URL: https://preview.webimpression.net/
Submission: On November 28 via api from US — Scanned from US

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 35 HTTP transactions. The main IP is 84.54.183.232, located in Burgas, Bulgaria and belongs to COMNET-AS Comnet Bulgaria Holding Ltd., BG. The main domain is preview.webimpression.net.
TLS certificate: Issued by R10 on November 28th 2024. Valid for: 3 months.
This is the only time preview.webimpression.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 84.54.183.232 29084 (COMNET-AS...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.179.94 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.138.208 13335 (CLOUDFLAR...)
2 31.13.66.35 32934 (FACEBOOK)
35 16
Apex Domain
Subdomains
Transfer
13 webimpression.net
preview.webimpression.net
5 MB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
232 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 415
61 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
212 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
561 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
153 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
2 gstatic.com
fonts.gstatic.com
60 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
31 KB
1 stape.cloud
capig.stape.cloud — Cisco Umbrella Rank: 144046
876 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
79 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
7 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
4 KB
35 13
Domain Requested by
13 preview.webimpression.net preview.webimpression.net
3 www.googletagmanager.com preview.webimpression.net
www.googletagmanager.com
2 www.facebook.com preview.webimpression.net
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com preview.webimpression.net
2 maxcdn.bootstrapcdn.com preview.webimpression.net
1 capig.stape.cloud connect.facebook.net
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 code.jquery.com preview.webimpression.net
1 cdnjs.cloudflare.com preview.webimpression.net
1 cdn.jsdelivr.net preview.webimpression.net
1 fonts.googleapis.com preview.webimpression.net
35 16

This site contains links to these domains. Also see Links.

Domain
sfa-retail.bg
Subject Issuer Validity Valid
preview.webimpression.net
R10
2024-11-28 -
2025-02-26
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
bootstrapcdn.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA
2024-05-04 -
2025-05-04
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
www.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-06 -
2024-12-05
3 months crt.sh
*.google.com
WE2
2024-10-21 -
2025-01-13
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
capig.stape.cloud
WE1
2024-11-26 -
2025-02-24
3 months crt.sh

This page contains 3 frames:

Primary Page: https://preview.webimpression.net/
Frame ID: D571A6EB94DA4CC49993C7026EA24449
Requests: 33 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fpreview.webimpression.net
Frame ID: 6DB7ED21037FD15149EB0529EDCABFAC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-QCP64MM4FF&gacid=1833784091.1732814299&gtm=45je4bk0v9168932265z89177746772za200zb9177746772&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=269904550
Frame ID: B8ADF5F1934571A03D0A9DBA62B2D555
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Дни на отворени врати и представяне на Новия Citroën C3 от 09 - 14 Декември 2024г.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

35
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

16
Subdomains

16
IPs

3
Countries

5550 kB
Transfer

9176 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
preview.webimpression.net/
34 KB
7 KB
Document
General
Full URL
https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
6629ba4917d2d32d8aafccef0a807dd3c962b9c1b793dccfd658f9ef924576c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
7244
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Nov 2024 17:18:15 GMT
ETag
"873d-627f91e5cc480-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 28 Nov 2024 13:32:50 GMT
Server
Apache
Vary
Accept-Encoding
css2
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=El+Messiri&family=Montserrat:wght@400;700&display=swap
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95fdb0fdd24d99a8aba0946e81e25c8b4d4f30c6364e210ab55005dfe8794a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 17:18:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 17:18:15 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 28 Nov 2024 17:18:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style-new.css
preview.webimpression.net/
12 KB
3 KB
Stylesheet
General
Full URL
https://preview.webimpression.net/style-new.css
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
9e16491ee55d76c735a76511c5e252284a43bef35ad9ed6415f9619d50efad64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

Content-Encoding
gzip
ETag
"2f01-627f928da5080-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2614
Keep-Alive
timeout=5, max=99
Date
Thu, 28 Nov 2024 17:18:15 GMT
Last-Modified
Thu, 28 Nov 2024 13:35:46 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
text/css
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"ec3bb52a00e176a7181d454dffaea219"
age
131678
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 17:18:15 GMT
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/07/2024 07:30:56
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
1
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
8663f3fe3c3fbc1cabad4998c117d08f
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8e9c0422fe99f7d1-LAX
access-control-allow-origin
*
cdn-edgestorageid
1108
server
cloudflare
cdn-requestcountrycode
US
signature_pad.umd.min.js
cdn.jsdelivr.net/npm/signature_pad@3.0.0-beta.3/dist/
10 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/signature_pad@3.0.0-beta.3/dist/signature_pad.umd.min.js
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
772ce3bbedf33bcf94d7a40823ec22819bdf15e9233572ad6f00026797f1285e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"2778-fn9Aq4up9AKw4w0VEoVAtkOoFa4"
age
911093
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XBvaze5miMMOjLfxdlgkxg4Vhip3B9Y3ObBGCfZ4L6VyJvjKHA1WqhLnSOOHBskFHkIQspkqvS7w36b0lA%2FqnAkVXejED56z1wt1D%2F%2BSrp4RN5fjxtPLtTKTa9RiaiT3chE3ULne1y8M0mHAShs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Thu, 28 Nov 2024 17:18:15 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220144-FRA, cache-lga21962-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e9c04243fc108ee-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
3422
server
cloudflare
x-jsd-version
3.0.0-beta.3
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

content-encoding
gzip
age
601618
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 18:11:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 18:11:17 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30399
x-xss-protection
0
server
sffe
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/
36 KB
11 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"5869c96cc8f19086aee625d670d741f9"
age
2019942
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 17:18:15 GMT
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/09/2024 17:15:56
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
1
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
7c0d7f896d29ca31c9d3cbdcd833aa24
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8e9c0422ee94f7d1-LAX
access-control-allow-origin
*
cdn-edgestorageid
1109
server
cloudflare
cdn-requestcountrycode
US
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03fa9-4f71"
age
80383
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7IpFM0nUfxngIsI0tRGkWMcF4nVWMD7x1lKH7Yeyqoqh2qj5Vjv3Dpk9RGhOyHHECKTKntEcXXqaex2%2B8SHcU%2FYnbLlDPcOSyK4FsJBtWErkONIMhwYgwFz8eml%2FCsNAI%2BHaicg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 18 Nov 2025 17:18:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 28 Nov 2024 17:18:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:15:37 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e9c042379a59661-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
6451
server
cloudflare
jquery-1.10.2.js
code.jquery.com/
267 KB
79 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.10.2.js
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

content-encoding
gzip
etag
W/"28feccc0-42b2f"
age
2780212
x-cache
HIT, HIT
date
Thu, 28 Nov 2024 17:18:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
7872, 1760
x-served-by
cache-lga21934-LGA, cache-lax-kwhp1940020-LAX
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732814296.783563,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
80743
server
nginx
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

content-encoding
gzip
age
20128
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 11:42:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 11:42:47 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30306
x-xss-protection
0
server
sffe
citroen-logo.png
preview.webimpression.net/images/
2 MB
0
Image
General
Full URL
https://preview.webimpression.net/images/citroen-logo.png
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

ETag
"8d2a8d-626379e3b3100"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9251469
Keep-Alive
timeout=5, max=98
Date
Thu, 28 Nov 2024 17:18:15 GMT
Last-Modified
Wed, 06 Nov 2024 05:16:20 GMT
Content-Type
image/png
Server
Apache
web%20.jpg
preview.webimpression.net/images/
2 MB
2 MB
Image
General
Full URL
https://preview.webimpression.net/images/web%20.jpg
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
54208e4df21da8d1551a49a6a54c281c7c056a3780f58da1934f2f5e6f7084ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

ETag
"2129b1-627ce2a054a80"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2173361
Keep-Alive
timeout=5, max=100
Date
Thu, 28 Nov 2024 17:18:15 GMT
Last-Modified
Tue, 26 Nov 2024 10:18:02 GMT
Content-Type
image/jpeg
Server
Apache
alex%20edit.jpg
preview.webimpression.net/images/mobile/
263 KB
264 KB
Image
General
Full URL
https://preview.webimpression.net/images/mobile/alex%20edit.jpg
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
5d553fea38ab8d9e807184218f6568ba90b38025cff7bddb47aeaef6b3126852

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

ETag
"41de9-627f4e88815c0"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
269801
Keep-Alive
timeout=5, max=100
Date
Thu, 28 Nov 2024 17:18:17 GMT
Last-Modified
Thu, 28 Nov 2024 08:31:27 GMT
Content-Type
image/jpeg
Server
Apache
6-05.jpg
preview.webimpression.net/images/
681 KB
681 KB
Image
General
Full URL
https://preview.webimpression.net/images/6-05.jpg
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
156b34ba56af9890e17f2762ffa1c0e8f3051de2a3f686803053aa3140bcebe5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

ETag
"aa300-627ce2b367780"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
697088
Keep-Alive
timeout=5, max=100
Date
Thu, 28 Nov 2024 17:18:17 GMT
Last-Modified
Tue, 26 Nov 2024 10:18:22 GMT
Content-Type
image/jpeg
Server
Apache
6-02.jpg
preview.webimpression.net/images/
30 KB
30 KB
Image
General
Full URL
https://preview.webimpression.net/images/6-02.jpg
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
05dab4376e1af0b18faa6eaaf9d90e3cf59a279fcb009509491e538c1e46443b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

ETag
"7811-627ce2b367780"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30737
Keep-Alive
timeout=5, max=100
Date
Thu, 28 Nov 2024 17:18:18 GMT
Last-Modified
Tue, 26 Nov 2024 10:18:22 GMT
Content-Type
image/jpeg
Server
Apache
6-04.jpg
preview.webimpression.net/images/
785 KB
785 KB
Image
General
Full URL
https://preview.webimpression.net/images/6-04.jpg
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
2057b2fe7c261363e1904f5d714c8457974f3a87e538ad52d8a2c2eb2e2cc58a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

ETag
"c42ee-627ce2b367780"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
803566
Keep-Alive
timeout=5, max=99
Date
Thu, 28 Nov 2024 17:18:19 GMT
Last-Modified
Tue, 26 Nov 2024 10:18:22 GMT
Content-Type
image/jpeg
Server
Apache
6-07.jpg
preview.webimpression.net/images/
476 KB
476 KB
Image
General
Full URL
https://preview.webimpression.net/images/6-07.jpg
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
163679cae649113366644f81301f7699ff8959f9347be6a6451f7764987dbd0d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

ETag
"76e07-627ce2b367780"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
486919
Keep-Alive
timeout=5, max=99
Date
Thu, 28 Nov 2024 17:18:20 GMT
Last-Modified
Tue, 26 Nov 2024 10:18:22 GMT
Content-Type
image/jpeg
Server
Apache
6-06.jpg
preview.webimpression.net/images/
472 KB
473 KB
Image
General
Full URL
https://preview.webimpression.net/images/6-06.jpg
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
f5357ec5fa7d4f08be0e1ce0e55e25513af920a31cad1b6b39f2d509300bd068

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

ETag
"761b1-627ce2b367780"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
483761
Keep-Alive
timeout=5, max=99
Date
Thu, 28 Nov 2024 17:18:22 GMT
Last-Modified
Tue, 26 Nov 2024 10:18:22 GMT
Content-Type
image/jpeg
Server
Apache
SFA-RETAIL_SF-2_Dealer_BG_White_0822.png
preview.webimpression.net/images/
12 KB
13 KB
Image
General
Full URL
https://preview.webimpression.net/images/SFA-RETAIL_SF-2_Dealer_BG_White_0822.png
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
017aae53269dc9c160cbdfa79bb86ba89215c23fc5f1f68481bb208302807b8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

ETag
"31b0-627ce296cb400"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12720
Keep-Alive
timeout=5, max=99
Date
Thu, 28 Nov 2024 17:18:24 GMT
Last-Modified
Tue, 26 Nov 2024 10:17:52 GMT
Content-Type
image/png
Server
Apache
gtm.js
www.googletagmanager.com/
285 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K888TPPP
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc9ec85e3eb3582b675b92fbdb884807f30ef213a66a2333251e75357c05d5f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 28 Nov 2024 17:18:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 17:18:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101934
x-xss-protection
0
server
Google Tag Manager
6-02.jpg
preview.webimpression.net/images/
30 KB
0
Image
General
Full URL
https://preview.webimpression.net/images/6-02.jpg
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
05dab4376e1af0b18faa6eaaf9d90e3cf59a279fcb009509491e538c1e46443b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

Accept-Ranges
bytes
Content-Length
30737
Date
Thu, 28 Nov 2024 17:18:18 GMT
ETag
"7811-627ce2b367780"
Last-Modified
Tue, 26 Nov 2024 10:18:22 GMT
Content-Type
image/jpeg
Server
Apache
6-09.jpg
preview.webimpression.net/images/
66 KB
66 KB
Image
General
Full URL
https://preview.webimpression.net/images/6-09.jpg
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/style-new.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.54.183.232 Burgas, Bulgaria, ASN29084 (COMNET-AS Comnet Bulgaria Holding Ltd., BG),
Reverse DNS
srv1.webimpression.net
Software
Apache /
Resource Hash
652fe231cd03f146fbe0bb5df8c3c7f4e477bc84efae699fdcc1197ef03b7f87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/style-new.css

Response headers

ETag
"10776-627ce2b367780"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
67446
Keep-Alive
timeout=5, max=100
Date
Thu, 28 Nov 2024 17:18:16 GMT
Last-Modified
Tue, 26 Nov 2024 10:18:22 GMT
Content-Type
image/jpeg
Server
Apache
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v29/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=El+Messiri&family=Montserrat:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
9a6dde39d72bcc6477eaf676d55fda00c5312bd7050d9e4f36e6dc7ca9b9e763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://preview.webimpression.net
Referer
https://fonts.googleapis.com/

Response headers

age
23975
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 10:38:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 10:38:41 GMT
last-modified
Wed, 06 Nov 2024 17:30:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23836
x-xss-protection
0
server
sffe
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=El+Messiri&family=Montserrat:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://preview.webimpression.net
Referer
https://fonts.googleapis.com/

Response headers

age
9475
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 14:40:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 14:40:21 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fpreview.webimpression.net%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1148938944.1732814297&auid=223597144.1732814297&npa=0&gtm=45He4bk0v9177746772za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732814297354&tfd=3186&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K888TPPP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

js
www.googletagmanager.com/gtag/
411 KB
132 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QCP64MM4FF&l=dataLayer&cx=c&gtm=45He4bk0v9177746772za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K888TPPP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6af431b0d3232046a1ee7294e9a032c22606dfaddb9bb992322d4c44bb81c72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 28 Nov 2024 17:18:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 17:18:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134845
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K888TPPP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LktdD36x' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 17:18:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LktdD36x' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=144, rtx=0, c=24, mss=1232, tbw=8210, tp=13, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
hBhJOhbVaZQM2fDUGQulBxPBZBQ/g+ICUgdt5TOL+GF5tGbalMpK03R4gwic7mG1pCI6ZtrOcndiap7bsdmTmA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 6DB7
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fpreview.webimpression.net
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K888TPPP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 17:18:17 GMT
expires
Fri, 28 Nov 2025 17:18:17 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
649588873684844
connect.facebook.net/signals/config/
301 KB
92 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/649588873684844?v=2.9.176&r=stable&domain=preview.webimpression.net&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
b663c5ce59f78e4887f5f2c879e5476575c62cd1d5a7da85db44502fbe3b9378
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-6XvjZOA7' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 17:18:19 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-6XvjZOA7' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=126, rtx=25, c=57, mss=1232, tbw=102530, tp=92, tpl=25, uplat=448, ullat=0
pragma
public
x-fb-debug
E7U/8xLEE0ZpUjJUEsspiiIXU7LyKPohP82QAXPhdkC8bByCM/wORCbhNtSL5VTFbYLyz3KYSGlb+n3mXkp0WQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-QCP64MM4FF&gtm=45je4bk0v9168932265z89177746772za200zb9177746772&_p=1732814295548&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1833784091.1732814299&ecid=1892854031&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&dl=https%3A%2F%2Fpreview.webimpression.net%2F&sid=1732814298&sct=1&seg=0&dt=%D0%94%D0%BD%D0%B8%20%D0%BD%D0%B0%20%D0%BE%D1%82%D0%B2%D0%BE%D1%80%D0%B5%D0%BD%D0%B8%20%D0%B2%D1%80%D0%B0%D1%82%D0%B8%20%D0%B8%20%D0%BF%D1%80%D0%B5%D0%B4%D1%81%D1%82%D0%B0%D0%B2%D1%8F%D0%BD%D0%B5%20%D0%BD%D0%B0%20%D0%9D%D0%BE%D0%B2%D0%B8%D1%8F%20Citro%C3%ABn%20C3%20%D0%BE%D1%82%2009%20-%2014%20%D0%94%D0%B5%D0%BA%D0%B5%D0%BC%D0%B2%D1%80%D0%B8%202024%D0%B3.&en=page_view&_fv=1&_nsi=1&_ss=1&ep.action_source=website&tfd=4536
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QCP64MM4FF&l=dataLayer&cx=c&gtm=45He4bk0v9177746772za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://preview.webimpression.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 17:18:19 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
561 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QCP64MM4FF&cid=1833784091.1732814299&gtm=45je4bk0v9168932265z89177746772za200zb9177746772&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QCP64MM4FF&l=dataLayer&cx=c&gtm=45He4bk0v9177746772za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://preview.webimpression.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 17:18:19 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame B8AD
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-QCP64MM4FF&gacid=1833784091.1732814299&gtm=45je4bk0v9168932265z89177746772za200zb9177746772&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=269904550
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QCP64MM4FF&l=dataLayer&cx=c&gtm=45He4bk0v9177746772za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://preview.webimpression.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 17:18:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
f748635e8a9d7f2252aa23de46d720bde11db02a6e9a777609921b31fdefdd15
capig.stape.cloud/events/
0
876 B
XHR
General
Full URL
https://capig.stape.cloud/events/f748635e8a9d7f2252aa23de46d720bde11db02a6e9a777609921b31fdefdd15
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/649588873684844?v=2.9.176&r=stable&domain=preview.webimpression.net&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://preview.webimpression.net/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7dm7F4bKQvmAR%2FoQLPw3fDch2ekg5MCOvFMs%2F28cP%2BEuDQNw0MbAinAQHWiKxqOxMjn1SvxjL%2Fu0G7fHPV3YXES8f0ZyJBMOFNTi%2B0m%2Br8YPL70yKLrY407ae7eTeXW5L2xEQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8e9c043e8cad1502-LAX
access-control-allow-origin
https://preview.webimpression.net
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=80482&min_rtt=64863&rtt_var=19174&sent=15&recv=12&lost=1&retrans=0&sent_bytes=4277&recv_bytes=4962&delivery_rate=319&cwnd=12000&unsent_bytes=0&cid=3f425ce500424861&ts=504&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 17:18:20 GMT
vary
origin
server
cloudflare
priority
u=1,i
/
www.facebook.com/tr/
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=649588873684844&ev=PageView&dl=https%3A%2F%2Fpreview.webimpression.net%2F&rl=&if=false&ts=1732814299462&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1732814299456.65346003163906817&eid=ob3_plugin-set_ef9fada1e24453485174f1f643fe59facb8134937725cd7de5776b3e027b5c07&ler=empty&cdl=API_unavailable&it=1732814298537&coo=false&tm=1&rqm=GET
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8229, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 17:18:19 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=649588873684844&ev=PageView&dl=https%3A%2F%2Fpreview.webimpression.net%2F&rl=&if=false&ts=1732814299462&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1732814299456.65346003163906817&eid=ob3_plugin-set_ef9fada1e24453485174f1f643fe59facb8134937725cd7de5776b3e027b5c07&ler=empty&cdl=API_unavailable&it=1732814298537&coo=false&tm=1&rqm=FGET
Requested by
Host: preview.webimpression.net
URL: https://preview.webimpression.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://preview.webimpression.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442380745051122006"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 17:18:19 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
LIPI2tqvxwHEnsIG8lPGG/hQZgWiE3AdTnBsAqwdxcdng6I8bgSdFUXpjF63qNcBF8KBhg9i5woN12kFsFRFsA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442380745051122006", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8549, tp=16, tpl=0, uplat=77, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| SignaturePad function| $ function| jQuery function| Popper function| getQueryVariable function| createCookie function| readCookie function| eraseCookie string| c_name function| setModelOptions function| checkForm object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| _fbq_gtm_ids function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime

6 Cookies

Domain/Path Name / Value
.capig.stape.cloud/events/f748635e8a9d7f2252aa23de46d720bde11db02a6e9a777609921b31fdefdd15 Name: cee
Value: SB69XVZy10JQccyMc97RWZ3ADAwom8%2B6v1wuKIn212k%3D.%7B%7D
.webimpression.net/ Name: _gcl_au
Value: 1.1.223597144.1732814297
.webimpression.net/ Name: _ga_QCP64MM4FF
Value: GS1.1.1732814298.1.0.1732814298.60.0.1892854031
.webimpression.net/ Name: _ga
Value: GA1.1.1833784091.1732814299
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.webimpression.net/ Name: _fbp
Value: fb.1.1732814299456.65346003163906817

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
capig.stape.cloud
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
preview.webimpression.net
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google.com
www.googletagmanager.com
104.17.24.14
104.18.10.207
142.251.179.94
172.67.138.208
2001:4860:4802:32::181
2606:4700::6812:ba1f
2607:f8b0:4004:c09::68
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1b::9d
2607:f8b0:4004:c21::5f
2a04:4e42:600::649
31.13.66.19
31.13.66.35
84.54.183.232
017aae53269dc9c160cbdfa79bb86ba89215c23fc5f1f68481bb208302807b8f
05dab4376e1af0b18faa6eaaf9d90e3cf59a279fcb009509491e538c1e46443b
156b34ba56af9890e17f2762ffa1c0e8f3051de2a3f686803053aa3140bcebe5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
163679cae649113366644f81301f7699ff8959f9347be6a6451f7764987dbd0d
2057b2fe7c261363e1904f5d714c8457974f3a87e538ad52d8a2c2eb2e2cc58a
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54208e4df21da8d1551a49a6a54c281c7c056a3780f58da1934f2f5e6f7084ea
5d553fea38ab8d9e807184218f6568ba90b38025cff7bddb47aeaef6b3126852
652fe231cd03f146fbe0bb5df8c3c7f4e477bc84efae699fdcc1197ef03b7f87
6629ba4917d2d32d8aafccef0a807dd3c962b9c1b793dccfd658f9ef924576c7
772ce3bbedf33bcf94d7a40823ec22819bdf15e9233572ad6f00026797f1285e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
95fdb0fdd24d99a8aba0946e81e25c8b4d4f30c6364e210ab55005dfe8794a33
9a6dde39d72bcc6477eaf676d55fda00c5312bd7050d9e4f36e6dc7ca9b9e763
9e16491ee55d76c735a76511c5e252284a43bef35ad9ed6415f9619d50efad64
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b663c5ce59f78e4887f5f2c879e5476575c62cd1d5a7da85db44502fbe3b9378
c6af431b0d3232046a1ee7294e9a032c22606dfaddb9bb992322d4c44bb81c72
dc9ec85e3eb3582b675b92fbdb884807f30ef213a66a2333251e75357c05d5f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5357ec5fa7d4f08be0e1ce0e55e25513af920a31cad1b6b39f2d509300bd068
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1