screen-window.bestchoice1day.com Open in urlscan Pro
52.45.63.199 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://screen-window.bestchoice1day.com/
Submission Tags: @phishunt_io
Submission: On January 04 via api (January 4th 2023, 9:36:48 pm UTC) from DE — Scanned from DE

Summary HTTP 177 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 12 domains to perform 177 HTTP transactions. The main IP is 52.45.63.199, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is screen-window.bestchoice1day.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 4th 2023. Valid for: 3 months.

This is the only time screen-window.bestchoice1day.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	52.45.63.199 52.45.63.199	14618 (AMAZON-AES) (AMAZON-AES)
51	2606:4700:e4:... 2606:4700:e4::ac40:a920	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.193.101.40 44.193.101.40	14618 (AMAZON-AES) (AMAZON-AES)
12	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
37	88.221.92.142 88.221.92.142	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	103.184.124.250 103.184.124.250	149085 (EDATA-AS-...) (EDATA-AS-VN E-DATA TECHNOLOGY SERVICE COMPANY LIMITED)
1	103.184.44.3 103.184.44.3	149648 (FLNTCL-AS...) (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co.)
7	103.184.45.252 103.184.45.252	149648 (FLNTCL-AS...) (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co.)
2	185.146.173.22 185.146.173.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
33	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
177	15

10 52.45.63.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-63-199.compute-1.amazonaws.com

screen-window.bestchoice1day.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700:e4::ac40:a920 (United States)

ASN13335 (CLOUDFLARENET, US)

static.wtecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.193.101.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-101-40.compute-1.amazonaws.com

picker.wtecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 88.221.92.142 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-92-142.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.184.124.250 (Viet Nam)

ASN149085 (EDATA-AS-VN E-DATA TECHNOLOGY SERVICE COMPANY LIMITED, VN)

www.studytienganh.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.184.44.3 (China)

ASN149648 (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co., Ltd., CN)

cdn.wshopon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.184.45.252 (China)

ASN149648 (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co., Ltd., CN)

cdn.hotishop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.146.173.22 (Sweden)

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	wtecdn.net static.wtecdn.net — Cisco Umbrella Rank: 400691 picker.wtecdn.net — Cisco Umbrella Rank: 486107	566 KB
37	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 883	222 KB
33	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	748 B
19	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2261 t.paypal.com — Cisco Umbrella Rank: 3169 c.paypal.com — Cisco Umbrella Rank: 5919 b.stats.paypal.com — Cisco Umbrella Rank: 5647 dub.stats.paypal.com — Cisco Umbrella Rank: 22405 c6.paypal.com — Cisco Umbrella Rank: 7454	352 KB
12	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	950 KB
10	bestchoice1day.com screen-window.bestchoice1day.com	32 KB
7	hotishop.com cdn.hotishop.com — Cisco Umbrella Rank: 93517	6 MB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2124	375 B
2	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 1804	504 KB
1	wshopon.com cdn.wshopon.com — Cisco Umbrella Rank: 126567	196 KB
1	studytienganh.vn www.studytienganh.vn — Cisco Umbrella Rank: 425764	50 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	75 KB
177	12

	Domain	Requested by
51	static.wtecdn.net	screen-window.bestchoice1day.com static.wtecdn.net
37	analytics.tiktok.com	screen-window.bestchoice1day.com analytics.tiktok.com
33	www.facebook.com	screen-window.bestchoice1day.com
12	connect.facebook.net	screen-window.bestchoice1day.com connect.facebook.net
10	www.paypal.com	static.wtecdn.net www.paypal.com
10	screen-window.bestchoice1day.com	screen-window.bestchoice1day.com
7	cdn.hotishop.com	screen-window.bestchoice1day.com
5	c.paypal.com	www.paypal.com c.paypal.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.shopify.com	screen-window.bestchoice1day.com
2	picker.wtecdn.net	static.wtecdn.net
1	c6.paypal.com	screen-window.bestchoice1day.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	t.paypal.com	screen-window.bestchoice1day.com
1	cdn.wshopon.com	screen-window.bestchoice1day.com
1	www.studytienganh.vn	screen-window.bestchoice1day.com
1	www.googletagmanager.com	static.wtecdn.net
177	18

This site contains no links.

Subject Issuer	Validity	Valid
screen-window.bestchoice1day.com ZeroSSL RSA Domain Secure Site CA	`2023-01-04` - `2023-04-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-24` - `2023-06-24`	a year	crt.sh
*.wtecdn.net ZeroSSL RSA Domain Secure Site CA	`2022-12-23` - `2023-03-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
studytienganh.vn RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-10-17` - `2023-11-17`	a year	crt.sh
*.hotishop.com E1	`2022-12-28` - `2023-03-28`	3 months	crt.sh
cdn.shopify.com R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://screen-window.bestchoice1day.com/
Frame ID: 7A426E330D20CF8361E573387B6A0F95
Requests: 166 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFFaG1jS2N6czRlTWtDRWVja01mMVZ0eXFGNkJhUTcwbF85VWRackJVZHRGYzg0TGJHUDNUV19sYTZWZDBYMkZtel9pVmVTTWJMdmxpZ3MiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9odnB3cXhqeXd1YXZiYm5pc2V3eXdmcnFjY3lwenMifX0&clientID=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs&sdkCorrelationID=f982595216474&storageID=uid_6583e0d3b6_mje6mzy6nde&sessionID=uid_1de7cc58ee_mje6mzy6nde&buttonSessionID=uid_5743a66dd0_mje6mzy6nde&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 43F7472DEB835B9F40354EB781CD218F
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 805CC5883ACF4ACF6424635694181E56
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 6CD5E6C0CC2B4D9AF6815E6AD34D4729
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_1de7cc58ee_mje6mzy6nde&s=SMART_PAYMENT_BUTTONS
Frame ID: 6484C68F76E6C9F19A49451496D7C6EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

bestchoice1day - 🔥LAST DAY SALE 70% OFF✨2 In 1 Screen Window Cleaning Brush

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

177
Requests

99 %
HTTPS

36 %
IPv6

12
Domains

18
Subdomains

15
IPs

6
Countries

9368 kB
Transfer

14255 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136

https://b.stats.paypal.com/v2/counter.cgi?p=uid_1de7cc58ee_mje6mzy6nde&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_1de7cc58ee_mje6mzy6nde&s=SMART_PAYMENT_BUTTONS

177 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
screen-window.bestchoice1day.com/ 154 KB
27 KB 406ms
116ms Document
text/html 52.45.63.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.63.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-63-199.compute-1.amazonaws.com

Software

/ Next.js

Resource Hash

24215fda70e7e35e30e256a65ae404f837ead28ed876463d561cf41b1da2518c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, s-maxage=10, stale-while-revalidate=59
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 21:36:40 GMT
etag: "2665f-Q/yiQkSSsMcUk6aqPp8kqJVEzq0"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-powered-by: Next.js

GET
H2 200 e331124dc64673e3.css
static.wtecdn.net/o/h/p/_next/static/css/ 299 KB
41 KB 680ms
608ms Stylesheet
text/css 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/css/e331124dc64673e3.css
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0948965125b8156d9553d86ec365d3b29f72f3b2c9dc6110cfbab63f9fd06b9

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYV0SDDXY3JB3RC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: XlnC737+Nqywf+TRtOiGu6hC8bBpQ1EcDCL2flwzxfZAOgKCN8NiovtN1ULpCdwdV2brdej9100=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"edaefd2d8916d1794c56c0f9962d6d66"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCnGwmhzOKhd%2BVUVu3G5E%2B1vn6iLiiXnERcx%2FzTZvl2Vhhzcwwo6oUpwlg3QW%2BZg5luuEEdzcaBoceXjKRuu%2Fjw6aSpikwuxtE4QjeJ0PDEJXbE7gdAiDgG1EVaFFEgJBtSKjfWI4CS7W%2BAqltV2JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 78471c6bc839bb37-FRA

GET
H2 200 be57e1a4ea0c23f7.css
static.wtecdn.net/o/h/p/_next/static/css/ 14 KB
5 KB 410ms
339ms Stylesheet
text/css 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/css/be57e1a4ea0c23f7.css
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91a92a8fb6d8980c3d228713d52e16f06e41a3cb46f7924a8f10dd69ea0146bc

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYRVTH7VYAQP6HQ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: kVqYKuuJhWVU5GgCtU8u+YBe5hq1RCcazWDF+xCaJb44SEAf7tQZmqXPimGyO64a43JTIs5nrlk=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"5ac83006e9e295bb1761fc8b73f5546b"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eh7ibWtKDw5GLTolz6MMUZKJGNw5IDvYW%2BiYrphy577cS2G7bJEYSTXCtiKEdvXLltV0z2ctX68OS757dZ%2FcnnQZnUyqTJggu9B%2BSd8JBUQYQMJB1c9%2BRr8NuHxODieK2%2F%2FnuPVrXMoVD3FxClKD9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 78471c6bc83cbb37-FRA

GET
H2 200 3766.e7fecb7d271b8c28.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 188 KB
43 KB 638ms
584ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/3766.e7fecb7d271b8c28.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0664c6719c07d27ad6523c531a6a1f3f084ee1d4dbbc1ac828fdb2c696d63994

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYN1953YJ0J2NXJ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygiwIvM60l3YaVuNDoT1IoUvP6GQ2VRGLzFHNYF63YAOTwUqgCByY2kqm9wWjKnCLl6OW7pClTU=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"bfc9e5d006d3d5cfdff36a0c90239540"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHOeStVfkARtxGLa1%2BlqJ%2BcQmjMZCfdgCXP82CGYBLYJQe8m%2FImxDXkeZSCNtNiJZrlhtTVzG4EFfHQouDYx1C0lqygaYVGg%2B6WilFZrBLLA2u737Jhv4smp4HiftiEfdIEhrl62bGNPLIf4WvwTZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6bc83ebb37-FRA

GET
H2 200 7401.0ab5664a516d75b1.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 20 KB
7 KB 294ms
241ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/7401.0ab5664a516d75b1.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a633740824c87e0b24cf48b2d58f44a14ed65bbc8efa5060a99257bb449865

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYJQWTQ950W8F6J
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JvSmtPues068rOaytZGyv7TleaGpLWaCN4dXkyTYRgRTPO5G38eTXWrFZI5+WRZSKweGZCJ+Bmw=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"90cc56b09c5d7c8ee8d3ffee7d15d697"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6shzqRZiIBKjwCEhwT%2BpVPrYCMoL97y5I7EaCj2T42sBLxS93d5VdpqqhAB9StCDr7sOnAhRsmD6GE0LV1pIfnhPyFnNjFYh6VAg4HHDrSxUdiIH%2ByS9qtwSmwUeycQy5S0LZY6a0irmbWAVu0fIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6bc840bb37-FRA

GET
H2 200 webpack-ac508a2936a89eab.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 4 KB
2 KB 299ms
245ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/webpack-ac508a2936a89eab.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6167073a006736695e03b79e5c683f1e8df7fbc05acd2eca8e99304abeed084

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYXPN8KSC17D2AA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: e1RIvdA+AJeKGtzD33EEHiuiZrVwtWtDWPaxKvHeDWw95xAvUVJV8lHSdeZbRvGJ21ay4IxIrgE=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"f11427ce875ec34bef4990fa5eb358fa"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yh2EpZxjU9EPwhrXUiK7b894zsfuphpmjDXhmobhmI7yWwzpFNawHld6pqhDw5SJSe8Qc8%2BzvjX123%2FG%2FHEOH%2BxB0OfdQyL2ZMV1CmzX466Xt86vX%2BR6%2Fqa6Ble523hEvSMH7H998PkRZ%2B1ax%2Bk9Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6bc841bb37-FRA

GET
H2 200 framework-0a661f36f53bb113.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 146 KB
46 KB 635ms
581ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/framework-0a661f36f53bb113.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3492693dae39a4ef411b3914c06a34d8a6be80d52a1d123812eafb79010435a9

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYY5WPC2YN2QR9K
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n3myOFpnRV0WaxG8QoIXeT73yuoVJiSB7rblvS9lslEY1+K50pd3m4YeLybbF5vSyuu7kgrG8bo=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"0ba3c9d60851822798f24f6ef2d7c670"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEOj1CvSlOQli%2BWT30JkmBNS4pMCrbE78V61p0MSizWL9PEPffHnp5L7s5nhYgD0q8Ih3uU%2FEZDf%2FASXDmeeMseK%2BU2zIkvhO1y8W7%2BApqnEUXoCPAq6mNPqMMt6Ipl9KAf7IK9KCc%2BJ9LFVIx31VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6bc844bb37-FRA

GET
H2 200 main-0c2233da421af265.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 98 KB
27 KB 461ms
458ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f11425170f639c7a8f07fe79d3e6392cb8b427d1496887f4e075a7190a5effb6

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYP3Y3EZ4EWDF42
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: CdSqO1RqnGw9XemJzYvf13P/FvlEecDCIcP+mzEVtlu+OIC/Wc7/8eWWj3fJG3ks9f1OF4wct3g=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"ba4abd2a667bebd4a11b337e1d31ef33"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b34w9wrQJ7rDOt%2B9p70pN5s8LLtnKX0p%2BdD408%2BnX76Z1eMSV8CaqvLm6w%2Bc%2BH2X1mgg7YlQYqlu9IEhj2SdSFjj0%2F3XbnxoZsy6PK%2FH3FuBXdXhPjRLJuRxg74IZJFyTNC2uSt8QAVv8JH5qrFWEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18bebb37-FRA

GET
H2 200 _app-6da1140025684618.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/pages/ 125 KB
38 KB 542ms
539ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/pages/_app-6da1140025684618.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d58a1eaf00accf3eece0029a995b6016f44b965b0b7afff4d0971ef3665f2483

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYSN3P1785YP45K
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iHx4P9TWAn+WA7aeBawlJ6TJOrwrh3adKyn04SmN9uvrITahErQtKKkXUzRUZ52ZKRUqe0U7MpY=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"58d8ab03789794e180b9f12fb225ef46"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pII%2FwsXiBP%2ByJxHoHCRW79qLPqumG0dCkrUCH4Uxd2TBSSxSFYHxc4%2FrXeMzuCO%2BAeNT1ZWCmOBQnHlbkHeRe8mBw44T0NmnWOEAbqYzXSJ8aaCmYaS108X9fb5O6Ns7Q4SEq38gy%2FDeJhvfVx9o6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18c0bb37-FRA

GET
H2 200 4411-141cbd8adbf3eb4a.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 12 KB
5 KB 333ms
330ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/4411-141cbd8adbf3eb4a.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d293079f22d443769debc670a716a8c45bdb735ffe18fa8407152b0a0e94c452

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYXNT1B6B7NQT2H
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: tVvfnVhFaD6f+c1MB/f2/I817P3Q1iqPBLg1BFirlcSphR1l4+5JgRegblT0XZy/7ATzhvAXg7E=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"1bdff85fb81da43f3401e74caf9d4564"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39DnlrjCECjMbu4g9b0rwMZhwvJVQEWonzN9S5CFJE%2F64ue2Xge0znFk396sDjiPw6JxLDkG8fES3ILDpULHTkpTXVKWuBZpr5htSr%2BoRCDqf%2F%2Bgc6NtFcFFiUIcIpn0CzAFpf8ixLao2NlAVp%2Fv7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18c3bb37-FRA

GET
H2 200 5675-8a02b40e0ce3e54c.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 10 KB
4 KB 264ms
261ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/5675-8a02b40e0ce3e54c.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe88e213d402183bfba14f8f5305ab931589b977b031511be261b718b7c71cd

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYH45MTWCQ9D61N
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: LHDLQc3WaynAilXd9l9aKSyuvemkbs+ET9kTTOwWcbOtf3Kzs4N78yYHV/DmLNfJxeftP5Ji2rg=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"fb685bf3d89f8500d4e7ff96d336c878"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxybqLQcrkoZ%2FGEgJEnKWB0Oi9psBke3AWJMbohUXQsBt2ibSydZ%2FbSHCMBKxdSoNPeg3Ac8SNGCfm0%2Ft8pJPB68K56RGic4q8KxdTFhaNWGatAlkFi4MNQy4M%2BshKLSo68o0XnueC%2BBTJKIadukMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18c5bb37-FRA

GET
H2 200 7637-37df4f2ec16179b8.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 86 KB
26 KB 448ms
445ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/7637-37df4f2ec16179b8.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e36373848ad01a244112b2eb4cf781d74a7c4d4183125d8ab2f1d0d6473f38

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYHMAN8YZQR4D36
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: qdWsJuh3Az0uw+CsEf12YUBP15ak0KeHc0YzM5ebgsSqvrjLS1WIn3kyDFlmZlIJaFkXzSkIF3E=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"edcb1195679545069654d085234e269f"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz9xQnQK6q35oSGNdUBqGpq2LwQHhAw9FZ67I%2BFSpUV8Ab7dtUv3x9VdfbxsPDzrW75HW605hj%2FZF47JFdP1JpgrImVOO9m7HG4b0vhURL%2BnXqfhDffC%2BRWmJMhaHEV8EW27TQnXJeTVNTZ3Ozj8%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18c6bb37-FRA

GET
H2 200 2705-b8050bbb96e30ba8.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 145 KB
43 KB 538ms
535ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/2705-b8050bbb96e30ba8.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3097b0a8d0e41ca5c5ded7cb246bb18ea66ac111295becfeb806c5f721ad9731

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYH67909B23C037
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: X2AWbcnGJlBzsm9tT5oXjZi0VYcQvB9IFUwBDlfXtynfTayGbafpDIxG4sygit5NoqNzec3EPXE=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"bda18d69ac907c4c4ca3b9166aae4368"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2b%2B2c7nPMDuTH9UJkNxrk2%2BS2Cy7y%2FSGivFQ5h%2B%2BccSm%2BrLnwkg14f7qyfUWJqKEpboyBFRoz9sqLc7lVr7aDuXKkG4IdkehC%2BxYj%2B4V3M3uZrqtmuPIEMD%2BU2hMdvnfPwF3x2vxNbfEC%2Buy8%2BjDew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18c7bb37-FRA

GET
H2 200 341-86ba5aa027e84ac3.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 11 KB
3 KB 254ms
251ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/341-86ba5aa027e84ac3.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b3741516e6ec562692d18ebc8fc9ade39648b67b51f73b853d96e8d669455f

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYZK12NHG5M6PEG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: tsE2pDm7DPQ27X/etGVaIiXowhpfefWf9rG9TL/ea58ZCuQ4wgTfqYKub5cwm50x8z0zqU16oDA=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"69dd0f4712c12b0352f0d808eb4a22e0"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jGIfh1Gw8X2E7bZdcivC%2BV3kj1cSUENDqB7lL3foeAacjT3sjozupUfNIYR%2B%2F0B%2Bwl%2FkGXI9saYliSfwWZO5hX%2BG6Xryg5V5ug8dqmfKC1bUSmWqD8%2BPVdwmQjXJKUQWDVHb2kWhJCQzxZCkCzlow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18c9bb37-FRA

GET
H2 200 5382-774618e5df3240dc.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 9 KB
2 KB 257ms
254ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/5382-774618e5df3240dc.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a607c6c63b759a8c49bcdb3670fcbab3ebf12fcb68a122d0866f479001bb1f2f

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYPY4NRQKMJE546
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HlLvZ2OVGoLA0mJll9jhNhTCaZHY93CdmqDSI6z0H0IHiDjWTCZvjv+LugNbJXuj3W7xrD1lbY0=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"4b34ec769df816ff335a76119ecac73a"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WRjXF57iMyKTkmxs60HIN45Lse3PUov8rFvIoBZ7omcp%2Bz1pIK12YpfKriz0cnXuzALW5OMZqJhGXf3goJiQPJ0piJUGYHMKbXXE57ZR1ADRQ%2F2GQgZkwioQN%2BkZkMm4ekq1GwmXYUtJV0ppyWEEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18cabb37-FRA

GET
H2 200 540-0b0b591ebecb952a.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 12 KB
3 KB 339ms
336ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/540-0b0b591ebecb952a.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 899c796de0fc7cd488d7ed19260d40f077d772bd148344b5b3793ae82d3d27d7

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYQX376DX70RFSM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6NbywBSGybfDtrJVoH/Gt6bhLN1NC2vArvcacVfL6RCjE54fjyIfIs/M1/1XxMTuukbLJb/MJHY=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"eb2e0606c9b471697b453a2f4334eeef"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wwgsJmO4NDQyGOfw7BFxA%2F6dFv5cg2HE1dL6H6%2BqVBEjKGlv0cACOQmtfvmbMvmKQg4za4YBR7XC1M%2B%2Fa%2FSIPrt2WOYrye8Zk7NWPLBm85%2BBwu4MN6rqEdatNBq5Jd5d2NrTDWVXAnltjXU5O1dpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18cbbb37-FRA

GET
H2 200 3239-4946aaf7af0939b7.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 25 KB
5 KB 367ms
365ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/3239-4946aaf7af0939b7.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 587887e0fe555a4658f93ee445be554d106de2cd567d42df43132508bfdbdbad

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYKXREJ85STZ0F7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /J1/BNM+i1s2gbdicOHObvZGNVSblv7Ow1nUjWLV31vfJx7zBOfLXw10UEVwu7RGwaxS8d6DBhE=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"f678590cf1c6eafe4783d8234e8e9011"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cKKWW4N8Qn7GuTDRUvwu%2BMO1iB4cCUOqgznbJtXU4uTJ6RuIEd3JHkCf3%2FlaP7gFxM6xjN1xMMrkCEYm%2B16lMLmSLaMpSekrg6w%2BV7wvLwGPdpScS5VdKDYPQx7N14jUOtLYLR1jTB2oRIXTnKyGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18ccbb37-FRA

GET
H2 200 2131-84c8456f1e5c7c66.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 12 KB
5 KB 260ms
257ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/2131-84c8456f1e5c7c66.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22101c60e3b7e8ff908943ddd3a9d18c3a89b35cf0c00670343ae8cdbf7988ee

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYSAHN4XTYNZMHJ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Q+zxD03s4sAfZmz6nhWMlxC2HF0Yn7+3p36tJOdBlSxcqQMlm2ccdQgF2zEHM/CFO9Crl/V6+mU=
last-modified: Fri, 16 Dec 2022 11:41:11 GMT
server: cloudflare
etag: W/"9e12918e3244bed99052322c1861d6a7"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fEj4LS2N5pZE4%2F3Nmn9FBqkH6Zz4F1GzIUqADDCsOGcrgcrLK561kaKvOv6JCxn5wiyiOurSATkdPXK1xCq1DDG9f5jPK3fAcYaQt0osjvNeY8kG5eXo4zjSm%2FxQTrDxpOpgEp1SXBdvMkEzZFyCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18cdbb37-FRA

GET
H2 200 6215-632dd67270706516.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 20 KB
5 KB 366ms
364ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/6215-632dd67270706516.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3a8c690368f2fbd7d0b6b8b56a7122cda8ec495c648d9f76f9565487c19a092

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYS2PS0K5PDPYX4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: AH49t+G9H/IwaVoIWjAldk2QO+w3gjxKznJtqGfzDguzCgbkSmP/xrqD52VXC80LS5AwPr+sh2A=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"14e811875caf54a64e5bbb850e166713"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSntku94jdiqXm%2BPM%2Bx4UXUMtZwEeD8kn6jNu8kjPdfwLE4oHEJUlZS30EJzl0l5Mn63q3T9aKPCr3qaJ82l4vDYGj3MXtragV4WJrzi4q7oscuINJGIrrJRRfpy4R6SSAvJcWqzuGqj7Cz3mYXHvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18d0bb37-FRA

GET
H2 200 7588-a8714322bb90884a.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 8 KB
3 KB 277ms
274ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/7588-a8714322bb90884a.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feaf85d4e8151fe8be348d98e9cd03afe6a9fc653303eb623389b504a3d65c16

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYS233X41JJ3STZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HNjPgnQC2LJGYhEx4ihGxPa759tLCbJarogVzC2I7IGG1uqLDURb8qm+/r+ywTtCfdd3KebIDio=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"e65d0250140b2164f56fd7edcd2bcb4b"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rq8ThFu6NP4JJaJLcMs24aFcjJ1KKYM4EkyuO4%2BxY5tjBvRDOEQ7h2qt5e6HpESOiZokMgzDY%2B0WM0Z2A8FxMgZ%2FNonPFT3eDONVSclCRi60BdNlEO3CEcQm0k1QVnkedEDk%2Fa9FQTbtzKiMHI1OGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18d1bb37-FRA

GET
H2 200 2652-159398bbff5120b8.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 10 KB
5 KB 257ms
255ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/2652-159398bbff5120b8.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c4b262e7ba271a08bd162c0ee6da69044aa8a09ac37778ad5e40fca3960122

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYQ82YPVEZJQKYX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: wc6iySZSpn7irvVKlPAAw/x/bCkquPkExH4a9Wt63WoTo0sviziCjjV+tGJHtLmk3M2rLBOV8gU=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"a472ec4759b6a3713119395f5bbd1c14"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90OxRBie%2FRNpxD1cY7JxuO5v%2BPcXuqoVNaJ4B6F2jVVnfQq3BG0wquAQbKfqd1zc2N%2FwuuoV0BhoskC81mvR2K%2F%2B1brzAvWGgYyOJ2N6wNgnQjsff%2B3S60frfZr9UE9sj3RtSg3wcr4hP5erno3EYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18d4bb37-FRA

GET
H2 200 3432-2fb0916a04163921.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 8 KB
4 KB 265ms
263ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/3432-2fb0916a04163921.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a92dbf763c7d63194f68f9cf5488d8d055231874dc2812abd3e05b3f4916c1

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYPEBCFRMAFT4E7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: gIQem5MXg+pe850NBGqtOi5WVx03+xMnZaSqGQ5CRlLlNUcObFOqiFlPbYDlrUNfVnSIrucr84M=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"ecb1299b743f3a66dce060ca7c758e73"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BR6Hbcmb58PU9AVSghTMydhSgWkZfRg%2BEqzmmTqdOSIEFO38vOht%2BsQLwb%2FqrFO5Zft8XjJ0oUeNr5NSTSz0xQW%2FP3tY0%2Bsz45Ff8aDhhJnrZE5qJinOTkoBqkvN9EkzgRVLHZvT9b28MjqI5NzHWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18d6bb37-FRA

GET
H2 200 2707-e74f5f8cd5fe8589.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 17 KB
5 KB 362ms
359ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/2707-e74f5f8cd5fe8589.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b46d5ef4a040d69528f0bb22dd65dac746b6b81c58c1201e6e29a2525f9907

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYT7FJPP8TW5K5P
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: IirR/R9m366n2+CrxJWPpHCvrIwxGHrRKiqgCbN/nPCwr0GTYwHG8yDkFr7Cpdt4w/xZNpxwb7Q=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"66053e708ce7a4f0b4a41c18692c4f1d"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jik%2F0D1q5971igMPDH8uDaCE%2BWooWHFedgfu0K%2FIZ6cyIPL0rExHve4p2bT3RYHtGpuY2WtszJ%2F7oGhaLnZzI86aBmMpE1BwrI1f%2BLAWkEUB0ydPIZVsO5XZL7t0CTHurE9vOPymO0MV37nO3Cai%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18d8bb37-FRA

GET
H2 200 index-141fad1d06490d10.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/pages/ 332 B
975 B 139ms
136ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/pages/index-141fad1d06490d10.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b9596f4c96b0b915e68d4c91dd4db1b4c46287d2408a884c924824435bb926a

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYYKEN6GTCQ5RYC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Hhf4c44kGG22mRT6Rk8M4d19AHVdR4rbCl5YIZ3UYqd9YiFXk3wWHLNWH6JoBcjJ2patUHnXHKk=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"338c031ad628a4d67c526ecb23653b67"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNTCgJZysXBafHb88PR8NrY%2F%2F%2FRDbvtsankTK%2FUva1R2oeUWBEwgU3YytI1G9QGyH7miRNtHYyVLPsY%2FFUR2BEDkn5PkQVjFhs%2B%2BNi5Sm5Jen%2FYPh2THdqqwmybeQ2fuhr5IlOsQcf8RdFh0n9eOog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c18dabb37-FRA

GET
H2 200 _buildManifest.js Show response
static.wtecdn.net/o/h/p/_next/static/TLkhK9U-4TnEOeH0AQHuZ/ 4 KB
2 KB 293ms
290ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/TLkhK9U-4TnEOeH0AQHuZ/_buildManifest.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaff3605c2b2390509833459749ea044f41fcba8b39b818baa65727e9ee1408d

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYG7JX4TDQY0BN1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: SXxgmmxOtZSsbMMJ43h8WWTxwqc8dA2HouTdRhsTIJrEr7npyhD+tSatyD8auPmydj77MJEt6oA=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"4cfaf62ac24b764c83977944a790402e"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8%2BTFoluY1t4ZwFySOh6DKU2UdV60DK1%2FRC6lSM4OSOQwKbRRao0KzIwwIBliEuJYATZllDJOeKUnfZXFVL2t9g2SGmfHzxulzvguhX36uUYlV9uest3Q8eTA6k4tO1Wb6WTinUZlCinRyI1UAPSXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c28dbbb37-FRA

GET
H2 200 _ssgManifest.js Show response
static.wtecdn.net/o/h/p/_next/static/TLkhK9U-4TnEOeH0AQHuZ/ 77 B
458 B 255ms
253ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/TLkhK9U-4TnEOeH0AQHuZ/_ssgManifest.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYS9RT750XDBT75
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UETAr54SMdKYdkDq5hm/a83ykAk4r5rJxNxPQUB4CaIrSm8Oh5pF2PYu795SylX7J3I2eceviSs=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"b6652df95db52feb4daf4eca35380933"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FZJEyUq02hxkYigl%2Bc6s35%2BdAqmmt3sA9V%2BQspgGGSZY47%2B0ccLXd4%2Fi8NPvp%2FPOaY4sHyA6hQvtAdJ5IxVa9VEeylz4CFzDzy71%2B67VmjIcZSMoLQkC117uONfzB2q9G2I%2F00rfP0qEIGVF9c4JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c28dcbb37-FRA

GET
H2 200 _middlewareManifest.js Show response
static.wtecdn.net/o/h/p/_next/static/TLkhK9U-4TnEOeH0AQHuZ/ 92 B
455 B 278ms
276ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/TLkhK9U-4TnEOeH0AQHuZ/_middlewareManifest.js
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYPCJWF98WHBKG2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9yNLlcEOM88Hf2FnHrYzatBw1lU1ydvbIEIL35sBEXae01TwpGOJrIWAcGXzRNAFrdel9nmi7ZQ=
last-modified: Fri, 16 Dec 2022 11:41:11 GMT
server: cloudflare
etag: W/"7c3f7e060745668041278118c0bb3d6d"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfTBVLpAlQZXXggfyRA5GFQHILdDGWfKVJdw%2BN90c2r8%2B7AKBaiNsASk17%2F6qEEVqoPLRPtqYxzwysV0pGohBjZ0%2BycGI3tFs%2BY6xLsfcvuqRF2ekkCJVRq9kLtuaXywuX0GuExVBQAHcRJwovT5rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c6c28ddbb37-FRA

GET
H2 200 photo_2022-11-23_17-07-32.jpg
static.wtecdn.net/files/17cb6237938b1ba33f389c823e8ae835/ 13 KB
14 KB 370ms
349ms Image
image/jpeg 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/17cb6237938b1ba33f389c823e8ae835/photo_2022-11-23_17-07-32.jpg
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21d510a730e1b96b8d8187a5f76b64c5145f0ea79e653a6cf2ff3b47587855f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYWWGJ9GH9CNPWS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13449
x-amz-id-2: 3IrODSDxqQNLOm6zqEOv9PIU4/LJm52EWh+LGLPOWbuwsPeRDnaCpkynDgV9TSCF2Jehj37VXqs=
last-modified: Wed, 23 Nov 2022 10:07:54 GMT
server: cloudflare
etag: "17cb6237938b1ba33f389c823e8ae835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJ0794rAPyCo4tvfKnH5gIEKYrOzYQBDWQ0y%2F4Kl1WxAZ1Ni4zd3QAVUzuHZy6CIQXq%2BtqNSJipFy2e1j4iF2ATSh7XjtUW3DRef3zCTnP0PoezIbRGa8TW84Wl3aLwXZKvkA8us96w%2BScFxeEYqVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c3ebf5c14-FRA

GET
H2 200 chevron_left.svg
screen-window.bestchoice1day.com/ 150 B
379 B 98ms
95ms Image
image/svg+xml 52.45.63.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://screen-window.bestchoice1day.com/chevron_left.svg

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.63.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-63-199.compute-1.amazonaws.com

Software

Resource Hash

a7d379d31dd517198d442430c50220ff290cc36b50d76ad3864e2c41891146ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 27 Jul 2022 04:28:43 GMT
etag: W/"96-1823dea0478"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 150

GET
H2 200 1111_96.png
static.wtecdn.net/files/8212315a5391129f4a771dc0c9f4e5db/ 8 KB
8 KB 298ms
276ms Image
image/png 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/8212315a5391129f4a771dc0c9f4e5db/1111_96.png
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff7ab4781cd04692338e9a5e0caf3e48dabd8c1f7bf53a1e36b9666f48fbb691

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYNGTZVWEABF1GQ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8116
x-amz-id-2: qlGCLUisfS7mGyFptO6qI8Bk7L+/qL3A3frqmFtEdYVJwdaCYV81FCXt273HNQpg4+kYA6wPu7o=
last-modified: Wed, 04 Jan 2023 09:46:33 GMT
server: cloudflare
etag: "f71ac50a8c8d141e1bfec0208b4e3604"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3GumINkC4nbk2VCYLsxraUY3x%2FcgI0k7E00EZpABlYwko0zulsDiMxza%2Bd%2FD%2FFDXI1l2qjhKQctZeHXWn60Hu44QnZex%2BfecYdkcmG%2Fn7I75WiQ%2BeCtmSuU8MhbBvLItb7bkCE7E7p99rlbB8TPbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c3ec75c14-FRA

GET
H2 200 1_96.png
static.wtecdn.net/files/88840bc9017f17334197cc62e50b80c2/ 8 KB
9 KB 308ms
286ms Image
image/png 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/88840bc9017f17334197cc62e50b80c2/1_96.png
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd394a1d749378e50f142a18a3c4db89365e51ed98dd8bff6bc1cb160cdcc3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYYZQV6G0E1VGY7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8127
x-amz-id-2: YsWq2k4UC0oqWxsToSdiSUUpDy4PxOq218xGf0owPkLXePMjmXUBJ6JJANaalagarXxPezrUUxA=
last-modified: Wed, 04 Jan 2023 09:46:41 GMT
server: cloudflare
etag: "651a09339a06941a3a4534dfe7095cce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eg4XAs9y8Yls24YIchuBYfnamWyR3AVYBtJ4eS1wp4jCtoJX%2BaH94YPvpDJD3xtZAC5GCTv66cl7sIpxoqJLDnrZoOAV7rO95K2GdV3o4mkT5s67CvjFDYEO7mTU9zB3VJL6xF%2B9uAhh8YBOJm7q5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c3ece5c14-FRA

GET
H2 200 2_96.png
static.wtecdn.net/files/63562d5a95e8e54b33e5b183970add9f/ 7 KB
7 KB 313ms
291ms Image
image/png 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/63562d5a95e8e54b33e5b183970add9f/2_96.png
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4368e16d8597a947fdb8c949f163dd080cb4e25426b16a0d50f6c9678adb223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYVFFHYDRT5MXW0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7218
x-amz-id-2: xzjOwP5osxso+z/GatsD45mNxFRYOtItXFAUa/rnufrd5h56x5qzdQ+tFlOxRmpLZyswGfJv0Cw=
last-modified: Wed, 04 Jan 2023 09:46:41 GMT
server: cloudflare
etag: "cae405d3904b7cd03b0059b9da799c15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrfRAy853TuTev2qsAkT7SmYJA3ygHQFuS7EsK6WIrcC0PhKUOP9gGGrmSWn%2BLMmkInU0GeVMLPTyb6XTnXj%2Br%2FOegq5bIlxYB0tzzG%2BD7Iqmml%2FluvUrkZ14KXcj9AC2GZq5aFUPwi%2Bh2rL6Z2rSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c3ec95c14-FRA

GET
H2 200 1_96.png
static.wtecdn.net/files/3cb1e31eb64d6bccec1bbfc248ee4e6d/ 8 KB
8 KB 286ms
264ms Image
image/png 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/3cb1e31eb64d6bccec1bbfc248ee4e6d/1_96.png
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c09694c5dd21362ae3b276988d033bd4badc49c4c9da6f748cfdfb9caa8f381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYVW384MH7S0H68
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8103
x-amz-id-2: tHcsjiZ5cPR3DpnTcQ9FZyI2R7hBobPTJzSVWpa6M55M4g3RgSER2MNJInxPldjuwmpgCznJjJ8=
last-modified: Wed, 04 Jan 2023 09:46:53 GMT
server: cloudflare
etag: "0d9a704a7464bb0ffb786d2853256ba7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jpSVc2yyYHI2eOXkEfSEog75u75bKXM6D5%2Bl1HvwvkTEXD4hM4sqGPKYsCYQwFjDb14XGNloxU07Dz8%2FdUn%2BBaIK%2F4ZuPZEoF3dtU0iyipefyDVz%2BX6jNK7vqiX433YY45B5Wuy5YmHSqg0gJEVlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c3ec65c14-FRA

GET
H2 200 2_96.png
static.wtecdn.net/files/3ababa5d80b608839d2b90ecd80008d9/ 7 KB
7 KB 276ms
255ms Image
image/png 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/3ababa5d80b608839d2b90ecd80008d9/2_96.png
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55abe62051d6d231bc1e30f51b9026e06cd42b7acb7fa8b61dfc377bcf5542a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYK2VV67KYK244H
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7227
x-amz-id-2: xwTCg9lmR5jlgbk2FG1bcP7nbPHv+7lf2EpnJoPaG4AKEX4EXPCYCWvdlbDjv12Tz5CKyzegKOM=
last-modified: Wed, 04 Jan 2023 09:46:52 GMT
server: cloudflare
etag: "860f5535d0b85503747e7915b30273de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbePqabRAlSohdyBnbESo4TLtJigPKLUviBjfjTMJkD7EXGPyx0Rjm54y65myS073IthnHxeP5J76H%2FB0m3xDVCC8shMvFYCksW2jCYHydXpoxjeU1bqZ4Ua1VH6%2BxNkaqj%2Bt1RK1QaNGmiu9ZhHYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c3ed15c14-FRA

GET
H2 200 3_96.png
static.wtecdn.net/files/1d8f062a0ab1f2cae04ad8c21c5084a8/ 10 KB
10 KB 307ms
285ms Image
image/png 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/1d8f062a0ab1f2cae04ad8c21c5084a8/3_96.png
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c545388f69d9aacd5173a79f465212106b34f65b516a999e317e7dd3ff6106b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYWNE2PDC4K84KE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10029
x-amz-id-2: yLB80EUo07ONCHbmLY+irqK5wZiLQlmdHrcJ9UIgRw6yiBsmF/YfUS7LO1NIEbLTh8itxkqSjwM=
last-modified: Wed, 04 Jan 2023 09:33:11 GMT
server: cloudflare
etag: "e85c566eb30041499be00df86fff6978"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gityR7DV5gGwRV6X5%2FGZ2VEPzawbi85zm9g0Kd%2B5pofsyl0bhsPuAtBaiJ8DblAB2DULH6klA5QoL5ze%2FdE41sDHusab5h0Aj14bpheiK0qxKq6iZx678%2Bja9wenQjYaDj1gtSIfsQMJDmqByxDX2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c3ecc5c14-FRA

GET
H2 200 1_96.jpeg
static.wtecdn.net/files/6e80c765b61be034be5c54d016113c9d/ 3 KB
3 KB 279ms
258ms Image
image/jpeg 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/6e80c765b61be034be5c54d016113c9d/1_96.jpeg
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67343ec4ead1964532243184884c9f762c8574ffc7a5b9c76e6700b70f00cd30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYX8G0R8YT3R3ZN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2564
x-amz-id-2: fwcIFQhoTcpvi7vRvWpMmCjM1GkyECM4QLY1ZEblssXUREpm+9FgFza02yGACGWEsI1+L90fB/k=
last-modified: Wed, 04 Jan 2023 09:33:10 GMT
server: cloudflare
etag: "6effc361eb9f55ae51cc96b599fe74de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Siwd8byxB3uSQCs4rGT3ulwftc%2F6p5G93vvKhzEVBpq4GxNchKBBmSmwMhieM3EDIVh2tBiwidgj7gpoZ%2FTBLgGnvIEOC17yduST92ETvFAWVInvXzoNQqicExLTMYrn6XmLAXoBY6uJAXWbYe1cLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c4ee85c14-FRA

GET
H2 200 2_96.jpeg
static.wtecdn.net/files/d172bc91403eca74bb0d5d819d64600b/ 3 KB
3 KB 276ms
254ms Image
image/jpeg 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/d172bc91403eca74bb0d5d819d64600b/2_96.jpeg
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a586cc425bd7fc4e4559e94a98f0e407aea0a1280b2e12fb6c6ddcbaf409ae52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYPKAV9J23A38C5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2876
x-amz-id-2: 9MxnUbl7SjO2+bxKV7arBFwPwnL4/QF1gxS3DjAwuiOUKJ23Fug11+KfFGKUFK7/5ueskhhw73A=
last-modified: Wed, 04 Jan 2023 09:33:10 GMT
server: cloudflare
etag: "d8fdafd8eb862ec734fbd06dcdcbd65c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkDRzwel0%2BsDOZndTQeYP%2BN3GUrVmL%2Fi8mkw9G8ywbXtd2FQBIkbPh2eysysDqCgCy0bp6RQ5FyV%2BdbnYDx0E441owmQxEjpjDZ%2BiOLnED3zQggJxJTCuJlIRVH3OJh%2Fxy6RwxiEIS6jAy632gMThw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c3ed45c14-FRA

GET
H2 200 4_96.jpeg
static.wtecdn.net/files/0559dc177ddef18c9c8317605155c905/ 3 KB
3 KB 293ms
272ms Image
image/jpeg 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/0559dc177ddef18c9c8317605155c905/4_96.jpeg
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 115a909568b9662819d9362a9a066e031953adc0450c90bdbf30d27ab531cfac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYKPFX27RH31RD2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2617
x-amz-id-2: FS7E4OwFI3BQq47dxYDy1atP0zp7IIfRp6A/kXdwz6CCQ9UO1eXGopx4rH4v9/67kdUeeYOGGoY=
last-modified: Wed, 04 Jan 2023 09:33:11 GMT
server: cloudflare
etag: "730090ac4d75fe88cf0833502754ae69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=la9xxYLWeEz%2FtkvfAI%2BZ9SWsMSkDluh%2B%2BaaqiWfRVamfNdD43H9WCPSX5Gulvjrgb%2FkN8dT8j0cpPIvviYVba5VZcAE9Vw%2BYSOx4qgXST%2BkXreKO0m1EJ54i2LSHs3HrhlaOmjKixIS3Pg4lFwRBug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c4eed5c14-FRA

GET
H2 200 6_96.jpeg
static.wtecdn.net/files/c1f150334511ebf57c9a9e3b34486ebd/ 2 KB
3 KB 348ms
326ms Image
image/jpeg 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/c1f150334511ebf57c9a9e3b34486ebd/6_96.jpeg
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 227772dc428db60357c5e7f86934c0ef8847b8e4b604867c91483ad16c34f60b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYMFGHF54JDB2T5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2232
x-amz-id-2: AnvVWL0CGZBi3oZ2RtQt3jIOOsCnKUsErXr13VR6MdhdsubAZYLP/t3c1pfijcjxELWFBdlCr70=
last-modified: Wed, 04 Jan 2023 09:33:11 GMT
server: cloudflare
etag: "4d021bc1b2a1ecadd68dcc44fa555205"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVRqsTsp59llCDIPSeNJyxWNtnLiSDMOYXRJBytREsehHrxLNsqyMkGj%2FQ2o%2FvJH8rM0ok1Jk6s%2BlRr0LN3pvX8fuHD5gD9SsdRD6B5e%2BoaKS%2BcF5KE2RZh3tzbnve4zPqAE%2F1RJcfWPPYGPyeiBcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c4eef5c14-FRA

GET
H2 200 7_96.jpeg
static.wtecdn.net/files/e44f4995df21788bf5f15fb27108d37d/ 2 KB
3 KB 310ms
288ms Image
image/jpeg 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/e44f4995df21788bf5f15fb27108d37d/7_96.jpeg
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fce8285d6a8663b020648b8177fb686cae4a8bf38ff7b7556204c5a93e452f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYTVFFXNHS2V757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2122
x-amz-id-2: CfxOiWkLeRXJc53TNyAfBte7p+F2iQPm/ElS2ZnOQoEJFBKhX8BVaTNhuYd3oPgHO5n410ekNNw=
last-modified: Wed, 04 Jan 2023 09:33:11 GMT
server: cloudflare
etag: "0af3e6215eb0a2b37b398e61ed4c7df3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEYq%2BQh9GQoy8lke9Ys8kcSqlw%2B3Vm96F0cXbZOB%2FGqpkhCE3l6fRRcY7chonGNoTkewqsAQVX9JnNpG0UwwiiG3BWzaRQHWhuD6rHCwrGEJ9Dbx0yrZEGYtZCUstCv0I93NDkt7evJLQ5Pg5yhRxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c4ef65c14-FRA

GET
H2 200 8_96.jpeg
static.wtecdn.net/files/30ab1342e06cbe8a783f6d64b603a4cf/ 807 B
1 KB 295ms
274ms Image
image/jpeg 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/30ab1342e06cbe8a783f6d64b603a4cf/8_96.jpeg
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7e8aa24dccd3b58a09277b05752b6ee5cac376f98f45cf36462bf8271c8999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYT8PJH83RAXK00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 807
x-amz-id-2: qI2BJpkSxYfcmktMhXugI4yNrrS/GNCoqwI7PcWWXN/VSdG/Rac8mt9+8P6w4IM+bRu/UEG+8S4=
last-modified: Wed, 04 Jan 2023 09:33:11 GMT
server: cloudflare
etag: "7945dacf77ed450a060f98e68a18d8a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbWHwV1RL9D7xo6vI%2FLxgTvTm1whHly%2F781vgYr5bmPyvN1vcJhbcBtqvBb4zT8p7evVJVWYNnCxj1IYqkRBixASCgbqD4jKxyvJmlW6nVYTmLBB%2F1HWv4CzNYtjbg0qV%2BTTWL18BGHhKZxc6q%2BwIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c4ef15c14-FRA

GET
H2 200 9_96.jpeg
static.wtecdn.net/files/94e3ceee83c33bb444db61999933ec6b/ 748 B
1 KB 283ms
261ms Image
image/jpeg 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/94e3ceee83c33bb444db61999933ec6b/9_96.jpeg
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2901e9393b8b9bacf823c4db02b9208cc9a53e097e3ba4961ad244c3cd58f487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YYN0P7EA0E1G0QY
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 748
x-amz-id-2: X4Bcof6l7SZ6j6dpUx6HQbx6UoFE84QGrZEiqALFY21TzCVbyNRDkyCo2JOanD+Mx3gN36+Jhus=
last-modified: Wed, 04 Jan 2023 09:33:12 GMT
server: cloudflare
etag: "000b081bc77032c0dfbf234f39bc2a17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRzL7c8AExUSYfyrlV%2Bs2MbzSliEOjDk3bsb%2B2ZplRwyzqQN4KZ796vpP6x8lpH73hsrqdGjBMSiLKcrSMeS65rF8Kwu6NyFPHm8vxgTHo5SGIyiwNGYOL%2FzrDCcXxEZPAZt7MB590maX1b9j%2BemXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c4ef85c14-FRA

GET
H2 200 chevron_right.svg
screen-window.bestchoice1day.com/ 149 B
378 B 96ms
94ms Image
image/svg+xml 52.45.63.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://screen-window.bestchoice1day.com/chevron_right.svg

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.63.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-63-199.compute-1.amazonaws.com

Software

Resource Hash

07d63c63474652bf552370826d756bfca0e8d9e7dfef5af3b315ec443f44f31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 27 Jul 2022 04:28:43 GMT
etag: W/"95-1823dea0478"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 149

GET
H2 200 minus.svg
screen-window.bestchoice1day.com/ 155 B
384 B 98ms
96ms Image
image/svg+xml 52.45.63.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://screen-window.bestchoice1day.com/minus.svg

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.63.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-63-199.compute-1.amazonaws.com

Software

Resource Hash

8ea03bd746f566b909f43c44cc5aeb50df72b7de88241313def24c13f2a83173

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 27 Jul 2022 04:28:43 GMT
etag: W/"9b-1823dea0478"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 155

GET
H2 200 plus.svg
screen-window.bestchoice1day.com/ 183 B
412 B 97ms
95ms Image
image/svg+xml 52.45.63.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://screen-window.bestchoice1day.com/plus.svg

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.63.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-63-199.compute-1.amazonaws.com

Software

Resource Hash

7a0a768078455763a4ddda7b0dd13b8356188ff3b21a1939639f115483d9ded7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 27 Jul 2022 04:28:43 GMT
etag: W/"b7-1823dea0478"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 183

GET
H2 200 cart.svg
screen-window.bestchoice1day.com/ 283 B
513 B 137ms
136ms Image
image/svg+xml 52.45.63.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://screen-window.bestchoice1day.com/cart.svg

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.63.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-63-199.compute-1.amazonaws.com

Software

Resource Hash

3df6c1736fb134b2a7c45a00533b18734eca279c681fa27c0613db2f853e35d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 27 Jul 2022 04:28:43 GMT
etag: W/"11b-1823dea0478"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 283

GET
H2 200 card.svg
screen-window.bestchoice1day.com/ 345 B
575 B 136ms
135ms Image
image/svg+xml 52.45.63.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://screen-window.bestchoice1day.com/card.svg

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.63.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-63-199.compute-1.amazonaws.com

Software

Resource Hash

80135834d537674f50ab614d48d3c75aa4d7f16fb4f29e75a3516312921cae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 27 Jul 2022 04:28:43 GMT
etag: W/"159-1823dea0478"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 345

GET
H2 200 safe-checkout.png
static.wtecdn.net/files/03e2ca4bc621f76dc201b5432b43170c/ 27 KB
27 KB 50ms
28ms Image
image/png 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/03e2ca4bc621f76dc201b5432b43170c/safe-checkout.png
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e7d1b041c75c1356235e6a0079c1800f2eb5af838b01a6311b3e45f6039762a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: P4B8GEWAC8HKBQEE
age: 1490062
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27146
x-amz-id-2: KDxzxmR33PZ4QFms1Xwb4oeNM8tA8YFqKo3HIPYaXV4IhNhTUSCXkcZLmzlya3DCm56+taRtiQA=
last-modified: Thu, 28 Jul 2022 09:16:10 GMT
server: cloudflare
etag: "03e2ca4bc621f76dc201b5432b43170c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dhe784PXtYldcNKhgvu6%2FhjDCnmI0Irap4ceMkzSNcJJ6juv3DZXDtRYM3p0l2fSCingb%2FgVn7BBUji%2F4LuXfRfN9yVehV%2BBF%2BkDC2F%2FyDquwz62VbMt%2FY3HxegMoJGTeY3UAQbi4QT3yksI1RZCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c6c4efb5c14-FRA

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae0137129daf0f68563b6193eef0d5bd3d8eaadacfb17619b366e90dc4e0052d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 204 events
picker.wtecdn.net/ Frame 0
0 304ms
97ms Preflight 44.193.101.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://picker.wtecdn.net/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.193.101.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-101-40.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-methods,access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://screen-window.bestchoice1day.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, OPTIONS, GET, PUT
access-control-allow-origin: *
date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 43ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4PXDNlgkmKPk+fr3WDj3U8xl9YutciOBKIsj2DzXKKroiVmjQwXETdIp3+ZDTLVP+ZjcNM74giwYoQokUSmbYw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 51ms
26ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MVPX20KBK

Requested by

Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85aeb7a52482d7bb6a123b139174a5266e4904998a966b7ec53a5827d35d5f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 372ms
150ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9L3DTBC77U7J0JTV25G&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: de1acf3892a91daf85361b22c3eb8c791273dca93483c34b562123411e17cac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 490e9dd3.15256dfd
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 128,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=30, inner; dur=2
content-length: 1381
pragma: no-cache
server: nginx
x-tt-logid: 2023010421364177E2958D95CB052EC03B
x-cache-remote: TCP_MISS from a23-217-116-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.217.116.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f255caaac83e3f5baead78c5c75b8c6b765912cc799ba2206adc7338ab4eb7a2dd56e3c312141cc6c22f90cfdf8b14353053c801d0fe3621988b18f8f57a8439962e98771f4ac1bbfb909c0adf3e25f5c0e
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 358ms
136ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCPCGARC77U2DQ2AD7L0&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9ca1178c91ee83ff3ae2c6205cd0613b4b10f7e24df47cd275808954218ddb92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 15256e00
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing: inner; dur=1, cdn-cache; desc=MISS, edge; dur=0, origin; dur=113
content-length: 1436
pragma: no-cache
server: nginx
x-tt-logid: 2023010421364164BA4A18022E5821F506
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 113,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0cd630b7b2e7fca397beb66c16ab75afcf30262368c04f9e30469a3508259ca67941f78075fa3d09f01b5361b6949092aaa346b85e75b5bfd8d8786982410bfd6a
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 371ms
149ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDR6RMJC77U1DP3CB250&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20a7960018a110ee982efd6d80e28a14facfcacea53fcdbd4a517221a0d73da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 15256e01
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=0, origin; dur=119
content-length: 1436
pragma: no-cache
server: nginx
x-tt-logid: 20230104213641253FBD33F9D77BCE8F7E
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 119,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c13523aae38dbec71ca30b816a9a4f04e8bffabff7564ee81b4d30119496d7e4b28be3ae66ebda8c6ce5f241de1e703dbb25c329b2f9527825507eb9222069e85
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 359ms
137ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE7L2VBC77U8PGLVAH7G&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cab32756f225c0c92ed74a4192f6cb481ad1f2724fd8eabd8d961dc49fe3857e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 15256e02
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=105
content-length: 1395
pragma: no-cache
server: nginx
x-tt-logid: 202301042136418B79C98004D8AECC77C1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 105,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c13523aae38dbec71ca30b816a9a4f04ea9d86e6b0b3f9f5c8d100778173b50014f3ec999cdf798aeada55ab6fbd68356dfc33053149f957b7ab13f21e132dad2
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 366ms
144ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE7L42JC77U87C9LQ03G&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8675092fc59fc61f6aad74c17df980d1551ff8502fc0650a2fc61caf9a9c4ce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 15256e15
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=107
content-length: 1435
pragma: no-cache
server: nginx
x-tt-logid: 2023010421364120D7FFDDC570DDC42B8A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0cdc0dd415a1762053d25101aa3905e36f306903cd6c2c577bd80dcb6ff8efaf8fd9ff97cf1aa551b549f852ec4cf5d6e8b56731cc38176e17d83d296aa040ec46
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 386ms
165ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE7L6TRC77U92N2T62RG&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8ab2302b301d40f537d89d362238bdd1f19d4852f069de6db7f19d8c607eec0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 8ff02045.15256e16
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 123,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=18, inner; dur=12
content-length: 1393
pragma: no-cache
server: nginx
x-tt-logid: 20230104213641D41A27EA891A8AAFED8E
x-cache-remote: TCP_MISS from a23-217-116-143.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.217.116.143
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25ddcde86712001b8682593944e783ec40f75a96bdc6b3673e4a781f587991e1c9ad58fadbbdd2c1455b6b7085efef050b6f8d3097954b58a7d721753275d63d634de7bfe81ef6ab835aff0e406d43a6ec
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 134ms
133ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE7L7O3C77UA05OMSA70&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 18e484f68a28030f1435a6726ddfdf3ce438bed1ae9659c5d9d57f0cf8299602

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 15256e2e
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=108
content-length: 1434
pragma: no-cache
server: nginx
x-tt-logid: 2023010421364145735D3F5AEA12C481AF
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 108,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c23d906e99851d850d3094aa3978d6b50922b0a272fbf7280ca7d5620d048a7ceec31d6c8caab0c519932c8cc66605ee55778c62fa0d08b058b68160709020143
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 183ms
182ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE7L8LRC77UA05OMSA90&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b55d78d34bf4f49f9aa5bc203a3065c9a2fb5fc63e87b09112adf10677552a58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: eb634fa1.15256e32
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 124,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=22, inner; dur=15
content-length: 1439
pragma: no-cache
server: nginx
x-tt-logid: 202301042136410B9FDD800D3B7FB6F21F
x-cache-remote: TCP_MISS from a23-217-116-151.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.217.116.151
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25b6eb4c2b9d150b57051583b57e10015dabc28aa5270ed128a86014cb78ed9e10670dff349b94b322c4251d2952a3fecebd4063d291c474f28634e6f36c92f6c10a140214af44909bab2a888632689ecc
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 219ms
218ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEG17OJC77UFTJ8GFDDG&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4964faeb0b5218cbe7872de859a13632cc941f46e686bdb6ad54a68f23ef6190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: a0150bc.15256e33
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 181,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=83, inner; dur=3
content-length: 1406
pragma: no-cache
server: nginx
x-tt-logid: 20230104213641232055738ACAE028FBEC
x-cache-remote: TCP_MISS from a23-217-116-164.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 83,23.217.116.164
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25d4011fec25942faf940ec50397a9ebe04b47bda15554cb5ae4caa24ca77d35ecdf073c01129520a64e77d6987c9dd94dd1fb3007634ff162413820c31cb52c99abb8e2b4b749324cd23176e7cf2e5e14
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 184ms
182ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEG1LNBC77U87C9M7U0G&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 33e7a14ea113ac8ab9178cda070db29252d9fe95270d62123e6000d46381ddb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 15256e34
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=117
content-length: 1437
pragma: no-cache
server: nginx
x-tt-logid: 20230104213641FCFAD81C58F67B3E2839
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 117,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c1abc0ed612945ef1bbeeffd8757c5e65dd193d741b35f442de744ad184ff5b7d82ef394ad40e98b891b301682192b966754eee1c4cfb2a140e8d52c542722636
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 184ms
183ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEG24ABC77UA35R4U6HG&lib=ttq
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 76c4657fd089ce604dd04556e4f5710d0bcabd2b765187716811ce1c52cc5a30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 2e230e2a.15256e35
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 125,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=120, origin; dur=8, inner; dur=3
content-length: 1438
pragma: no-cache
server: nginx
x-tt-logid: 20230104213641E3E9453BD1B5AB998FEB
x-cache-remote: TCP_MISS from a23-217-116-141.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.217.116.141
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25d852b45c717f6afaf18672cf97f69dcd30a9c6d774d74a24ab8e33f7068c143259420d6c33ea1cb014c407c9b0834278c6052ea7e7d2f88998b5e637853aaf1476d281b76558bfc1c9e3390321406704
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 329 KB
99 KB 65ms
9ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs

Requested by

Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/6215-632dd67270706516.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D05) /

Resource Hash

721cfa283fc7f191cedef6e2a469ccbf469ed8832ec70e60b3d4408e6ddcef9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-njX0y1jeK6xD7aBHe48HoBnnWuUD+dUIEf2fobrryc1/kd8M' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-njX0y1jeK6xD7aBHe48HoBnnWuUD+dUIEf2fobrryc1/kd8M' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-njX0y1jeK6xD7aBHe48HoBnnWuUD+dUIEf2fobrryc1/kd8M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-njX0y1jeK6xD7aBHe48HoBnnWuUD+dUIEf2fobrryc1/kd8M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 10455
x-cache: HIT
p3p: true
paypal-debug-id: 004736b375552
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 100609
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Jan 2023 18:42:26 GMT
server: ECAcc (frc/4D05)
traceparent: 00-0000000000000000000004736b375552-22a34d31370d7259-01
etag: W/"18901-YNznJhYEwRq+dpk7jBfeaxnDG1Y"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 events Show response
picker.wtecdn.net/ 484 B
730 B 527ms
527ms XHR
application/json 44.193.101.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://picker.wtecdn.net/events

Requested by

Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/pages/_app-6da1140025684618.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.193.101.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-101-40.compute-1.amazonaws.com

Software

Resource Hash

e307f43a6a0c39db679deb48251ddf6482e397f088d08f2e0af852a2de9b9254

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Access-Control-Allow-Methods: *
Content-Type: application/json

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: POST, OPTIONS, GET, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 484

GET
H2 200 location.svg
screen-window.bestchoice1day.com/ 607 B
837 B 93ms
93ms Image
image/svg+xml 52.45.63.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://screen-window.bestchoice1day.com/location.svg

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.63.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-63-199.compute-1.amazonaws.com

Software

Resource Hash

3d300ab2f563f1c76461565d0696b945b3ec5db9e334939d1cc5a723b4826092

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 27 Jul 2022 04:28:43 GMT
etag: W/"25f-1823dea0478"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 607

GET
H/1.1 200
OK 105472.jpg
www.studytienganh.vn/upload/2021/06/ 50 KB
50 KB 1974ms
427ms Image
image/jpeg 103.184.124.250
EDATA-AS-VN E-DAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.studytienganh.vn/upload/2021/06/105472.jpg
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.184.124.250 , Viet Nam, ASN149085 (EDATA-AS-VN E-DATA TECHNOLOGY SERVICE COMPANY LIMITED, VN),
Reverse DNS
Software: nginx /
Resource Hash: d0f5e00b55d52f5612e9d7d2924265cd67d7337714c15a167c4d62e93d9c136a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 21:36:42 GMT
Last-Modified: Sat, 19 Jun 2021 08:56:40 GMT
Server: nginx
ETag: "a42a0d-c766-5c51a9e59e37a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 51046

GET
H2 200 23928f70bbde84bf35fc4cd28ffca6ca.gif
cdn.wshopon.com/assets/2021/12/ 195 KB
196 KB 69ms
31ms Image
image/gif 103.184.44.3
FLNTCL-AS-AP Fuzh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wshopon.com/assets/2021/12/23928f70bbde84bf35fc4cd28ffca6ca.gif

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.184.44.3 , China, ASN149648 (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co., Ltd., CN),

Reverse DNS

Software

cloudflare /

Resource Hash

10df6d94566c5850e8db4fbd6f3e40ffcf0804a908f669d5346d157847d3fb0e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 199938
cf-resized: internal=ok/h q=0 n=5 c=349+1154 v=2022.12.7 l=199938
last-modified: Fri, 31 Dec 2021 20:54:51 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cfjtCGtyoTI831SEXovy7R5x-aJdRV_HsQesDqGFoaDQ:23928f70bbde84bf35fc4cd28ffca6ca"
vary: Accept, Accept-Encoding
warning: cf-images 299 "original is 464532B smaller"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c71197b6949-FRA

GET
H2 200 4021352c29de13bd2064448a492667107572fb97.gif
cdn.hotishop.com/image/ 1 MB
1 MB 196ms
156ms Image
image/gif 103.184.45.252
FLNTCL-AS-AP Fuzh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/4021352c29de13bd2064448a492667107572fb97.gif

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.184.45.252 , China, ASN149648 (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co., Ltd., CN),

Reverse DNS

Software

cloudflare /

Resource Hash

6b8bee6e32c692dc85e6ca96001cd2e90c939ddd7a53f51de0584202bd15a181

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 1246970
cf-resized: internal=ok/m q=0 n=120 c=79+1700 v=2022.12.7 l=1246970
last-modified: Thu, 17 Nov 2022 12:22:31 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cftlSdCboEJcEYNApi111seT4gJdRV_HsQesDqGFoaDQ:47cfe9c721b3b009c283c168e7ac44d3"
vary: Accept, Accept-Encoding
warning: cf-images 299 "original is 242750B smaller"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c713b2c2c55-FRA

GET
H2 200 e0c9f2b6cd5bcf09a1a61086d132d5d7b6b64669.gif
cdn.hotishop.com/image/ 2 MB
2 MB 191ms
167ms Image
image/webp 103.184.45.252
FLNTCL-AS-AP Fuzh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/e0c9f2b6cd5bcf09a1a61086d132d5d7b6b64669.gif

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.184.45.252 , China, ASN149648 (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co., Ltd., CN),

Reverse DNS

Software

cloudflare /

Resource Hash

37928e041b3f6d7e5b0a0c69bc1e385e2c2f24a8af27d9523b184ef629d805a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 12:22:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfqDaXQEVSZS3b_OafCezTWDbeJdRV_HsQesDqGFoaDQ:d1ae00cbb68485370b13a7f3428a1049"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c713b302c55-FRA
content-length: 2282106
cf-resized: internal=ok/h q=0 n=23 c=135+1740 v=2022.12.7 l=2282106

GET
H2 200 dcf989adb9cca750a0e61fec66c8df08d3caf371.gif
cdn.hotishop.com/image/ 2 MB
2 MB 217ms
216ms Image
image/webp 103.184.45.252
FLNTCL-AS-AP Fuzh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/dcf989adb9cca750a0e61fec66c8df08d3caf371.gif

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.184.45.252 , China, ASN149648 (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co., Ltd., CN),

Reverse DNS

Software

cloudflare /

Resource Hash

768e6ffc67d0b8b045deedf46eee17dcea52d9b0b8bf1267a6a4ec95d0825a54

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Nov 2022 12:22:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfQjIb6HK_wCSmdihzZ3MHBb2SJdRV_HsQesDqGFoaDQ:c3d5ea026fd08953c80b4a6a4f880016"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c717b872c55-FRA
content-length: 2076526
cf-resized: internal=ok/r q=0 n=61 c=147+2174 v=2022.12.0 l=2076526

GET
H2 200 e15cda7d733d0d3b9952e9e754235a9e0a54196f.gif
cdn.hotishop.com/image/ 835 KB
836 KB 150ms
149ms Image
image/webp 103.184.45.252
FLNTCL-AS-AP Fuzh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/e15cda7d733d0d3b9952e9e754235a9e0a54196f.gif

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.184.45.252 , China, ASN149648 (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co., Ltd., CN),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e577e71226f620b7cfdd84993297663fefac103a40260a168cd82ceae7ba72

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 12:22:33 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfysGbZ_TM3-kh93_qLxY9cV8rJdRV_HsQesDqGFoaDQ:f0a7f3a4ba782f820950e47df5678f5b"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c717b8d2c55-FRA
content-length: 854628
cf-resized: internal=ok/h q=0 n=17 c=56+694 v=2022.12.3 l=854628

GET
H2 200 f09a5b07ffa59fc211ecd16b13ce424290ae5175.jpeg
cdn.hotishop.com/image/ 29 KB
29 KB 217ms
216ms Image
image/webp 103.184.45.252
FLNTCL-AS-AP Fuzh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/f09a5b07ffa59fc211ecd16b13ce424290ae5175.jpeg

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.184.45.252 , China, ASN149648 (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co., Ltd., CN),

Reverse DNS

Software

cloudflare /

Resource Hash

c1afa6d04916bf42873b8227b592bef9f3106fb53637716c04ebdfcd36901eed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 12:22:33 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfMnBNc-2nwykY23pYdJbPA2KiJdRV_HsQesDqGFoaBQ:629016f6dc1ba566e84d06f80629292b"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c717b8f2c55-FRA
content-length: 29344
cf-resized: internal=ok/r q=0 n=21 c=3+28 v=2022.11.7 l=29344

GET
H2 200 8e71994e1a9b6653e9c8ae1ebfc54cdb6562b9d666e1f26543f41d301f13fe9d.png
cdn.hotishop.com/image/2022/07/ 48 KB
48 KB 218ms
217ms Image
image/webp 103.184.45.252
FLNTCL-AS-AP Fuzh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/2022/07/8e71994e1a9b6653e9c8ae1ebfc54cdb6562b9d666e1f26543f41d301f13fe9d.png

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.184.45.252 , China, ASN149648 (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co., Ltd., CN),

Reverse DNS

Software

cloudflare /

Resource Hash

701e85f2dd00b8d644232d854e9333d152c753e9bdfd2867a6c98fe50b6c83a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Jul 2022 03:21:19 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfW884WR90f1iAqIMptY90VA_vJdRV_HsQesDqGFoaDQ:01c9be176ee7ea515d2f2b2af4f49e69"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c717b932c55-FRA
content-length: 49146
cf-resized: internal=ok/h q=0 n=9 c=11+72 v=2022.12.7 l=49146

GET
H2 200 524b7b0a79be2cc5bca35ad18cee5dafbcd132370590c1d70379100cedea1c3a.png
cdn.hotishop.com/image/2022/11/ 26 KB
26 KB 166ms
166ms Image
image/webp 103.184.45.252
FLNTCL-AS-AP Fuzh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/2022/11/524b7b0a79be2cc5bca35ad18cee5dafbcd132370590c1d70379100cedea1c3a.png

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.184.45.252 , China, ASN149648 (FLNTCL-AS-AP Fuzhou Lefeng Networks Technology Co., Ltd., CN),

Reverse DNS

Software

cloudflare /

Resource Hash

e762531a84df94826553f40a664cb5c4907e5bd226fce2875a0afce06efbc38f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 05 Nov 2022 10:35:17 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cf5Qrzo89zP7jO-pPuQ2xSW65DJdRV_HsQesDqGFoaDQ:caeb728ae5783e5a8a022c6d01ac55ac"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c717b942c55-FRA
content-length: 26850
cf-resized: internal=ok/h q=0 n=6 c=3+56 v=2022.12.7 l=26850

GET
H2 200 networkani_large.gif
cdn.shopify.com/s/files/1/0105/9051/9358/files/ 425 KB
426 KB 77ms
27ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0105/9051/9358/files/networkani_large.gif?v=1563862155

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86452156f971db3fe61c509dede9bee61d9f680c02d7373c11e9e5bf81f2128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 48095
source-type: image/gif
server-timing: imagery;dur=4857.859, imageryFetch;dur=70.668, imageryProcess;dur=4786.304;desc="image", cfRequestDuration;dur=31.999826
source-length: 317743
content-length: 434810
x-xss-protection: 1; mode=block
x-request-id: b902527b-dfc7-43b9-8468-f28cbbc0e851
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 20 Oct 2022 21:08:02 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2dmLl7aD90nnvVJktwYR4PtQSpPsd60Wzy73iewYnrcSPr3QmJ0eF2D1uU%2BuA6uhCDtIsVpbqnm7jrUM671tO1HPAyIIWbLIAqkqZE9XHtpFvGDyvSZ9q%2B7he8WgjWC%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0105/9051/9358/files/networkani_large.gif>; rel="canonical"
cf-ray: 78471c71b9d82c23-FRA

GET
H3 200 9151f4bbe99f3990f9b9e20cdb3c4bd7_480x480_3cf614ed-b5a8-4262-a09e-7a2ce3cc2451_480x480.gif
cdn.shopify.com/s/files/1/0476/5905/7317/files/ 77 KB
78 KB 43ms
23ms Image
image/webp 185.146.173.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0476/5905/7317/files/9151f4bbe99f3990f9b9e20cdb3c4bd7_480x480_3cf614ed-b5a8-4262-a09e-7a2ce3cc2451_480x480.gif?v=1602153510

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

185.146.173.22 , Sweden, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69f564eab47cce8f68974e445bd00c12e402e2ee9f6dc48a732e26e151d857e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-east1
age: 48095
source-type: image/gif
server-timing: imagery;dur=319.317, imageryFetch;dur=31.627, imageryProcess;dur=285.858;desc="image", cfRequestDuration;dur=32.999992
source-length: 81317
content-length: 79280
x-xss-protection: 1; mode=block
x-request-id: 981761de-c99b-4066-aded-b846696a3796
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 21 Oct 2022 02:46:14 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8C6avsbvX4RmqnA7UQ37%2BTO9S%2B3OEBL%2FfC6U4xIuCn4iRt2XCy8R%2FfsH1YIglHEjvk%2FqynTdPFrynu9W3s57FdpuqsOuIUHZTj8TmGrZOvMGX70NZm7OZ3DtNgSuBteWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0476/5905/7317/files/9151f4bbe99f3990f9b9e20cdb3c4bd7_480x480_3cf614ed-b5a8-4262-a09e-7a2ce3cc2451_480x480.gif>; rel="canonical"
cf-ray: 78471c7249062c2e-FRA

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a2439630026ae32d9c702079f446427573e7cfe1d9e783ac6d62827e75f61ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3.png
static.wtecdn.net/files/1d8f062a0ab1f2cae04ad8c21c5084a8/ 101 KB
101 KB 500ms
499ms Image
image/png 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wtecdn.net/files/1d8f062a0ab1f2cae04ad8c21c5084a8/3.png
Requested by: Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7d2cc7826f7f09ca8a2239424b7b7ba72a0a04c3dece85db5f10a725871cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3N06AEXJGJBCWCZ7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103152
x-amz-id-2: VJB0n+buv/GTKMCoU/bzJ0IzdJXa+ikwAEcT4cBF0SsNTJR9O6lVSI9lI8XREdKGsqhNzgADWjA=
last-modified: Wed, 04 Jan 2023 09:33:09 GMT
server: cloudflare
etag: "1d8f062a0ab1f2cae04ad8c21c5084a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d81E0uU1ThNRarN%2FMHKELi%2BFkKgBNjANo0jEd9hQL8QvdIrJoUFUB7Y9TNCWTdVG73vn2u2FjRoSqZ7KOlHajaCA14GADPdcmcxIBkIffVy4oZZ918%2BGwSjfAr3FaHyauaxgiZaIAFFToMAAgaGc9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78471c70fd4c5c14-FRA

GET
H2 200 menu.182b619c.svg
screen-window.bestchoice1day.com/_next/static/media/ 211 B
454 B 94ms
93ms Image
image/svg+xml 52.45.63.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://screen-window.bestchoice1day.com/_next/static/media/menu.182b619c.svg

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.63.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-63-199.compute-1.amazonaws.com

Software

Resource Hash

35eff9a4c11b71c6a22de793f01a81d40a0b032892d92fabdbb2b192c98ca760

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 16 Dec 2022 11:37:38 GMT
etag: W/"d3-1851ab9bbd0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 211

GET
H2 200 delete.3103b78c.svg
screen-window.bestchoice1day.com/_next/static/media/ 186 B
428 B 93ms
93ms Image
image/svg+xml 52.45.63.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://screen-window.bestchoice1day.com/_next/static/media/delete.3103b78c.svg

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.63.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-63-199.compute-1.amazonaws.com

Software

Resource Hash

d20f314d60621cc00dcf9f6845f1f968aa74eee3ac71e57ec2fbfcd5647274a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 16 Dec 2022 11:37:38 GMT
etag: W/"ba-1851ab9bbd0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 186

GET
H3 200 2546-d631a8c3628e3701.js
static.wtecdn.net/o/h/p/_next/static/chunks/ 0
4 KB 333ms
317ms Other
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/2546-d631a8c3628e3701.js
Requested by: Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3N030XRA61E16NCG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FVxLeIVH9YzoIeJQQnqnHVWYvEhZvDQ0EAt85Ea9UehgPvjDo6dWsI6uMSUhXtRn4TZb+/eqkIs=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"94eafb5374c3da469065bb505703a993"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtGKJuXRaDXljxLbptdXuKypR9tJusCuuPCwyd6o1rhGBfEp8v5%2By3svLROkCEDkF%2BHiTEyKtowYEvJM%2FLS1lZQnD7DrHylvD9FSUjV88v0d5%2B5QtrgDqFPX1JbNjon5b01%2BlemUw32P1mHDndlSgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c712b32900c-FRA

GET
H3 200 find-fb8be17f325d44f6.js
static.wtecdn.net/o/h/p/_next/static/chunks/pages/track/ 0
921 B 276ms
261ms Other
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/pages/track/find-fb8be17f325d44f6.js
Requested by: Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3N09XC0X3QFWTY0R
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EGjhMKMn+WLtd3RD22igJgtZOqAWgybIyz2wOS+Pw5hg2iDCcNUyKJPVbKNTUJT8O9i2fzOx7q0=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"a22620439b66796c86b07f7ad17fdc47"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WjMllTsg9vV8rQ3Ttf7bNHsAlgsZVUBJOy3pWqh9o5Aw0Vj7GFQrL3yt8FtuQZlUjP0%2Fcdz1azvt1e5DCZ0%2F9R13DNS%2BczA3l%2Bv5%2BU2l0yN3V%2F8w8NmPfaRbLLdPgVXoXaBU5rLFczrXtqv0fNDww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c712b35900c-FRA

GET
H3 200 9412-1d5b77773d77189c.js
static.wtecdn.net/o/h/p/_next/static/chunks/ 0
5 KB 354ms
340ms Other
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/9412-1d5b77773d77189c.js
Requested by: Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3N0E8BG4RT4M1ZN8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5qTrFJ5b5ls9o58tfbSDNXSLU1SzwjhqjnsNrxMczlRJlrGkgs64406v1pnWxzvzsXp+OlHYuVI=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"d5aafdec093984b87023f374ac20ed5d"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcKGb%2F79XSncKRYFqfV6cXwI9PT9CegmmYYB0Eu%2BON9nnWfELg8YbnUh6GwlkiWOAfBESNgxMsQTsCiiVkLNBglVyixN0BisoG6aAn9h8OWVhzawO6k4BwWi%2BePJiNUjXOf7gIQ3V59RfvHO67yeGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c712b37900c-FRA

GET
H3 200 contact-33c317064de3cdf5.js
static.wtecdn.net/o/h/p/_next/static/chunks/pages/ 0
880 B 267ms
252ms Other
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/pages/contact-33c317064de3cdf5.js
Requested by: Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3N02J10JSGAHDCTJ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: olCXawvrD1QBOA5eOKXDnssi+MjnezlXhIxbdq9PWTDHBRqlRdZ5qH/kHre7a01bMThXkqumkcU=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"a6cf75c3028a2dd027c698b2c6ca6727"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BX8%2FY0V8Fgf%2F%2F7V1R6Q%2BnybluEtcXkyjh8y60oxNxul02ipgZZEMyfE23XfY3apjCa5tkJMqY4mlrOIyOpZdm6RcmuFjwHPE318eCel4sLYXaJ0l5sa3jiMHCGfDl7O4LqVny%2FOpXfjuuO4ME49YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78471c712b38900c-FRA

GET
H3 200 511691040814121 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 136ms
124ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/511691040814121?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

471e731ca044f245605adc3a43f597713038b1a8b3aa7cfe0c2693331870b80f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bE+Yu2odYLFzxnzWO6qoaFBX51lqNKP1ucHXwxuo/Mh7ouVgVTQBx0S3N4G1kmh1Z1fLgwWAYFv8Czw0b6tSlg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 be57e1a4ea0c23f7.css Show response
static.wtecdn.net/o/h/p/_next/static/css/ 14 KB
5 KB 366ms
360ms Fetch
text/css 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/css/be57e1a4ea0c23f7.css
Requested by: Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91a92a8fb6d8980c3d228713d52e16f06e41a3cb46f7924a8f10dd69ea0146bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3N0DN2R31BZECQ11
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 11WAvl3zuGcA1S5fRG7X9Yg7bopquDEbZ4C0EpARJ05Cbee7q3aAN1M2fBzYJ5CJ2ITug6IRZ3c=
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"5ac83006e9e295bb1761fc8b73f5546b"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BlX9uIPYVOWBFlnmxKq%2Bfw6wfbuMh6OwvEzBb6cWiHF8WvP41YqkAfxzkAuqiIWSWJmmmZbUihYfgwhW78FWlfbIMg8PgZMAYMavfvf3d4sEf7fNAdlidLgdsxwPWGbjufb4QCS9Lnk8dAWgN48BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 78471c712b39900c-FRA

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
6 KB 314ms
313ms Script
application/x-javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=screen-window.bestchoice1day.com&t=xo&v=5.0.344&source=payments_sdk&client_id=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35E5) /

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-mC7A1uoQ/bX8P6jSB/jwDtih/c7WPTjtIhhYWpHUH02MMRFp' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-mC7A1uoQ/bX8P6jSB/jwDtih/c7WPTjtIhhYWpHUH02MMRFp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 080643693994a
server-timing: traceparent;desc="00-0000000000000000000080643693994a-7583851d47a3e513-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
server: ECAcc (lhd/35E5)
traceparent: 00-0000000000000000000080643693994a-290e867b2c840dd8-01
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
timing-allow-origin: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
358 B 293ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1MVPX20KBK&gtm=2oebu0&_p=881493030&cid=268201885.1672868201&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672868201&sct=1&seg=0&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&dt=bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MVPX20KBK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://screen-window.bestchoice1day.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 838768123919158 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 148ms
148ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/838768123919158?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca1f90468c97aee431fb1d5ed0524940b30f274388f14628f3e4cff4f88a8723

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: H39xRrfG8dHD57pg5mOPeFZTFrXgeRnXt+9cMHGrkVO7CXzV1K+ohqmzg9HJ+yPjXYFBTF20wWTICCYylPq+ug==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 43F7 380 KB
97 KB 479ms
477ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFFaG1jS2N6czRlTWtDRWVja01mMVZ0eXFGNkJhUTcwbF85VWRackJVZHRGYzg0TGJHUDNUV19sYTZWZDBYMkZtel9pVmVTTWJMdmxpZ3MiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9odnB3cXhqeXd1YXZiYm5pc2V3eXdmcnFjY3lwenMifX0&clientID=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs&sdkCorrelationID=f982595216474&storageID=uid_6583e0d3b6_mje6mzy6nde&sessionID=uid_1de7cc58ee_mje6mzy6nde&buttonSessionID=uid_5743a66dd0_mje6mzy6nde&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/359C) /

Resource Hash

d63ffeeba9961ce20f848cf264dfbc09b73377efb34e3f65675b5b2cc94219d3

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://screen-window.bestchoice1day.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Wed, 04 Jan 2023 21:36:41 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5f191-iJUu8HCYiAC8Yr98o7viieDE5Yw"
p3p: true
paypal-debug-id: 00175a1485960
server: ECAcc (lhd/359C)
server-timing: traceparent;desc="00-000000000000000000000175a1485960-ca017afaf0e8722b-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000000175a1485960-e447e041b2337aca-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 805C 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1017 B
2 KB 190ms
189ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3595) /

Resource Hash

9442abbaa744522c9aa90e5930e99999ca24e5c0e1528d9ac450b875ff387afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 094410b750418
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 606
server: ECAcc (lhd/3595)
traceparent: 00-0000000000000000000094410b750418-6c76e454b36c669f-01
etag: W/"3f9-o/Lu1P4ovbE9AURSbja22UWJlA0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://screen-window.bestchoice1day.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 253ms
204ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35D9) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://screen-window.bestchoice1day.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://screen-window.bestchoice1day.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 04 Jan 2023 21:36:41 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 05182a643b93b
server: ECAcc (lhd/35D9)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000005182a643b93b-8df9d5d137ede56a-01
x-content-type-options: nosniff

GET
H2 200 main.MWI1MTgwZGZmMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 234 KB
67 KB 23ms
23ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCPCGARC77U2DQ2AD7L0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0fe31dc85bbc0cc8d5509e81691e22af1a6ff6d6297e2c66591caf31b37fb5ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 15256e9b
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20221220165728444F82EBC2702BC86108
vary: Accept-Encoding
x-cache: TCP_HIT from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0172dda77f217381576066a345a549524793b07a597ac0f950ab7467eecc5fadb176897ee95763d1751637a93bb78470a1bf62d6b734c94c9360e02a64870cb11ef3f0d8a473f8c777b64e829b42b7a0f697b9e1a6fb76740cd25fdba240623cc7
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
content-length: 67582

GET
H2 200 main.MWI1MTgwZGZmMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 248 KB
68 KB 62ms
61ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9L3DTBC77U7J0JTV25G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 31a833fe17d971c72b398404d6c4b340214ff2e88ef7c45e414797e844683057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 15256ea9
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202212201657254B8E6AEE83AD89C86067
vary: Accept-Encoding
x-cache: TCP_HIT from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015dea4975b61cb7523de53bfeff462fcf947b5c23beee269302da8ab04e4f6ce83dae01091c04a7c3130ce6689f9344bd5df88d3c3795396a6d77dcd61159071eaad302d26d91a2fbdbd9f1c8a5e010baf98bf3821a37bc756f9e77f6f7c2490b
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=11
content-length: 68795

GET
H3 200 2546-d631a8c3628e3701.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 10 KB
4 KB 29ms
29ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/2546-d631a8c3628e3701.js
Requested by: Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d392806645d64b6e4907a3b7c1fac3940ad497a7db00fa38f8583c1ca5bce640

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3N030XRA61E16NCG
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FVxLeIVH9YzoIeJQQnqnHVWYvEhZvDQ0EAt85Ea9UehgPvjDo6dWsI6uMSUhXtRn4TZb+/eqkIs=
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"94eafb5374c3da469065bb505703a993"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kpeICx36WOnvSxlgzxmXIJfqoPsrXlEoWzTjL7Zoc11Qk%2FAYlYNReZLiQJNj8YY41302CUG88pORgovx0DAoKspv2xxuBx2QwfDJAiFzQFRNjgTGCYSRnLBqXkJ%2B8KDIOYaeE4IfmcO44OZYcVUEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=14400
cf-ray: 78471c733e30900c-FRA

GET
H3 200 find-fb8be17f325d44f6.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/pages/track/ 303 B
901 B 30ms
29ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/pages/track/find-fb8be17f325d44f6.js
Requested by: Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f81da687a59cf906e8c682a061fef77fc22c60998d1dade0562e25a599b8f176

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3N09XC0X3QFWTY0R
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EGjhMKMn+WLtd3RD22igJgtZOqAWgybIyz2wOS+Pw5hg2iDCcNUyKJPVbKNTUJT8O9i2fzOx7q0=
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"a22620439b66796c86b07f7ad17fdc47"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPeIsHAeX5%2FpsXPUJCxVot6%2F63011LwUUWtAdEpDCBqx3WG27ORLz1rLcgbFabGZtjBEU79%2FX%2B3nw0cGtK9z48CxMRJQnmYxGSd0Ri%2BtMqYgflEQJCzGGST%2BWgEJDRHhhKR%2F8p%2BJvBINBk5rndNbzA%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=14400
cf-ray: 78471c733e33900c-FRA

GET
H3 200 8034989523242570 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 133ms
133ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/8034989523242570?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d93b58860ed24cba5efdef3db8cbb0cc56c10014931d0daeea258609c3e284c0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ioX1CT9aN5Wtr198SBXYQIBgYewLPPY2zuxG042dJdHcbx8dAwgix1s8w8EQfxe75qBOyHAlg/3qGw8mcK8WCg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_13839.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 21ms
20ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_13839.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id: 15256f16
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202212201657264B8E6AEE83AD89C8606C
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015dea4975b61cb7523de53bfeff462fcf947b5c23beee269302da8ab04e4f6ce83dae01091c04a7c3130ce6689f9344bd18c989a8d577c2d5a748da21da8be94ee861c8bcb3716037d4dc081f100a9b3fc119ae5b19c17b376a8ccab519d60d52
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=9
content-length: 30900

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 59 KB
20 KB 279ms
279ms Script
application/javascript 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CEG17OJC77UFTJ8GFDDG&hostname=screen-window.bestchoice1day.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e467843439c49db23ba2df0555bfba47877c5dee4f3e995c2f36813a08bc8fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: gzip
x-akamai-request-id: 15256f73
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202301042136418B79C98004D8AECC77D2
vary: Accept-Encoding
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 186,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c13523aae38dbec71ca30b816a9a4f04ea84a55846c6f0b8227e43bed13408b6f1494d153554f98ada2c326649c1529deac001d5b8ce0b46134322b53a200712b
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=37, origin; dur=186
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
551 B 264ms
263ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
x-akamai-request-id: 15256f85
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202301042136417316B5CB36579C268A71
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 211,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c8d4b807d142c04fddd5a3925f45330536fc8258de915c6d6930d26b303858862d050e588f1b733937c230d8d7b38445349b4190bb25d0eb762befa23a675ee88
server-timing: inner; dur=69, cdn-cache; desc=MISS, edge; dur=16, origin; dur=211
content-length: 0
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 261ms
261ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: abefd26a.15256f86
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 171,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=176, origin; dur=30, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202301042136410998772ADD314BC91C2D
x-cache-remote: TCP_MISS from a23-217-116-207.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.217.116.207
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25862ef71cd6a2edfe871f2f77dd5447252bab7819b0c3d842704f8d82d630e705255b8d257a8fa08f30f75fd8ef3ebea789d41210d10bbc4ea3b738e268315d86561a551c8d320c9cd7ee67d885aaaff9
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
692 B 262ms
262ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: abefd21e.15256f87
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 195,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=186, origin; dur=27, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202301042136413740F8D07E87DECD401F
x-cache-remote: TCP_MISS from a23-217-116-207.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.217.116.207
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25862ef71cd6a2edfe871f2f77dd544725842ad6c4f51b2991b72ee06749ea514ee54317a1922ec291a53f71ea6480295229cee47dfd6ab4c1ad65965010f4035f72c3540ef42060ea0d961db640494a9a
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
550 B 262ms
262ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
x-akamai-request-id: 15256f88
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230104213641FCFAD81C58F67B3E2857
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 189,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c1abc0ed612945ef1bbeeffd8757c5e654cae01f164dab0a4aeeb865b51947282680f11eeaf226e20c4d3c23b3c252ba6d8eb217cf9418fcb9011b745750bffe6
server-timing: inner; dur=21, cdn-cache; desc=MISS, edge; dur=18, origin; dur=188
content-length: 0
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 282ms
282ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8208a7.15256f89
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 224,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=132, origin; dur=103, inner; dur=89
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202301042136416133EB484C9E8EE5A2BE
x-cache-remote: TCP_MISS from a23-217-116-213.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 103,23.217.116.213
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f256790be19cd2782ecd1feeed9262fd5b8f66f72d26cf9d01b6a8e0eb4f8b2cd8e65538923dd41d92fcf2582290d967645cc3691cc426998aa59df25d3b29038d042ec48a42114f0e7302dbdfa9f0dc7f2
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 282ms
282ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 820853.15256f8a
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 217,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=120, origin; dur=107, inner; dur=103
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202301042136415164F675A3684CBF19D0
x-cache-remote: TCP_MISS from a23-217-116-213.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,23.217.116.213
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f256790be19cd2782ecd1feeed9262fd5b8db8d97e7a09735386aa0f244808f4124492d2fcfef9e50300465a3e42bec8332fc7b03545e933019b901fd75e4356813ecb7e744ead788576f82890cc9ecffc1
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 261ms
261ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 38db2ecf.15256f8b
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 169,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=164, origin; dur=22, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023010421364116EA9D82DC0B77BFF4CB
x-cache-remote: TCP_MISS from a23-217-116-221.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.217.116.221
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25852c4bbe2bb226d105d27055eb6f9c4c496026b30daa2251ed99ac4dca0939043727836c941f7a79fa05e80a46b3cf983676524d36f82bbf197e1e44217b1d0b115855835eb73d0423a806067ca29479
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
549 B 290ms
290ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
x-akamai-request-id: 15256fc3
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2023010421364164BA4A18022E5821F50C
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 215,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0cd630b7b2e7fca397beb66c16ab75afcf7f116bdf254673f2853517420bd8e99416179bf7d8102fcdbf805938b21043f156aed7ff9e649182cd6edb7ec03951f7
server-timing: inner; dur=96, cdn-cache; desc=MISS, edge; dur=5, origin; dur=215
content-length: 0
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
696 B 292ms
292ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 35f84cd8.15256fc4
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 210,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=156, origin; dur=60, inner; dur=21
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230104213641602EC128E73796C00543
x-cache-remote: TCP_MISS from a23-217-116-228.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 60,23.217.116.228
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f251b21fef48713458bf479c6445be7765cf70d59f3f738ab0af8e672c591a51cb349cf273b8bf96ac5e461b14a5297deb6d894fb25f559e78309ee07fe26d08fc6bc377751845e88d87c7fb6c06b46aebd
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
550 B 274ms
274ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
x-akamai-request-id: 15256fc5
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2023010421364149A57C2A774FECBE06DA
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 162,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c1101e248352be29cba79b809827125e3b51678a6cf3a1a7f408fd0a00ef987463588240d9b19b8d65b984c6e86b9b7066aafd9089748ca9322e1b64b8525588c
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=14, origin; dur=162
content-length: 0
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
692 B 273ms
273ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6ebcc6f9.15256fc6
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 155,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=17, inner; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023010421364112BE4BA868596CB42059
x-cache-remote: TCP_MISS from a23-48-36-223.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.48.36.223
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb3076234c73ead3fdf4b81e047c0fb052e9a2384df77b8e0a084d4b7ddbf9874302419edf0857bb63c0faf76e4f4ce356dd5d39cddbb528a620f8656cd5536237ad9966a19a685e14fce77657a40c066f3f72e484e2835b4e0486f7e231d96f4fe15eda7
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 281ms
281ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2e230f77.15256fc7
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 160,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=151, origin; dur=26, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202301042136416DA13D7CDE384A2E8991
x-cache-remote: TCP_MISS from a23-217-116-141.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 26,23.217.116.141
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25d852b45c717f6afaf18672cf97f69dcd16a3586d4038306103bc9d5e376dd6f7c20d5452e128e5c44bff2684843e390e59eb0894a225ab9ed8747cbccdccbe00eb669b5d0d824a87d46ade00d7a36ae6
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 274ms
273ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 490ea06d.15256fc8
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 143,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=139, origin; dur=17, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230104213641F9970D04CDAC47270566
x-cache-remote: TCP_MISS from a23-217-116-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.217.116.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f255caaac83e3f5baead78c5c75b8c6b765978673a201b1100f3ea63db066b5658f03cb8c73ba8fef105e3014febd77d43f5a629e5b8c57c01e23e03fa837015cfe97e3566e113cf39f4e6ce800b8e1565d
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
550 B 274ms
274ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
x-akamai-request-id: 15256fc9
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230104213641B76B219574D88423C16F
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 136,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c6c174bda9f776636df79c18edd9076dcd88ec4bcf076deae670e615b1b6f8e2573742d6097985d0aac9c42f6189611066fdeebbe51c94967aac20908ff9adea0
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=14, origin; dur=136
content-length: 0
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
551 B 281ms
281ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
x-akamai-request-id: 15256fca
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2023010421364129EBEBCFF3CF06839331
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 131,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0cda992a7f327e9e1dcb867b6dde7bc38418c1928b798565576c0b7869878723bcebb42d38484a144d5e63c53888fcfdcbad01ee4df117314c98b87ae35a77e3bf
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=13, origin; dur=131
content-length: 0
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 326ms
326ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8ff0227b.15256fcb
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 202,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=131, origin; dur=76, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202301042136412197CBE9A577C8CCD064
x-cache-remote: TCP_MISS from a23-217-116-143.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 76,23.217.116.143
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25ddcde86712001b8682593944e783ec40eac97ad3940f9cf880d72024029da077ea03644a93d212f88225bde0a963fb3573d5e0f4069fad4cfac44bc642a5364ce52452a77e0bc6be8e3ab80ba2aded04
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
550 B 281ms
281ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
x-akamai-request-id: 15256fcc
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230104213641BD5EC75AC51D0B33EBB5
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 141,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c4cb806ecfa0942424324eb600e9faa393430c93b3549dfdbca3883eb31192c124bb262908c4ec0b2f1ffb4249360052dbba8be761b69c8a1040966aabdd82bce
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=11, origin; dur=141
content-length: 0
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 288ms
288ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: eb635496.15256fcd
date: Wed, 04 Jan 2023 21:36:41 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 150,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=133, origin; dur=22, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230104213641FCE706135950D4B9EF1D
x-cache-remote: TCP_MISS from a23-217-116-151.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.217.116.151
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25b6eb4c2b9d150b57051583b57e10015d34e13ca9e312be40e18fcecf90eb430fef11d0b69f89c512145febad3ce28b6111656ed767514fdd9f1281544bcd8747adc8cf7ce76779671d7ed0456f5ea3bc
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
549 B 294ms
294ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
x-akamai-request-id: 15257028
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230104213641C7A4180857C36992B1A9
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 124,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0ce09e3ce2cd091137ccc07c4ed15f4fd24d7edd915f9eebf00236fd555ce6cbe1874d229dc05415ffe9e62d5565c6175a909358648eb2a2792ca676b2917f1b1e
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=6, origin; dur=123
content-length: 0
expires: Wed, 04 Jan 2023 21:36:41 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
550 B 305ms
305ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
x-akamai-request-id: 15257029
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230104213641253FBD33F9D77BCE8FA5
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 129,2.18.41.142
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762342a5e376a2d2f991b28d3af2d03ec9a0c13523aae38dbec71ca30b816a9a4f04e80e660da4fa0ab72edf8047fa05be21b8dc96a1e423853d806b95d5f44a41e120d536f676be2560811c7f82005a8d9f2
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=5, origin; dur=128
content-length: 0
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H3 200 1127179721261034 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1127179721261034?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c16f8c895fd5431af10c3e2dca117fafd0bcf028548ea71c0bfcaff547c8a15a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: D5vDJEi8uytybhZvsG4zD/etzaEyOqHRxMivCYymFO/bOiAhkpBWt99pycJFjkWBt7jqamvfK3RzsGEi7lk2tg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 9412-1d5b77773d77189c.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/ 18 KB
5 KB 17ms
17ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/9412-1d5b77773d77189c.js
Requested by: Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f523af910ac3812a8b60184ba5e3f6d1fe179655c11b1947211eb50210ac95

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3N0E8BG4RT4M1ZN8
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5qTrFJ5b5ls9o58tfbSDNXSLU1SzwjhqjnsNrxMczlRJlrGkgs64406v1pnWxzvzsXp+OlHYuVI=
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"d5aafdec093984b87023f374ac20ed5d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WibnXqL2Ecc55StQSrE6jJwdPpNmmhC6HvWj5idtiznjx4RNFXFxktmffKf7PSaLB%2FumCN32FQIGnEPCmzPVC%2BTKHd07LirHxpe56zhRI7eqfpV8HonSVQ1Jvb3qxttDwy6hV9sMhb9Gt4Zw83WGA%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=14400
cf-ray: 78471c74985b900c-FRA

GET
H3 200 contact-33c317064de3cdf5.js Show response
static.wtecdn.net/o/h/p/_next/static/chunks/pages/ 296 B
893 B 25ms
25ms Script
application/javascript 2606:4700:e4::ac40:a920
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/pages/contact-33c317064de3cdf5.js
Requested by: Host: static.wtecdn.net
URL: https://static.wtecdn.net/o/h/p/_next/static/chunks/main-0c2233da421af265.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a920 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ad2c87b06cf320d5d2756aeedf42a7e643cf8e1d8cfcb6a7212bc0236495604

Request headers

Referer: https://screen-window.bestchoice1day.com/
Origin: https://screen-window.bestchoice1day.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3N02J10JSGAHDCTJ
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: olCXawvrD1QBOA5eOKXDnssi+MjnezlXhIxbdq9PWTDHBRqlRdZ5qH/kHre7a01bMThXkqumkcU=
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 11:41:12 GMT
server: cloudflare
etag: W/"a6cf75c3028a2dd027c698b2c6ca6727"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4RsPuifMjC3MBcbZpNJZxeSLDgWZff3yiLp9mar43VSZy%2BE6o%2B00Am4UGeq8Hbai7YHoyNXMe5MYLklKUWJSx9kbGVgdGCgPgb1Tl6%2BI%2BlgMUhRSacD%2Fk0smCFWwRgFK2hh4ErNaXtQ2o57kkTlUA%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=14400
cf-ray: 78471c74985e900c-FRA

GET
H2 200 ts
t.paypal.com/ 42 B
566 B 218ms
167ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1672868201701&g=0&completeurl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3599) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/3599)
traceparent: 00-00000000000000000005cea356b278bc-4ed6bf41f84a0238-01
content-type: image/gif
paypal-debug-id: 5cea356b278bc
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Wed, 04 Jan 2023 21:36:41 GMT

GET
H3 200 789459402345527 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 150ms
149ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/789459402345527?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086beeacd37ffc612de52bdf4a4c409966ffce503eaacc21632f9377e8fc8f88

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: lyqK9Cq/EuSpTfZemp1EB547hZgC95O1hC7g3Ap+wUaD0Yh9x8wadiExzCMY/jmOlGGKSbMxGsTZsA3IqWsQrA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 231ms
230ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a0155b9.1525711a
date: Wed, 04 Jan 2023 21:36:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 207,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=107, inner; dur=55
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023010421364152A857EE54FDC430F126
x-cache-remote: TCP_MISS from a23-217-116-164.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,23.217.116.164
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f25d4011fec25942faf940ec50397a9ebe0ff74496e2bbaaabc2668c0748a890a09578b48e7c16413b9b817a1d9b95375ceaf1db58adbdd6457094316eec748937a1c42862b313e286440ce3ff6cb558ec0
expires: Wed, 04 Jan 2023 21:36:42 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 158ms
158ms Ping
text/plain 88.221.92.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-142.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ce8d4bf3.1525711e
date: Wed, 04 Jan 2023 21:36:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-142.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 128,2.18.41.142
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=29, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230104213641EAF12EA43841ED346363
x-cache-remote: TCP_MISS from a23-217-116-173.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.217.116.173
x-tt-trace-host: 01aea4b3b827b7143b37a1c7fcb30762348287447712e0e6a7f6480f0fae9b3f2535f156f27b0ff95d9415ee8ffbebec6e01b9e862930bae31a64386fd420515f8b8c47d8d16ab408e4584b24b9079f5b47c5e77ffad1341d113e2283ac3ff21c533b850c9b91c4e362a53429050f5ccb4
expires: Wed, 04 Jan 2023 21:36:42 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 43F7 329 KB
99 KB 9ms
9ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFFaG1jS2N6czRlTWtDRWVja01mMVZ0eXFGNkJhUTcwbF85VWRackJVZHRGYzg0TGJHUDNUV19sYTZWZDBYMkZtel9pVmVTTWJMdmxpZ3MiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9odnB3cXhqeXd1YXZiYm5pc2V3eXdmcnFjY3lwenMifX0&clientID=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs&sdkCorrelationID=f982595216474&storageID=uid_6583e0d3b6_mje6mzy6nde&sessionID=uid_1de7cc58ee_mje6mzy6nde&buttonSessionID=uid_5743a66dd0_mje6mzy6nde&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D05) /

Resource Hash

721cfa283fc7f191cedef6e2a469ccbf469ed8832ec70e60b3d4408e6ddcef9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-njX0y1jeK6xD7aBHe48HoBnnWuUD+dUIEf2fobrryc1/kd8M' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-njX0y1jeK6xD7aBHe48HoBnnWuUD+dUIEf2fobrryc1/kd8M' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFFaG1jS2N6czRlTWtDRWVja01mMVZ0eXFGNkJhUTcwbF85VWRackJVZHRGYzg0TGJHUDNUV19sYTZWZDBYMkZtel9pVmVTTWJMdmxpZ3MiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9odnB3cXhqeXd1YXZiYm5pc2V3eXdmcnFjY3lwenMifX0&clientID=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs&sdkCorrelationID=f982595216474&storageID=uid_6583e0d3b6_mje6mzy6nde&sessionID=uid_1de7cc58ee_mje6mzy6nde&buttonSessionID=uid_5743a66dd0_mje6mzy6nde&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-njX0y1jeK6xD7aBHe48HoBnnWuUD+dUIEf2fobrryc1/kd8M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-njX0y1jeK6xD7aBHe48HoBnnWuUD+dUIEf2fobrryc1/kd8M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 21:36:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 10455
x-cache: HIT
p3p: true
paypal-debug-id: 004736b375552
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 100609
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Jan 2023 18:42:26 GMT
server: ECAcc (frc/4D05)
traceparent: 00-0000000000000000000004736b375552-22a34d31370d7259-01
etag: W/"18901-YNznJhYEwRq+dpk7jBfeaxnDG1Y"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 43F7 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 670466447739299 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 118ms
118ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/670466447739299?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57114303fd064ed79116b7befa2deeccb24a43309d8e4db3a9f043f357672e09

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rRHVIMq5s0BFDS9YqUPonOO6kwqvFKCN1E0OjoxXuGCxtTAumPrJ8fLiTZcpRNF1nQZE9d1o1lGTCqc7jwPbcw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 669223801446974 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 146ms
146ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/669223801446974?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

129a5ba6240abdafe4e67497cedd8da9cbf2ae1298ae09559626acd2ed2ebc9c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: XkIJUOE/muSH6Atspf0oAo1mhx52+t1SFH+F2mLMYr6l8+unZ+JDdPQdqe8dcoCRLoaYF28tI1CHK/ln9gZO+g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 876760829629880 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 118ms
118ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/876760829629880?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ab91ac081a8a439f1b4314cac5be29013b479409f5129b0118c4a83ff9e5136

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: W/A3w2Kytwi9ri4ykjSOI4tuEKuBZVDkUQxTeRLzXs0p+liB/jpyYeRg8Z7ymKVAuTBiFAFU/syOUiazhlXkOg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1084246075595929 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 169ms
169ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1084246075595929?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac2dda6054cc0ba8cce6b9b2d17ddd800babb40382b80513b125e69dea2f8096

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 8oeoPkEhhLeXGtcXyJ6Tg4CSbqqH/dMOpJ95lh609oMI888KaD0XxkFadM48zoDmHZe/bLsl55VgS0y8lQNkng==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 43F7 58 KB
20 KB 49ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 4135
x-cache: HIT
paypal-debug-id: 5fff6b0e53f6d
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20336
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-00000000000000000005fff6b0e53f6d-0a51215fd8102c01-01
etag: "63a1ee03-e9eb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 21:36:42 GMT

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 6CD5 160 B
1 KB 202ms
202ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35E2) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 683c5b867c52e
date: Wed, 04 Jan 2023 21:36:41 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: 683c5b867c52e
server: ECAcc (lhd/35E2)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000683c5b867c52e-af3e1c2049c7a35a-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 6484
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_1de7cc58ee_mje6mzy6nde&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_1de7cc58ee_mje6mzy6nde&s=SMART_PAYMENT_BUTTONS

42 B
299 B

122ms
32ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_1de7cc58ee_mje6mzy6nde&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFFaG1jS2N6czRlTWtDRWVja01mMVZ0eXFGNkJhUTcwbF85VWRackJVZHRGYzg0TGJHUDNUV19sYTZWZDBYMkZtel9pVmVTTWJMdmxpZ3MiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9odnB3cXhqeXd1YXZiYm5pc2V3eXdmcnFjY3lwenMifX0&clientID=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs&sdkCorrelationID=f982595216474&storageID=uid_6583e0d3b6_mje6mzy6nde&sessionID=uid_1de7cc58ee_mje6mzy6nde&buttonSessionID=uid_5743a66dd0_mje6mzy6nde&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 21:36:42 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_1de7cc58ee_mje6mzy6nde&s=SMART_PAYMENT_BUTTONS
Date: Wed, 04 Jan 2023 21:36:42 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 43F7 1023 B
2 KB 184ms
183ms Ping
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35AA) /

Resource Hash

b3444e4da7c75a1b971482adee1fd9861d7d3e1aa3908bd70e0b2800614fc35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFFaG1jS2N6czRlTWtDRWVja01mMVZ0eXFGNkJhUTcwbF85VWRackJVZHRGYzg0TGJHUDNUV19sYTZWZDBYMkZtel9pVmVTTWJMdmxpZ3MiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9odnB3cXhqeXd1YXZiYm5pc2V3eXdmcnFjY3lwenMifX0&clientID=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs&sdkCorrelationID=f982595216474&storageID=uid_6583e0d3b6_mje6mzy6nde&sessionID=uid_1de7cc58ee_mje6mzy6nde&buttonSessionID=uid_5743a66dd0_mje6mzy6nde&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Jan 2023 21:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 060195a6b398a
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 616
server: ECAcc (lhd/35AA)
traceparent: 00-0000000000000000000060195a6b398a-fed2abe590ad9e2a-01
etag: W/"3ff-L7KJF0V1iS9CDCxF8RGhTKO5/rM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

GET
H3 200 801921990874891 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 173ms
173ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/801921990874891?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30885ca0d54404ca828368cc30ecb58c3fb16ebf4e763fa834c6c5d957bf5182

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: aV4GOcG10HihfbI+qJ0WQAI+yBmG9e/IFc0Q/QiBi0G/tiU0ANxQ1PPVb9ml/qO4+iV5LMjvqVh/qEwMvV1WHw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 532480932051719 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 164ms
163ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/532480932051719?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33c6e2d952fb06c1f450692206335073ae054d2faf8305899f3af54eace9df1e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Jan 2023 21:36:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NUt4wpcI811h7NyjNXf2oHar4oy5mq91Ucqpo0Rvj89SCDfGQm1L3F7g05lTPyQVxwi7ptJE4f8h9AKw5RDZlg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 6CD5 58 KB
20 KB 8ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 4135
x-cache: HIT
paypal-debug-id: 5fff6b0e53f6d
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20336
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-00000000000000000005fff6b0e53f6d-0a51215fd8102c01-01
etag: "63a1ee03-e9eb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 21:36:42 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 6CD5 125 B
756 B 185ms
185ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3585) /

Resource Hash

f71ca8441f4d4767da38ced497e2b28dc08dcfc83bc9947cc4058cde8218a321

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Jan 2023 21:36:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 959a4f2fda8ee
server: ECAcc (lhd/3585)
traceparent: 00-0000000000000000000959a4f2fda8ee-516f9628ae173067-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 959a4f2fda8ee
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 6CD5 0
96 B 174ms
174ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35E6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Jan 2023 21:36:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 42f6b03ac7f8
server: ECAcc (lhd/35E6)
traceparent: 00-0000000000000000000042f6b03ac7f8-fc3aa3f7b7791fc5-01
paypal-debug-id: 42f6b03ac7f8
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 6CD5 0
157 B 270ms
180ms Image
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_1de7cc58ee_mje6mzy6nde&s=SMART_PAYMENT_BUTTONS

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35FB) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:36:42 GMT
content-encoding: gzip
correlation-id: 3a51ba1d7f467
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35FB)
traceparent: 00-00000000000000000003a51ba1d7f467-735313071bd751a5-01
vary: Accept-Encoding
paypal-debug-id: 3a51ba1d7f467
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 20

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 43F7 1013 B
1 KB 186ms
185ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3587) /

Resource Hash

e1c56de6e5f747341ed8d4e4cef5c2c899ed71d11f408bc8a1416ffd7ace717d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=55&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWFFaG1jS2N6czRlTWtDRWVja01mMVZ0eXFGNkJhUTcwbF85VWRackJVZHRGYzg0TGJHUDNUV19sYTZWZDBYMkZtel9pVmVTTWJMdmxpZ3MiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9odnB3cXhqeXd1YXZiYm5pc2V3eXdmcnFjY3lwenMifX0&clientID=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs&sdkCorrelationID=f982595216474&storageID=uid_6583e0d3b6_mje6mzy6nde&sessionID=uid_1de7cc58ee_mje6mzy6nde&buttonSessionID=uid_5743a66dd0_mje6mzy6nde&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 04 Jan 2023 21:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 05a80a5547956
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 604
server: ECAcc (lhd/3587)
traceparent: 00-000000000000000000005a80a5547956-e909ffff1683f7a7-01
etag: W/"3f5-5JxcExSXnMy37oISoYXXP+cNPDI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 43ms
10ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=511691040814121&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202986&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 43ms
10ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=838768123919158&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202987&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 43ms
11ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=8034989523242570&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202987&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 44ms
11ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1127179721261034&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202988&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 44ms
12ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=789459402345527&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202988&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&exp=c0&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 44ms
12ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=670466447739299&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202989&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 52ms
40ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=669223801446974&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202989&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 30ms
17ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876760829629880&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202990&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 32ms
19ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1084246075595929&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202991&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 31ms
18ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=801921990874891&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202991&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 33ms
19ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=532480932051719&ev=PageView&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202992&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 30ms
17ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=511691040814121&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202992&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 31ms
19ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=838768123919158&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202993&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 29ms
17ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=8034989523242570&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202994&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 24ms
12ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1127179721261034&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202994&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 25ms
13ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=789459402345527&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202994&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 26ms
13ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=670466447739299&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202995&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 26ms
14ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=669223801446974&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202995&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 27ms
15ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876760829629880&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202996&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 27ms
15ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1084246075595929&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202996&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 28ms
16ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=801921990874891&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202997&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 29ms
16ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=532480932051719&ev=ViewContent&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868202997&cd[content_type]=product&cd[currency]=USD&cd[content_ids]=%5B1000000010346%5D&cd[value]=19.98&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&rqm=GET

Requested by

Host: screen-window.bestchoice1day.com
URL: https://screen-window.bestchoice1day.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1002 B
2 KB 254ms
253ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AaEhmcKczs4eMkCEeckMf1VtyqF6BaQ70l_9UdZrBUdtFc84LbGP3TW_la6Vd0X2Fmz_iVeSMbLvligs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/370C) /

Resource Hash

b4b8b94e8aa5c0f678092858ea11dc9c41ab175d98bdd16ea5bd009e495a18de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Wed, 04 Jan 2023 21:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 0247776a76a45
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 598
server: ECAcc (lhd/370C)
traceparent: 00-00000000000000000000247776a76a45-63f75909ea635b76-01
etag: W/"3ea-1jLIxKT3C6CRSUYVKH1Na3uAekk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://screen-window.bestchoice1day.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 195ms
194ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35C2) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://screen-window.bestchoice1day.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://screen-window.bestchoice1day.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 04 Jan 2023 21:36:43 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 02312a93b41b4
server: ECAcc (lhd/35C2)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000002312a93b41b4-a216e745b22993ee-01
x-content-type-options: nosniff

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=511691040814121&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203488&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=838768123919158&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203490&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=8034989523242570&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203491&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1127179721261034&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203492&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=789459402345527&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203494&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=670466447739299&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203495&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=669223801446974&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203496&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876760829629880&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203497&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1084246075595929&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203498&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 11ms
11ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=801921990874891&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203499&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
10ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=532480932051719&ev=Microdata&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&rl=&if=false&ts=1672868203500&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush%20%22%7D&cd[OpenGraph]=%7B%22og%3Aprice%3Aamount%22%3A%2219.98%22%2C%22og%3Aprice%3Acurrency%22%3A%22USD%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1672868202985.996534102&it=1672868201138&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://screen-window.bestchoice1day.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Jan 2023 21:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 32ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1MVPX20KBK&gtm=2oebu0&_p=881493030&cid=268201885.1672868201&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1672868201&sct=1&seg=1&dl=https%3A%2F%2Fscreen-window.bestchoice1day.com%2F&dt=bestchoice1day%20-%20%F0%9F%94%A5LAST%20DAY%20SALE%2070%25%20OFF%E2%9C%A82%20In%201%20Screen%20Window%20Cleaning%20Brush&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MVPX20KBK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://screen-window.bestchoice1day.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 21:36:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://screen-window.bestchoice1day.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
screen-window.bestchoice1day.com/	1969-12-31 23:59:59	Name: _wa_gid_ Value: e04e7b30-8c77-11ed-8844-b1e74466e498
screen-window.bestchoice1day.com/	1970-01-20 08:42:34	Name: _wa_sid_ Value: e04e7b31-8c77-11ed-8844-b1e74466e498
.bestchoice1day.com/	1970-01-20 18:17:08	Name: _ga Value: GA1.1.268201885.1672868201
.bestchoice1day.com/	1970-01-20 18:17:08	Name: _ga_1MVPX20KBK Value: GS1.1.1672868201.1.1.1672868201.0.0.0
.paypal.com/	1970-01-20 08:41:39	Name: LANG Value: de_DE%3BDE
.paypal.com/	1970-01-20 17:26:44	Name: enforce_policy Value: gdpr_v2.1
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AMs3kHOVIZPT4hA5smPO55IwTdYwc0gaY.eewtklCr%2B056%2BPv2PfXHri%2BxSYNg8kw70zovu5nkvCE
.tiktok.com/	1970-01-20 18:02:44	Name: _ttp Value: 2JsYLVywtJOa76VyiWM0z5Xxdx6
.bestchoice1day.com/	1970-01-20 18:02:44	Name: _tt_enable_cookie Value: 1
.bestchoice1day.com/	1970-01-20 18:02:44	Name: _ttp Value: oy7dAcx3cSHE49223mVsZT0Lsdo
.paypal.com/	1970-01-20 08:41:10	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-20 18:17:08	Name: ts_c Value: vr%3D7eb703151850a2772b1d93e7ff8ffd7b%26vt%3D7eb703151850a2772b1d93e7ff8ffd7a
.paypal.com/	1970-01-20 08:45:27	Name: tsrce Value: loggernodeweb
.paypal.com/	1970-01-20 18:17:08	Name: ts Value: vreXpYrS%3D1767562602%26vteXpYrS%3D1672870002%26vr%3D7eb703151850a2772b1d93e7ff8ffd7b%26vt%3D7eb703151850a2772b1d93e7ff8ffd7a%26vtyp%3Dnew
.bestchoice1day.com/	1970-01-20 10:50:44	Name: _fbp Value: fb.1.1672868202985.996534102
.c.paypal.com/	1970-01-20 18:17:08	Name: sc_f Value: yumbssr_DIXjSR-jG56PUVm0M5QqTPCegGKWrJ_XB6Bz6XafIYvj7jFL_7db3EneTaa-2Lxt8K9o4cHpthdoev_VZjjSfkm1KWtSTm
.paypal.com/	1970-01-20 18:17:08	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: B471JzckkJjMWMrMS2vVxKxn8fsz6lyxTzbwatlCzOja_V5zG_KZHeU5oqW5nZ297PsdwGx9q1QQM-J4
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY3Mjg2ODIwMjk4MiIsImwiOiIwIiwibSI6IjAifQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.hotishop.com
cdn.shopify.com
cdn.wshopon.com
connect.facebook.net
dub.stats.paypal.com
picker.wtecdn.net
region1.google-analytics.com
screen-window.bestchoice1day.com
static.wtecdn.net
t.paypal.com
www.facebook.com
www.googletagmanager.com
www.paypal.com
www.studytienganh.vn
103.184.124.250
103.184.44.3
103.184.45.252
185.146.173.22
192.229.221.25
2001:4860:4802:32::36
2606:4700:e4::ac40:a920
2a00:1450:4001:806::2008
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
44.193.101.40
52.45.63.199
64.4.245.84
88.221.92.142
0664c6719c07d27ad6523c531a6a1f3f084ee1d4dbbc1ac828fdb2c696d63994
07d63c63474652bf552370826d756bfca0e8d9e7dfef5af3b315ec443f44f31a
086beeacd37ffc612de52bdf4a4c409966ffce503eaacc21632f9377e8fc8f88
0fe31dc85bbc0cc8d5509e81691e22af1a6ff6d6297e2c66591caf31b37fb5ae
10df6d94566c5850e8db4fbd6f3e40ffcf0804a908f669d5346d157847d3fb0e
115a909568b9662819d9362a9a066e031953adc0450c90bdbf30d27ab531cfac
129a5ba6240abdafe4e67497cedd8da9cbf2ae1298ae09559626acd2ed2ebc9c
13f523af910ac3812a8b60184ba5e3f6d1fe179655c11b1947211eb50210ac95
18e484f68a28030f1435a6726ddfdf3ce438bed1ae9659c5d9d57f0cf8299602
1b9596f4c96b0b915e68d4c91dd4db1b4c46287d2408a884c924824435bb926a
1c09694c5dd21362ae3b276988d033bd4badc49c4c9da6f748cfdfb9caa8f381
20a7960018a110ee982efd6d80e28a14facfcacea53fcdbd4a517221a0d73da8
21d510a730e1b96b8d8187a5f76b64c5145f0ea79e653a6cf2ff3b47587855f4
22101c60e3b7e8ff908943ddd3a9d18c3a89b35cf0c00670343ae8cdbf7988ee
227772dc428db60357c5e7f86934c0ef8847b8e4b604867c91483ad16c34f60b
24215fda70e7e35e30e256a65ae404f837ead28ed876463d561cf41b1da2518c
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
25b3741516e6ec562692d18ebc8fc9ade39648b67b51f73b853d96e8d669455f
26b46d5ef4a040d69528f0bb22dd65dac746b6b81c58c1201e6e29a2525f9907
27a633740824c87e0b24cf48b2d58f44a14ed65bbc8efa5060a99257bb449865
2901e9393b8b9bacf823c4db02b9208cc9a53e097e3ba4961ad244c3cd58f487
2ad2c87b06cf320d5d2756aeedf42a7e643cf8e1d8cfcb6a7212bc0236495604
2b7e8aa24dccd3b58a09277b05752b6ee5cac376f98f45cf36462bf8271c8999
30885ca0d54404ca828368cc30ecb58c3fb16ebf4e763fa834c6c5d957bf5182
3097b0a8d0e41ca5c5ded7cb246bb18ea66ac111295becfeb806c5f721ad9731
31a833fe17d971c72b398404d6c4b340214ff2e88ef7c45e414797e844683057
33c6e2d952fb06c1f450692206335073ae054d2faf8305899f3af54eace9df1e
33e7a14ea113ac8ab9178cda070db29252d9fe95270d62123e6000d46381ddb9
3492693dae39a4ef411b3914c06a34d8a6be80d52a1d123812eafb79010435a9
35eff9a4c11b71c6a22de793f01a81d40a0b032892d92fabdbb2b192c98ca760
37928e041b3f6d7e5b0a0c69bc1e385e2c2f24a8af27d9523b184ef629d805a0
37c4b262e7ba271a08bd162c0ee6da69044aa8a09ac37778ad5e40fca3960122
3d300ab2f563f1c76461565d0696b945b3ec5db9e334939d1cc5a723b4826092
3df6c1736fb134b2a7c45a00533b18734eca279c681fa27c0613db2f853e35d9
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
471e731ca044f245605adc3a43f597713038b1a8b3aa7cfe0c2693331870b80f
4964faeb0b5218cbe7872de859a13632cc941f46e686bdb6ad54a68f23ef6190
55abe62051d6d231bc1e30f51b9026e06cd42b7acb7fa8b61dfc377bcf5542a1
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
57114303fd064ed79116b7befa2deeccb24a43309d8e4db3a9f043f357672e09
587887e0fe555a4658f93ee445be554d106de2cd567d42df43132508bfdbdbad
5fce8285d6a8663b020648b8177fb686cae4a8bf38ff7b7556204c5a93e452f6
67343ec4ead1964532243184884c9f762c8574ffc7a5b9c76e6700b70f00cd30
69f564eab47cce8f68974e445bd00c12e402e2ee9f6dc48a732e26e151d857e8
6ab91ac081a8a439f1b4314cac5be29013b479409f5129b0118c4a83ff9e5136
6b8bee6e32c692dc85e6ca96001cd2e90c939ddd7a53f51de0584202bd15a181
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
701e85f2dd00b8d644232d854e9333d152c753e9bdfd2867a6c98fe50b6c83a4
721cfa283fc7f191cedef6e2a469ccbf469ed8832ec70e60b3d4408e6ddcef9d
768e6ffc67d0b8b045deedf46eee17dcea52d9b0b8bf1267a6a4ec95d0825a54
76c4657fd089ce604dd04556e4f5710d0bcabd2b765187716811ce1c52cc5a30
7a0a768078455763a4ddda7b0dd13b8356188ff3b21a1939639f115483d9ded7
80135834d537674f50ab614d48d3c75aa4d7f16fb4f29e75a3516312921cae8f
85aeb7a52482d7bb6a123b139174a5266e4904998a966b7ec53a5827d35d5f97
86452156f971db3fe61c509dede9bee61d9f680c02d7373c11e9e5bf81f2128f
8675092fc59fc61f6aad74c17df980d1551ff8502fc0650a2fc61caf9a9c4ce8
899c796de0fc7cd488d7ed19260d40f077d772bd148344b5b3793ae82d3d27d7
8ab2302b301d40f537d89d362238bdd1f19d4852f069de6db7f19d8c607eec0a
8e7d1b041c75c1356235e6a0079c1800f2eb5af838b01a6311b3e45f6039762a
8ea03bd746f566b909f43c44cc5aeb50df72b7de88241313def24c13f2a83173
91a92a8fb6d8980c3d228713d52e16f06e41a3cb46f7924a8f10dd69ea0146bc
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9442abbaa744522c9aa90e5930e99999ca24e5c0e1528d9ac450b875ff387afa
97a92dbf763c7d63194f68f9cf5488d8d055231874dc2812abd3e05b3f4916c1
9a2439630026ae32d9c702079f446427573e7cfe1d9e783ac6d62827e75f61ae
9ca1178c91ee83ff3ae2c6205cd0613b4b10f7e24df47cd275808954218ddb92
a0948965125b8156d9553d86ec365d3b29f72f3b2c9dc6110cfbab63f9fd06b9
a586cc425bd7fc4e4559e94a98f0e407aea0a1280b2e12fb6c6ddcbaf409ae52
a607c6c63b759a8c49bcdb3670fcbab3ebf12fcb68a122d0866f479001bb1f2f
a7d379d31dd517198d442430c50220ff290cc36b50d76ad3864e2c41891146ea
ac2dda6054cc0ba8cce6b9b2d17ddd800babb40382b80513b125e69dea2f8096
ae0137129daf0f68563b6193eef0d5bd3d8eaadacfb17619b366e90dc4e0052d
b1e577e71226f620b7cfdd84993297663fefac103a40260a168cd82ceae7ba72
b3444e4da7c75a1b971482adee1fd9861d7d3e1aa3908bd70e0b2800614fc35d
b3a8c690368f2fbd7d0b6b8b56a7122cda8ec495c648d9f76f9565487c19a092
b4b8b94e8aa5c0f678092858ea11dc9c41ab175d98bdd16ea5bd009e495a18de
b55d78d34bf4f49f9aa5bc203a3065c9a2fb5fc63e87b09112adf10677552a58
bd394a1d749378e50f142a18a3c4db89365e51ed98dd8bff6bc1cb160cdcc3d0
c16f8c895fd5431af10c3e2dca117fafd0bcf028548ea71c0bfcaff547c8a15a
c1afa6d04916bf42873b8227b592bef9f3106fb53637716c04ebdfcd36901eed
c545388f69d9aacd5173a79f465212106b34f65b516a999e317e7dd3ff6106b5
ca1f90468c97aee431fb1d5ed0524940b30f274388f14628f3e4cff4f88a8723
cab32756f225c0c92ed74a4192f6cb481ad1f2724fd8eabd8d961dc49fe3857e
cd7d2cc7826f7f09ca8a2239424b7b7ba72a0a04c3dece85db5f10a725871cd9
d0f5e00b55d52f5612e9d7d2924265cd67d7337714c15a167c4d62e93d9c136a
d20f314d60621cc00dcf9f6845f1f968aa74eee3ac71e57ec2fbfcd5647274a0
d293079f22d443769debc670a716a8c45bdb735ffe18fa8407152b0a0e94c452
d392806645d64b6e4907a3b7c1fac3940ad497a7db00fa38f8583c1ca5bce640
d58a1eaf00accf3eece0029a995b6016f44b965b0b7afff4d0971ef3665f2483
d63ffeeba9961ce20f848cf264dfbc09b73377efb34e3f65675b5b2cc94219d3
d93b58860ed24cba5efdef3db8cbb0cc56c10014931d0daeea258609c3e284c0
d9e36373848ad01a244112b2eb4cf781d74a7c4d4183125d8ab2f1d0d6473f38
dbe88e213d402183bfba14f8f5305ab931589b977b031511be261b718b7c71cd
de1acf3892a91daf85361b22c3eb8c791273dca93483c34b562123411e17cac6
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6
e1c56de6e5f747341ed8d4e4cef5c2c899ed71d11f408bc8a1416ffd7ace717d
e307f43a6a0c39db679deb48251ddf6482e397f088d08f2e0af852a2de9b9254
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467843439c49db23ba2df0555bfba47877c5dee4f3e995c2f36813a08bc8fc1
e6167073a006736695e03b79e5c683f1e8df7fbc05acd2eca8e99304abeed084
e762531a84df94826553f40a664cb5c4907e5bd226fce2875a0afce06efbc38f
eaff3605c2b2390509833459749ea044f41fcba8b39b818baa65727e9ee1408d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11425170f639c7a8f07fe79d3e6392cb8b427d1496887f4e075a7190a5effb6
f4368e16d8597a947fdb8c949f163dd080cb4e25426b16a0d50f6c9678adb223
f71ca8441f4d4767da38ced497e2b28dc08dcfc83bc9947cc4058cde8218a321
f81da687a59cf906e8c682a061fef77fc22c60998d1dade0562e25a599b8f176
feaf85d4e8151fe8be348d98e9cd03afe6a9fc653303eb623389b504a3d65c16
ff7ab4781cd04692338e9a5e0caf3e48dabd8c1f7bf53a1e36b9666f48fbb691

screen-window.bestchoice1day.com Open in urlscan Pro 52.45.63.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

177 Requests

99 %HTTPS

36 %IPv6

12 Domains

18 Subdomains

15 IPs

6 Countries

9368 kBTransfer

14255 kBSize

18 Cookies

0 Outgoing links

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

screen-window.bestchoice1day.com Open in urlscan Pro
52.45.63.199 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

99 %
HTTPS

36 %
IPv6

12
Domains

18
Subdomains

15
IPs

6
Countries

9368 kB
Transfer

14255 kB
Size

18
Cookies

177 HTTP transactions
5 data transactions