1 fonts.gstatic.com h6ws.tiktokworld.com
1 translate.googleapis.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com rs.y1h1.com
1 translate.google.com rs.y1h1.com
1 notification.walmartcard.top
33 13

This site contains links to these domains. Also see Links.

Domain
t.y1h1.com
Subject Issuer Validity Valid
walmartcard.top
WE1		 2024-08-28 -
2024-11-26		 3 months crt.sh
y1h1.com
E6		 2024-10-23 -
2025-01-21		 3 months crt.sh
tiktokworld.com
E6		 2024-10-11 -
2025-01-09		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
pushservice.xyz
E6		 2024-10-25 -
2025-01-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Frame ID: B7C27C9343045A135BC018B8281C08A1
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9oNndzLnRpa3Rva3dvcmxkLmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=gzixzevcid7w
Frame ID: 1BEE23CBFADB7C41FBE24BD523AD9D5D
Requests: 1 HTTP requests in this frame

Frame: https://rs.y1h1.com/ipp.css
Frame ID: D9E78F60A69C60D530F76D4EB07F9563
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 241AD87F92F2927ABE3BA7F440A44000
Requests: 1 HTTP requests in this frame

Frame: https://rs.y1h1.com/ipp.css
Frame ID: 2B22F6303472D3C825EE392EE8D0124C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Message

Page URL History Show full URLs

  1. http://notification.walmartcard.top/0.5752774665720255 HTTP 307
    https://notification.walmartcard.top/0.5752774665720255 Page URL
  2. https://t.y1h1.com/visit/5dd52311c42c2d00062e5da8?domain=notification.walmartcard.top&path=%2F0... Page URL
  3. https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link[^>]+recaptcha
  • /recaptcha/api\.js

Page Statistics

33
Requests

97 %
HTTPS

64 %
IPv6

9
Domains

13
Subdomains

16
IPs

2
Countries

520 kB
Transfer

1403 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://notification.walmartcard.top/0.5752774665720255 HTTP 307
    https://notification.walmartcard.top/0.5752774665720255 Page URL
  2. https://t.y1h1.com/visit/5dd52311c42c2d00062e5da8?domain=notification.walmartcard.top&path=%2F0.5752774665720255&error=404 Page URL
  3. https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://notification.walmartcard.top/0.5752774665720255 HTTP 307
  • https://notification.walmartcard.top/0.5752774665720255

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0.5752774665720255
notification.walmartcard.top/
Redirect Chain
  • http://notification.walmartcard.top/0.5752774665720255
  • https://notification.walmartcard.top/0.5752774665720255
292 B
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://notification.walmartcard.top/0.5752774665720255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3c31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8d875f60ee5943e0-EWR
content-encoding
br
content-type
text/html
date
Sat, 26 Oct 2024 03:31:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N7WcYqrtfjJoNMoBQE37zbWsb0SXGVWXr%2F74GbXuhRqLOMieycjKRiF%2FrwatYIu7%2FPfzeAD9wqCntmJhePLF8FGQzinm304I0qcjidTy3C7qpnUnbWU4dxlfhStLX4YGkGX5ZXy0FXphdfymnoYq6Mgsqhg4DpbftXA6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=20029&sent=8&recv=8&lost=0&retrans=0&sent_bytes=3919&recv_bytes=2312&delivery_rate=243407&cwnd=255&unsent_bytes=0&cid=53322d1b9bcf6e81&ts=320&x=0"

Redirect headers

Location
https://notification.walmartcard.top/0.5752774665720255
Non-Authoritative-Reason
HttpsUpgrades
5dd52311c42c2d00062e5da8
t.y1h1.com/visit/ 		341 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.y1h1.com/visit/5dd52311c42c2d00062e5da8?domain=notification.walmartcard.top&path=%2F0.5752774665720255&error=404
Requested by
Host: notification.walmartcard.top
URL: https://notification.walmartcard.top/0.5752774665720255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c28282f797e17d4fb00bbd847102b6f164497bbfb21eb15cec93325bb87916

Request headers

Referer
https://notification.walmartcard.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
cf-cache-status
DYNAMIC
cf-ray
8d875f6439fca23b-YYZ
content-length
341
date
Sat, 26 Oct 2024 03:31:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
refresh
0;URL=https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1bL9V18CL%2BosUcsQfe1INBzfVedKEYW%2FSunaV%2FHCvjd2WimP6oN8474bznG30lV3y15BE3ZIcFEL0xn%2FOBU792ISnDm0tV5y40B31Dhv9HiZNuAqpH%2Fv75xc8%2Bax"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=4734&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3862&recv_bytes=2376&delivery_rate=2302839&cwnd=251&unsent_bytes=0&cid=b73d5c36cf6d40d3&ts=324&x=0"
Primary Request loading.html
h6ws.tiktokworld.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.166 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83eb5b071e5beb9fb2cdbc4c91a5030f11347fff0dd1a4bcb7175e9d0bae4401

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
cf-cache-status
DYNAMIC
cf-ray
8d875f686b78ac9f-YYZ
content-encoding
br
content-type
text/html
date
Sat, 26 Oct 2024 03:31:18 GMT
last-modified
Mon, 18 Oct 2021 21:16:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oIzek%2BWoWmEefuicPZ%2BbmOPCl2s41%2F2EJKnGGtZQZ0eSv7u502Zm40iKF%2FtxSPi%2BaOcIAO69DQxZA6Qqve%2B6pyyXzOz3gqzvsZoF4oHo3mXMH%2BCnaJ3F9wL2l%2BjN%2FjFV2dMgmAuu6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=8230&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4120&recv_bytes=2420&delivery_rate=1082684&cwnd=254&unsent_bytes=0&cid=996c6110dc3575fa&ts=321&x=0"
vary
Accept-Encoding
favicon.ico
t.y1h1.com/ 		66 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://t.y1h1.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.1.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxxRJypuJjWKc6l5%2FGAc1nIFTQqUknUFmr34Z6qeDbYfjVk0gm%2Bs92aVzO1H3Sk8fs%2Bs7xgvQrCFfkDOh8BOppsToGP9waoqllwHLAdwkIP5KZWWr%2BPWN4cAZZq3"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f665b95a23b-YYZ
server-timing
cfL4;desc="?proto=TCP&rtt=4375&sent=11&recv=11&lost=0&retrans=0&sent_bytes=5394&recv_bytes=2590&delivery_rate=2354838&cwnd=254&unsent_bytes=0&cid=b73d5c36cf6d40d3&ts=532&x=0"
date
Sat, 26 Oct 2024 03:31:18 GMT
content-type
image/x-icon
last-modified
Fri, 10 Nov 2023 11:55:18 GMT
server
cloudflare
recaptcha.css
rs.y1h1.com/ 		31 B
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/recaptcha.css
Requested by
Host: h6ws.tiktokworld.com
URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e33546fa7891764ba7ae3402a1a46afd831d3e84496d7fb4b70e5cb057e5767

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
MISS
etag
"5dc0edfb-1f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EyXTZMS4UbdVQjhGXjqpCZBkOI9R2twv26FhSAZmBmMg374Py2vYwKVsS6eQGOYeGTEomycPL7Q1X7MnNqnmJXjt%2FHUEJGwfeWAC5Nh29VOrEmWdCpLSmLRGjoJ4GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 15:31:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=2231&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3863&recv_bytes=2561&delivery_rate=2187812&cwnd=254&unsent_bytes=0&cid=7172f1831ce92120&ts=293&x=0"
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2019 03:35:23 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
cf-ray
8d875f6bc98da247-YYZ
accept-ranges
bytes
content-length
31
server
cloudflare
common.js
rs.y1h1.com/ 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/common.js
Requested by
Host: h6ws.tiktokworld.com
URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecfa449cbb48255f0ece7b436e2015299b9e6adceb9f4df863a9ce36eab71278

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6214ae9e-42fe"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uyg0Dd6V15Wi3oB73BPA9ZfgYfNY4aXarovp%2BZnBAFM5Ekq%2B%2FDo9ic1EINhSDc2gC9fWyj9ExgMJISNU4DKRr3EXN0iuQhhvQxDnVAD6XZOYqNbkWc6CER0tqrW9bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f6bc998a247-YYZ
expires
Sat, 26 Oct 2024 15:31:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=2010&sent=23&recv=16&lost=0&retrans=0&sent_bytes=13480&recv_bytes=2561&delivery_rate=6840409&cwnd=257&unsent_bytes=0&cid=7172f1831ce92120&ts=304&x=0"
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
application/javascript
last-modified
Tue, 22 Feb 2022 09:36:30 GMT
vary
Accept-Encoding
server
cloudflare
load.js
rs.y1h1.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/load.js
Requested by
Host: h6ws.tiktokworld.com
URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda9e1ca8b96059ca3ed3cdd8f1e6822a8ef23604293b1cb914117caa5371d94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6311dce6-1b90"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kL%2F7CrBbhejB5ZYwlyHLCODbAOBG70vposklEUSDPjLYMKMOB38rWkAjBQ8pRlx8nA9CPCYjfBT2ymU2PB8l4QtOk1xTY%2Bo%2Fcg96sdPr27D14LMR0HZZLJHDzXlAoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f6bc996a247-YYZ
expires
Sat, 26 Oct 2024 15:31:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=2231&sent=18&recv=9&lost=0&retrans=0&sent_bytes=9624&recv_bytes=2561&delivery_rate=2187812&cwnd=254&unsent_bytes=0&cid=7172f1831ce92120&ts=295&x=0"
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
application/javascript
last-modified
Fri, 02 Sep 2022 10:37:26 GMT
vary
Accept-Encoding
server
cloudflare
backbutton.js
rs.y1h1.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/backbutton.js
Requested by
Host: h6ws.tiktokworld.com
URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41e9f9514444fbf97421e59d1fe250d2999da2f96657379a41b681a2a000b824

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"61d46677-12d0"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHFsuDyUKLgd7%2Fn2k5tH7M4RzQiZYkzrhcxtoV0xM6zjvqozp1VorE8NBN78XpVwBl6juNww8LlWeuNZdE2gbRcNPe3f5BFCvU8AeMNm4CUbeIdw%2BhiErjy0IP6y5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f6bc993a247-YYZ
expires
Sat, 26 Oct 2024 15:31:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=2231&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4693&recv_bytes=2561&delivery_rate=2187812&cwnd=254&unsent_bytes=0&cid=7172f1831ce92120&ts=294&x=0"
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
application/javascript
last-modified
Tue, 04 Jan 2022 15:23:35 GMT
vary
Accept-Encoding
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y
Requested by
Host: h6ws.tiktokworld.com
URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c07::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5bb177eb1b4916696b4147bfd2f7e12ab131ea17aafa78f2098ba54067693dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 03:31:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sat, 26 Oct 2024 03:31:19 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
checkbot.js
rs.y1h1.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/checkbot.js
Requested by
Host: h6ws.tiktokworld.com
URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b11e955ad96caa642a0b963217b7a9e81c66ca8bcf0fe15b8ef0ea0d565d31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6222c2ff-1fef"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8Lb2D311bFJq7cxd%2FnDW%2Boesvo73Dhny2lwQxyYgY7qorn95IrePHlQ6O3eDRX0P58Li93VDbOpSuj3bY8vNDI%2FYZBM%2FYcdFnj%2BOhDuf12OyHmVYGjVhHHSLrGU%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f6bc992a247-YYZ
expires
Sat, 26 Oct 2024 15:31:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1973&sent=31&recv=18&lost=0&retrans=0&sent_bytes=21627&recv_bytes=2561&delivery_rate=6840409&cwnd=257&unsent_bytes=0&cid=7172f1831ce92120&ts=307&x=0"
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
application/javascript
last-modified
Sat, 05 Mar 2022 01:55:11 GMT
vary
Accept-Encoding
server
cloudflare
copy.js
rs.y1h1.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/copy.js
Requested by
Host: h6ws.tiktokworld.com
URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29daea46fd37a5f226b28e122dbfe919646b40a1aeeb5f3318a12d375bb11b2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6308a3c6-ea8"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAJcy7pvWbZtIEG9bLGFx2x8bczWjNj%2FdhkWIBKzXlg%2B40DHrlIGnacmCVg9VFggcvSw9aEga3am5%2FX9OQlXJ01fmGtB1t1lCS5qC4ohHzy6eU%2FXqZrIlCaXp%2B9ojg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f6bc991a247-YYZ
expires
Sat, 26 Oct 2024 15:31:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=2231&sent=14&recv=9&lost=0&retrans=0&sent_bytes=7415&recv_bytes=2561&delivery_rate=2187812&cwnd=254&unsent_bytes=0&cid=7172f1831ce92120&ts=294&x=0"
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
application/javascript
last-modified
Fri, 26 Aug 2022 10:43:18 GMT
vary
Accept-Encoding
server
cloudflare
ipp.js
rs.y1h1.com/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/ipp.js
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5785e76d9db9a9939766fd12e099ce0f37e5f99f60ab408794b746776287cd53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"61d10fcd-32a0"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2B7VAwx0nGVhQ7hxE%2FLcGXeMKdNDEy3k77NC9EKPhLokxtWuqZC7u3dzBUdR3AYpTOoi9Hs3I3sKd%2FEhv8g23JBcEJJ1tMgK5MVJRWDS0xZqJqqihbcxTrusPWLgJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f6dcb0ba247-YYZ
expires
Sat, 26 Oct 2024 15:31:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=3065&sent=44&recv=24&lost=0&retrans=0&sent_bytes=27530&recv_bytes=2923&delivery_rate=6840409&cwnd=257&unsent_bytes=0&cid=7172f1831ce92120&ts=613&x=0"
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
application/javascript
last-modified
Sun, 02 Jan 2022 02:37:01 GMT
vary
Accept-Encoding
server
cloudflare
push.js
rs.y1h1.com/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/push.js
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c178f126914823c68206687d0d4dc373420df2911d4d108ade20f29d08c8e222

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"61d4671f-2950"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Md8wOit71z6VV6b%2BHDU0UxL15cF35VA3gNBf8j4VmshuqCJEeQKAMgf6Vz3Q7uFePnrDFVldwmilLhV4GaC0IOkl9KRNB7RptW%2FMV1UMaUVKb77J%2B1IR7inDLNMRwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f6e0b49a247-YYZ
expires
Sat, 26 Oct 2024 15:31:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=2696&sent=54&recv=27&lost=0&retrans=0&sent_bytes=35059&recv_bytes=2923&delivery_rate=6840409&cwnd=257&unsent_bytes=0&cid=7172f1831ce92120&ts=668&x=0"
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
application/javascript
last-modified
Tue, 04 Jan 2022 15:26:23 GMT
vary
Accept-Encoding
server
cloudflare
trans.css
rs.y1h1.com/ 		398 B
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/trans.css
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4613586d6a54831fe1614d2eecb103c9ecc7bfcf1b051a7f79829dccc21c59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"63e622b9-18e"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Cst4jenJlajPyaBmSUrL75d0bk49sfeUgJhkXGk81mYKM9zyxOfcD4WhkGMJesyRigCa0mcdSMvoFslCJkHM%2FyQ2cWDhJuXGoeNDLqnJK%2BX8OvLWN7VGNfnV9U3kg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f6dcb0ea247-YYZ
expires
Sat, 26 Oct 2024 15:31:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=3226&sent=41&recv=23&lost=0&retrans=0&sent_bytes=26873&recv_bytes=2923&delivery_rate=6840409&cwnd=257&unsent_bytes=0&cid=7172f1831ce92120&ts=607&x=0"
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
text/css
last-modified
Fri, 10 Feb 2023 10:55:53 GMT
vary
Accept-Encoding
server
cloudflare
trans.js
rs.y1h1.com/ 		337 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/trans.js
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d5fa481d5589bf9eb0efe7b8685c3159c5475a05f9bd0a743c5257fe4f7a68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"60837b56-151"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMgDxLs9LruNN%2Bphdea85ZzOnqrgiAg2CkEiwA6RIv2Gh9PFHF739lQndLiEazaRRgTIaY8%2BX9chZv0CXCTD2vgzQyXS%2BX0tZITenm1qpOTVsTf%2F6elTUD9lGqcaxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f6e0b4aa247-YYZ
expires
Sat, 26 Oct 2024 15:31:19 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=2779&sent=51&recv=26&lost=0&retrans=0&sent_bytes=34360&recv_bytes=2923&delivery_rate=6840409&cwnd=257&unsent_bytes=0&cid=7172f1831ce92120&ts=646&x=0"
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
application/javascript
last-modified
Sat, 24 Apr 2021 01:58:46 GMT
vary
Accept-Encoding
server
cloudflare
element.js
translate.google.com/translate_a/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::8b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e5303f618ea710ca38fa09ddefa2eb194c573161bc805f7e9651ecfc150f78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 03:31:19 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		293 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-37GE99Q100
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
795e856acc8796bec01c2d7ea73436807729e1d36579ced0bbf5b33383a7a887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 26 Oct 2024 03:31:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102626
x-xss-protection
0
server
Google Tag Manager
recaptcha__en.js
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 		544 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://h6ws.tiktokworld.com
Referer

Response headers

content-encoding
gzip
age
203321
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 19:02:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 19:02:38 GMT
last-modified
Mon, 14 Oct 2024 18:32:27 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220736
x-xss-protection
0
server
sffe
update
t.y1h1.com/ 		2 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.y1h1.com/update?eventSub3=view&event3=1
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LWSrrAaZdtw73jZ%2BaEg6Fnz7kuDRPQ2DYgm9fexy%2Bbtb5Y5NGp8x7buOWS4BXs7r2%2F4e%2Fk%2Fk46VRKrYI6%2Ft6uFwwiSVJSB8Td1%2FXEa1bTEaSY7%2Bh1Vqv58JWRE8"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f6e0b4ca247-YYZ
access-control-allow-origin
https://h6ws.tiktokworld.com
server-timing
cfL4;desc="?proto=TCP&rtt=1956&sent=38&recv=21&lost=0&retrans=0&sent_bytes=26275&recv_bytes=2923&delivery_rate=6840409&cwnd=257&unsent_bytes=0&cid=7172f1831ce92120&ts=539&x=0"
content-length
2
date
Sat, 26 Oct 2024 03:31:19 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
msg
pushservice.xyz/code/ 		476 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushservice.xyz/code/msg
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/ipp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.219.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc92a0e81ac6662712d929a48adf9c31639f4af84ab56a2e11336be7e88bc0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BwVn%2FfRMob4X6KNe8xLc862nV2YTTI%2B1KdZqb%2FvB1m7NxAyfV8e8PeqtsUCCYnQRvHbvI24yTS%2FfRBy9gkcQhgdg0PHkeJ%2FS%2F%2B1J9YNdFk49ZctXNM3TPuIDuBn4Po1fsMo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f713bbdaad3-YYZ
access-control-allow-origin
https://h6ws.tiktokworld.com
server-timing
cfL4;desc="?proto=TCP&rtt=4205&sent=8&recv=10&lost=0&retrans=0&sent_bytes=4091&recv_bytes=2189&delivery_rate=1870196&cwnd=252&unsent_bytes=0&cid=f1ca6f09e2d1c1a4&ts=297&x=0"
date
Sat, 26 Oct 2024 03:31:20 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
msg
pushservice.xyz/code/ 		451 B
727 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushservice.xyz/code/msg
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/ipp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.219.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1699c1d3aaf6d9f5387814fd31d7b3073b7df89d0e4eaeeaaccb264c66ca71f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QIgdfB%2FOwqkCT5gUccxrG0Zz4tWl1tn%2Fm3VQBUk3A2ohb1Mtnbo%2BQ%2BFMnqzb4Wpe6XIoyr4K8rtib9VQD1CmJd%2B%2FTIA98C0C%2FgoSDwSROI9xahGLHE3s76zoBLmHdYs%2BGEk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f72fd5caad3-YYZ
access-control-allow-origin
https://h6ws.tiktokworld.com
server-timing
cfL4;desc="?proto=TCP&rtt=3961&sent=12&recv=12&lost=0&retrans=0&sent_bytes=5246&recv_bytes=2246&delivery_rate=1944937&cwnd=255&unsent_bytes=0&cid=f1ca6f09e2d1c1a4&ts=491&x=0"
date
Sat, 26 Oct 2024 03:31:20 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
cloudflare
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100&gtm=45je4ao0v870547343za200&_p=1729913479681&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925628&cid=197312228.1729913480&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729913479&sct=1&seg=0&dl=https%3A%2F%2Fh6ws.tiktokworld.com%2Floading.html%3Fvid%3D1729913477-xgJQir%26utm_medium%3Dnotification.walmartcard.top%26utm_source%3DWebSiteRedirect%26utm_campaign%3D0_WebSiteRedirect%26br%3D0%26sp%3D1%26iw%3DFalse%26checked%3D0%26ipp%3D2%26trans%3D1%26timeout%3D5000&dt=Message&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1604
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-37GE99Q100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://h6ws.tiktokworld.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 26 Oct 2024 03:31:20 GMT
content-type
text/plain
server
Golfe2
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.-9i0yFIS0lc.O/am=DgY/d=1/rs=AN8SPfq8YPF3k92FmQ8VGW_-SaUVY2evqw/m=el_conf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
123409
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 17:14:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 17:14:30 GMT
last-modified
Thu, 04 Apr 2024 07:26:25 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
4144
x-xss-protection
0
server
sffe
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.-9i0yFIS0lc.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfotOoSXHjrYB2vjJ2HCSyxFvN6T6A/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.-9i0yFIS0lc.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfotOoSXHjrYB2vjJ2HCSyxFvN6T6A/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.-9i0yFIS0lc.O/am=DgY/d=1/rs=AN8SPfq8YPF3k92FmQ8VGW_-SaUVY2evqw/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3190d1a22e39e6234e4214f530c7824657d63e2451952c66a828bc851e845ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
57980
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options
nosniff
expires
Sat, 25 Oct 2025 11:25:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 11:25:00 GMT
last-modified
Wed, 23 Oct 2024 19:11:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="rosetta"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges
bytes
access-control-allow-origin
*
content-length
75663
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame 1BEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9oNndzLnRpa3Rva3dvcmxkLmNvbTo0NDM.&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=gzixzevcid7w
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c07::68 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YqrA5MUH2sCQcF_2b6lIFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YqrA5MUH2sCQcF_2b6lIFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Oct 2024 03:31:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
ipp.css
rs.y1h1.com/ Frame D9E7 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/ipp.css
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/ipp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed21ec511f4fd86ca495efc2791f74f5b5a1825b710ada52c0f3ffcbe23381ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"60a256dd-de9"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPXTzu9BIRfPlc25%2FludDCKfnRWgxOY3iryHSUM2vFl4cQwCHnCpiK2skp4LxbrLj%2BnO%2BcZJks9zMIB3GRHwM79P9ZO0DjiRv2ZlYTHp1rN3jtO766B8RgYyz%2BqQuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f731858a247-YYZ
expires
Sat, 26 Oct 2024 15:31:20 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=2557&sent=60&recv=30&lost=0&retrans=0&sent_bytes=41012&recv_bytes=2981&delivery_rate=6840409&cwnd=257&unsent_bytes=0&cid=7172f1831ce92120&ts=1471&x=0"
date
Sat, 26 Oct 2024 03:31:20 GMT
content-type
text/css
last-modified
Mon, 17 May 2021 11:43:25 GMT
vary
Accept-Encoding
server
cloudflare
5ce8d8ab42aa907ad91442822348d1ff5eb9bf65.jpeg
rs.pushservice.xyz/gm/ Frame D9E7 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.pushservice.xyz/gm/5ce8d8ab42aa907ad91442822348d1ff5eb9bf65.jpeg
Requested by
Host: h6ws.tiktokworld.com
URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50bd736d3a88e924ae9d662386e56d35624e3dbe01063a620aae8efc0a24623c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
MISS
etag
"60990bbc-18d9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNWLbZyqJWXn7OzEB%2BPBPEVc243xHPJZUHaloj85rrIXXS0Hz1TDBqSmiuCbFy%2BjS%2B47SmrlC4VIaCtq6NynRjjmNg1ZAVuehk5f9b63twF0mEKyyg%2BEWABqZmFhAiTs5k4bMPI%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 25 Nov 2024 03:31:20 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=5049&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4089&recv_bytes=2323&delivery_rate=1402946&cwnd=254&unsent_bytes=0&cid=fbe5dab818f0f4bf&ts=487&x=0"
date
Sat, 26 Oct 2024 03:31:20 GMT
content-type
image/jpeg
last-modified
Mon, 10 May 2021 10:32:28 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
cf-ray
8d875f75ebe03a0b-YYZ
accept-ranges
bytes
content-length
6361
server
cloudflare
truncated
/ Frame 241A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: h6ws.tiktokworld.com
URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
203123
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 19:05:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 19:05:57 GMT
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
3340
x-xss-protection
0
server
sffe
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/m=el_main_css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0e::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DgY/d=0/rs=AN8SPfowAA8SIQKHJetkAleDuiUL98-5fQ/m=el_main_css

Response headers

age
205053
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 18:33:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 18:33:47 GMT
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
content-type
image/png
vary
Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1842
x-xss-protection
0
server
sffe
ipp.css
rs.y1h1.com/ Frame 2B22 		3 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rs.y1h1.com/ipp.css
Requested by
Host: rs.y1h1.com
URL: https://rs.y1h1.com/ipp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed21ec511f4fd86ca495efc2791f74f5b5a1825b710ada52c0f3ffcbe23381ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"60a256dd-de9"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPXTzu9BIRfPlc25%2FludDCKfnRWgxOY3iryHSUM2vFl4cQwCHnCpiK2skp4LxbrLj%2BnO%2BcZJks9zMIB3GRHwM79P9ZO0DjiRv2ZlYTHp1rN3jtO766B8RgYyz%2BqQuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f731858a247-YYZ
expires
Sat, 26 Oct 2024 15:31:20 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=2557&sent=60&recv=30&lost=0&retrans=0&sent_bytes=41012&recv_bytes=2981&delivery_rate=6840409&cwnd=257&unsent_bytes=0&cid=7172f1831ce92120&ts=1471&x=0"
date
Sat, 26 Oct 2024 03:31:20 GMT
content-type
text/css
last-modified
Mon, 17 May 2021 11:43:25 GMT
vary
Accept-Encoding
server
cloudflare
1fd898a425326d0f99c35f50d164cfa17eba203d.png
rs.pushservice.xyz/gm/ Frame 2B22 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.pushservice.xyz/gm/1fd898a425326d0f99c35f50d164cfa17eba203d.png
Requested by
Host: h6ws.tiktokworld.com
URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.25 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8808f57caddcda20d5b0c0cd33e22302c0892314a22b3cec0b825a050eb1e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
MISS
etag
"609913c0-5f52"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pnv98Uz2s50sFMjVoTxwpW71Y4FGD8gaKxqL92pYP5O0mF%2FOKewTGIC1ztTLL3KmzPQvq0h6MRMsCSrlXO40vlkeU74TR9d6rhWWYGvgdz%2Fn8LP8JcfeRxvkdQa6jNa412z2kYY%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 25 Nov 2024 03:31:20 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=4607&sent=14&recv=12&lost=0&retrans=0&sent_bytes=11350&recv_bytes=2323&delivery_rate=3105439&cwnd=257&unsent_bytes=0&cid=fbe5dab818f0f4bf&ts=635&x=0"
date
Sat, 26 Oct 2024 03:31:21 GMT
content-type
image/png
last-modified
Mon, 10 May 2021 11:06:40 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
cf-ray
8d875f75ebe33a0b-YYZ
accept-ranges
bytes
content-length
24402
server
cloudflare
favicon.ico
h6ws.tiktokworld.com/ 		66 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://h6ws.tiktokworld.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.235.166 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3e831628af5a26e9a51d53636e42db46d8d2e7c59e7d2845c988baf1ccd18e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"61dbcde6-1083e"
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hyM5bDTje0MeotRdqxvowQHp0u1%2Fuj9LsqtI4Xw%2BFFf%2B5uV%2BtDuMu%2BinDXHof%2Fs4iPZ%2B2TxvQYcIyPFu166NZOH%2BEnScLrgFUJbjUbZFLgQXIwqkb5B8TQvs0eEmD8dPd%2B3W8Dxq%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d875f78cc5aac9f-YYZ
server-timing
cfL4;desc="?proto=TCP&rtt=9934&sent=12&recv=14&lost=0&retrans=0&sent_bytes=5724&recv_bytes=2639&delivery_rate=1082684&cwnd=257&unsent_bytes=0&cid=996c6110dc3575fa&ts=3217&x=0"
date
Sat, 26 Oct 2024 03:31:21 GMT
content-type
image/x-icon
last-modified
Mon, 10 Jan 2022 06:10:46 GMT
vary
Accept-Encoding
server
cloudflare
verify
t.y1h1.com/recaptcha/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.y1h1.com
URL
https://t.y1h1.com/recaptcha/verify?token=03AFcWeA7CLdKVUPMuFYPzkgTlmJo02oe9DZLtq2Mbgg9YX0jKuqsKBFGMqFSGyOYeFEKlt3gOBIM459Zn3CFpXxMI-rLIN7LQO_fVUMU56rhY3GOS0vaK9xIYJsBPzNQcHdztGhr8pWq5S7UeXEubYU60txHj80siavyjaM2i30ucfUdYlyUw8kq4V2h_ZXY2h47ESqNzIhBT_tgt7oy2Q0R07ak__GLVbwDSdip44paqHCG7eXIEiDMxSmePB2DMuit4Qp8_kif1uUvlxCXZojDOyWUtkNQxpWA6B0wbtH3oxb_Pfeuj-1iVvgZiUbgM6mnP-ccoNSUwPKsdiaLb7esAa_hj9CdgC25B-_7v2hrkboc1I1lFMLk5VZnoQFzlfTuHw-qGdLtKqosc1fRF6jugcz8sA6rI29CsZyFqdyuVuUgy9W931ei3vSiHwQFdXcTBrsH7jwIU39gdOl2JGHOaqT265Ha_VNqbk9xGK7y8YuBQU-XQ8PSLaxc9-CzdNuenMM63juKPS4OufREJ1r1xNt23bW-x_ySwwBEPiXOtmef546u7elJ7YQytN1I1O8DOaeISNPAyDhW3iQtTqcE4LuSvHQ1aN-IPu8kC6aCbLFERPoDQYJtujt6u9kNdslaoGuJV5mRYlLw1H0lqhA3Pknj-f6bSsQwQufMOdOX6pPN_JPr9otu7BpPK5oNFutQ282oqX8uO5MpATW4vnSAGSydV_x1e0wfCrueEkgCZkqGzkyUPa9n4DzVVrImnwybmpPTSsOApB89Cw0_COBa56ABf1xpJX6Wkn4KNeOXtvq2WCoE24-7dbtRsXfy9SjVTXrer6C_cVZk3WHshF3V7blw5ZrM327aS5FO3S31sPritGzYIPPhhC3UHnYDeCW6n_QTN6GxV&vid=1729913477-xgJQir&eventSubField=eventSub9&eventField=event9&botScore=0.5

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| _0xods number| _0xods_ object| _0x35b7 function| _0x1c3c function| fullScreen function| getParam function| getRootDomain function| cors function| copy function| getDate function| recordView string| _0xodr number| _0xodr_ object| _0x4f63 function| _0x219c function| loadFile string| _0xodq number| _0xodq_ object| _0x2e18 function| _0x28a9 number| t object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| _0xodl number| _0xodl_ object| _0x54e3 function| _0x527b string| _0xodn number| _0xodn_ object| _0x256f function| _0x456e string| _0xodu number| _0xodu_ object| _0x55d4 function| _0x3527 function| fetchAd function| addAdIframe function| googleTranslateElementInit string| _0xod8 number| _0xod8_ object| _0x2b1e function| _0x4c86 function| urlBase64ToUint8Array function| sendSubscription function| subscribe object| google_tag_manager object| google_tag_data object| dataLayer function| onYouTubeIframeAPIReady object| gaGlobal function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| recaptcha object| closure_lm_581390 object| closure_lm_688654

7 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ANOXeZxgMApcWXKY7tLhB4L7lw2ECzz9o-X4b1V9wlwiXllTQxRxJSFJVQBEE3_kmpv9ctl5IGqKSoUfmRMz7-k
.y1h1.com/ Name: vid
Value: 1729913477-xgJQir
.y1h1.com/ Name: lv_5dd52311c42c2d00062e5da8
Value: 1729913477-xgJQir
.y1h1.com/ Name: vn_5dd52311c42c2d00062e5da8
Value: 1
h6ws.tiktokworld.com/ Name: googtrans
Value: /auto/en-CA
.tiktokworld.com/ Name: _ga
Value: GA1.1.197312228.1729913480
.tiktokworld.com/ Name: _ga_37GE99Q100
Value: GS1.1.1729913479.1.0.1729913479.0.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://notification.walmartcard.top/0.5752774665720255
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://h6ws.tiktokworld.com/loading.html?vid=1729913477-xgJQir&utm_medium=notification.walmartcard.top&utm_source=WebSiteRedirect&utm_campaign=0_WebSiteRedirect&br=0&sp=1&iw=False&checked=0&ipp=2&trans=1&timeout=5000(Line 8)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
h6ws.tiktokworld.com
notification.walmartcard.top
pushservice.xyz
rs.pushservice.xyz
rs.y1h1.com
t.y1h1.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
t.y1h1.com
104.21.1.180
104.21.17.25
104.21.235.166
172.67.129.176
172.67.219.157
2606:4700:3034::6815:3c31
2607:f8b0:4004:c17::61
2607:f8b0:400d:c07::5e
2607:f8b0:400d:c07::66
2607:f8b0:400d:c07::67
2607:f8b0:400d:c07::68
2607:f8b0:400d:c0c::5f
2607:f8b0:400d:c0e::5e
2607:f8b0:400d:c0e::8b
00c28282f797e17d4fb00bbd847102b6f164497bbfb21eb15cec93325bb87916
1699c1d3aaf6d9f5387814fd31d7b3073b7df89d0e4eaeeaaccb264c66ca71f8
29daea46fd37a5f226b28e122dbfe919646b40a1aeeb5f3318a12d375bb11b2b
2e33546fa7891764ba7ae3402a1a46afd831d3e84496d7fb4b70e5cb057e5767
3b8808f57caddcda20d5b0c0cd33e22302c0892314a22b3cec0b825a050eb1e3
41e9f9514444fbf97421e59d1fe250d2999da2f96657379a41b681a2a000b824
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
50bd736d3a88e924ae9d662386e56d35624e3dbe01063a620aae8efc0a24623c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5785e76d9db9a9939766fd12e099ce0f37e5f99f60ab408794b746776287cd53
5a4613586d6a54831fe1614d2eecb103c9ecc7bfcf1b051a7f79829dccc21c59
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
5e5303f618ea710ca38fa09ddefa2eb194c573161bc805f7e9651ecfc150f78b
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
795e856acc8796bec01c2d7ea73436807729e1d36579ced0bbf5b33383a7a887
83eb5b071e5beb9fb2cdbc4c91a5030f11347fff0dd1a4bcb7175e9d0bae4401
a3e831628af5a26e9a51d53636e42db46d8d2e7c59e7d2845c988baf1ccd18e3
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
afc92a0e81ac6662712d929a48adf9c31639f4af84ab56a2e11336be7e88bc0b
b2b11e955ad96caa642a0b963217b7a9e81c66ca8bcf0fe15b8ef0ea0d565d31
b5bb177eb1b4916696b4147bfd2f7e12ab131ea17aafa78f2098ba54067693dc
c178f126914823c68206687d0d4dc373420df2911d4d108ade20f29d08c8e222
e1d5fa481d5589bf9eb0efe7b8685c3159c5475a05f9bd0a743c5257fe4f7a68
e3190d1a22e39e6234e4214f530c7824657d63e2451952c66a828bc851e845ba
ecfa449cbb48255f0ece7b436e2015299b9e6adceb9f4df863a9ce36eab71278
ed21ec511f4fd86ca495efc2791f74f5b5a1825b710ada52c0f3ffcbe23381ab
eda9e1ca8b96059ca3ed3cdd8f1e6822a8ef23604293b1cb914117caa5371d94