urlscan.io logo urlscan.io
SecurityTrails logo

www.direct.com Open in urlscan Pro
35.152.104.113  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://abrechnungsmanager-paypal.dcy.one/m/f03632632
Effective URL: https://www.direct.com/m
Submission: On January 06 via manual from IE — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 6 countries across 20 domains to perform 61 HTTP transactions. The main IP is 35.152.104.113, located in Milan, Italy and belongs to AMAZON-02, US. The main domain is www.direct.com.
TLS certificate: Issued by R10 on November 10th 2024. Valid for: 3 months.
This is the only time www.direct.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 34.44.31.3 396982 (GOOGLE-CL...)
1 1 75.2.70.75 16509 (AMAZON-02)
1 35.152.104.113 16509 (AMAZON-02)
14 104.18.160.117 13335 (CLOUDFLAR...)
1 52.222.232.144 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:29:1... 8075 (MICROSOFT...)
2 104.18.187.31 13335 (CLOUDFLAR...)
1 142.250.186.164 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 20.114.189.70 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:480... 20940 (AKAMAI-AS...)
2 157.240.253.1 32934 (FACEBOOK)
2 2606:4700:440... 13335 (CLOUDFLAR...)
5 2600:9000:272... 16509 (AMAZON-02)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 157.240.253.35 32934 (FACEBOOK)
4 2600:9000:272... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 34.199.211.219 14618 (AMAZON-AES)
61 25
2    34.44.31.3 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.31.44.34.bc.googleusercontent.com
abrechnungsmanager-paypal.dcy.one
1    75.2.70.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com
direct.com
1    35.152.104.113 (Milan, Italy)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-152-104-113.eu-south-1.compute.amazonaws.com
www.direct.com
14    104.18.160.117 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    52.222.232.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-144.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
2    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:4400::6812:29af (United States)

ASN13335 (CLOUDFLARENET, US)
assets.calendly.com
4    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    104.18.187.31 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c1f::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.es
3    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    2a02:26f0:480:15::213:7e4a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
snap.licdn.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
2    2606:4700:4400::ac40:9473 (United States)

ASN13335 (CLOUDFLARENET, US)
sibautomation.com
5    2600:9000:2724:3400:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.glia.com
api.salemove.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
4    2600:9000:2724:3c00:0:99b9:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
libs.salemove.com
1    2606:4700:4400::6812:2528 (United States)

ASN13335 (CLOUDFLARENET, US)
in-automate.brevo.com
1    34.199.211.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-211-219.compute-1.amazonaws.com
client-logger.salemove.com
Apex Domain
Subdomains		 Transfer
14 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 6218
584 KB
8 salemove.com
libs.salemove.com — Cisco Umbrella Rank: 18407
api.salemove.com — Cisco Umbrella Rank: 16802
client-logger.salemove.com — Cisco Umbrella Rank: 12777
428 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
t.clarity.ms — Cisco Umbrella Rank: 8178
c.clarity.ms — Cisco Umbrella Rank: 1269
32 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
px4.ads.linkedin.com — Cisco Umbrella Rank: 7032
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
338 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
30 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 glia.com
api.glia.com — Cisco Umbrella Rank: 14346
39 KB
2 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 23280
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
79 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
24 KB
2 direct.com
direct.com
www.direct.com
10 KB
2 dcy.one
abrechnungsmanager-paypal.dcy.one
12 KB
1 brevo.com
in-automate.brevo.com — Cisco Umbrella Rank: 24219
99 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
774 B
1 google.es
www.google.es — Cisco Umbrella Rank: 25894
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
553 B
1 calendly.com
assets.calendly.com — Cisco Umbrella Rank: 13800
4 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
32 KB
61 20
Domain Requested by
14 cdn.prod.website-files.com www.direct.com
cdn.prod.website-files.com
4 libs.salemove.com api.glia.com
libs.salemove.com
4 www.googletagmanager.com www.direct.com
www.googletagmanager.com
4 cdn.jsdelivr.net www.direct.com
cdn.jsdelivr.net
3 api.salemove.com libs.salemove.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 t.clarity.ms www.clarity.ms
3 www.clarity.ms cdn.prod.website-files.com
abrechnungsmanager-paypal.dcy.one
www.clarity.ms
2 www.facebook.com
2 api.glia.com www.googletagmanager.com
api.glia.com
2 sibautomation.com abrechnungsmanager-paypal.dcy.one
sibautomation.com
2 connect.facebook.net abrechnungsmanager-paypal.dcy.one
connect.facebook.net
2 snap.licdn.com abrechnungsmanager-paypal.dcy.one
snap.licdn.com
2 c.clarity.ms 1 redirects
2 region1.analytics.google.com www.googletagmanager.com
2 abrechnungsmanager-paypal.dcy.one abrechnungsmanager-paypal.dcy.one
1 client-logger.salemove.com libs.salemove.com
1 in-automate.brevo.com sibautomation.com
1 px4.ads.linkedin.com
1 c.bing.com 1 redirects
1 www.google.es www.direct.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 assets.calendly.com www.direct.com
1 d3e54v103j8qbb.cloudfront.net www.direct.com
1 www.direct.com
1 direct.com 1 redirects
61 27

This site contains links to these domains. Also see Links.

Domain
olb.direct.com
www.hud.gov
www.facebook.com
www.linkedin.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
abrechnungsmanager-paypal.dcy.one
R10		 2024-12-28 -
2025-03-28		 3 months crt.sh
www.direct.com
R10		 2024-11-10 -
2025-02-08		 3 months crt.sh
prod.website-files.com
WE1		 2024-12-19 -
2025-03-19		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
calendly.com
WE1		 2024-12-23 -
2025-03-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.es
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2024-12-02 -
2025-12-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-15 -
2025-01-13		 3 months crt.sh
sibautomation.com
WE1		 2024-12-01 -
2025-03-01		 3 months crt.sh
*.glia.com
Amazon RSA 2048 M02		 2024-05-17 -
2025-06-14		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
brevo.com
WE1		 2024-12-16 -
2025-03-16		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.direct.com/m
Frame ID: CCD9604C072871AC7011028F32C3D443
Requests: 58 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.direct.com
Frame ID: 389CBD475B165CCD26A31622A59CE1F5
Requests: 1 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=46t9oyk3ya47i8447oqn6
Frame ID: 4FCD981CD8EE7AB68125B0B167C60D78
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Not Found

Page URL History Show full URLs

  1. https://abrechnungsmanager-paypal.dcy.one/m/f03632632 Page URL
  2. https://direct.com/m HTTP 301
    https://www.direct.com/m Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https://assets\.calendly\.com/assets/external/widget\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

61
Requests

97 %
HTTPS

52 %
IPv6

20
Domains

27
Subdomains

25
IPs

6
Countries

1618 kB
Transfer

5055 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://abrechnungsmanager-paypal.dcy.one/m/f03632632 Page URL
  2. https://direct.com/m HTTP 301
    https://www.direct.com/m Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D72EF3078F624487B26DD0305FA7F851&RedC=c.clarity.ms&MXFR=21168C559E41627A3A6399399A416C8C HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D72EF3078F624487B26DD0305FA7F851&MUID=1389AE32F3EE6FAA397BBB5EF2576E64
Request Chain 44
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=295810&time=1736173138183&url=https%3A%2F%2Fwww.direct.com%2Fm HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=295810&time=1736173138183&url=https%3A%2F%2Fwww.direct.com%2Fm&e_ipv6=AQKpcAI54CcqOgAAAZQ7-7IG9EHzbhYl6z-HEM8i9QvI7CHGWxg7yF3mgNZ-KBJTuoeyow

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
f03632632
abrechnungsmanager-paypal.dcy.one/m/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://abrechnungsmanager-paypal.dcy.one/m/f03632632
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.44.31.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.31.44.34.bc.googleusercontent.com
Software
nginx / PHP/7.4.33 PleskLin
Resource Hash
4f7b7fdd8ef1d1d6f6d812d825f9025224e9d298147ccb2a21d8033270594210

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
1501
content-type
text/html; charset=UTF-8
date
Mon, 06 Jan 2025 14:18:55 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33 PleskLin
global.css
abrechnungsmanager-paypal.dcy.one/ercf/css/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abrechnungsmanager-paypal.dcy.one/ercf/css/global.css
Requested by
Host: abrechnungsmanager-paypal.dcy.one
URL: https://abrechnungsmanager-paypal.dcy.one/m/f03632632
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.44.31.3 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.31.44.34.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
790163830bb6d9bd803d57992c29ec73871cc99ce8f4926c1b92090cdded1b58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://abrechnungsmanager-paypal.dcy.one/m/f03632632

Response headers

content-encoding
br
date
Mon, 06 Jan 2025 14:18:55 GMT
etag
W/"6770836b-dd8f"
content-type
text/css
last-modified
Sat, 28 Dec 2024 23:02:03 GMT
server
nginx
x-powered-by
PleskLin
Primary Request m
www.direct.com/
Redirect Chain
  • https://direct.com/m
  • https://www.direct.com/m
39 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.direct.com/m
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.152.104.113 Milan, Italy, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-152-104-113.eu-south-1.compute.amazonaws.com
Software
/
Resource Hash
ca96b194d5abd138d0f672418e50343290aa4f47bd0a13ec7fc7478629397a38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://abrechnungsmanager-paypal.dcy.one
Referer
https://abrechnungsmanager-paypal.dcy.one/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
5409
alt-svc
h3=":443"; ma=86400
cache-control
max-age=43200
cf-cache-status
HIT
cf-ray
8fdc57168ae40e7b-MXP
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Mon, 06 Jan 2025 14:18:56 GMT
etag
W/"44abf521080a966f869e8c78cadb743c"
last-modified
Thu, 02 Jan 2025 22:27:57 GMT
surrogate-key
www.direct.com 64b06eaa5a3bd010af07aeb5 pageId:64b06eaa5a3bd010af07af0f
vary
Accept-Encoding
x-cluster-name
eu-south-1-prod-hosting-red
x-frame-options
SAMEORIGIN

Redirect headers

content-length
166
content-type
text/html
date
Mon, 06 Jan 2025 14:18:56 GMT
location
https://www.direct.com/m
x-cluster-name
eu-south-1-prod-hosting-red
dfcu.a79d4819f.min.css
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/ 		300 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc91b1bb88d76884727ccc6a35cf07653714b0a519a6d04193c09b2614c06c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"c4bbdc3162168225caf589289ca6e701"
x-amz-version-id
GyM2rS2rGizMQvr6ozQGaLgY3O86RRqM
age
280250
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
text/css
last-modified
Thu, 02 Jan 2025 21:45:57 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-amz-id-2
3vZzqqoxW6eZzgUXsEKcYqHqedxehHDkPoQg44vWvCxBccJ3cg1w73lW3MyFB9c7qJ5KYmulRK+HVDRtVP+loJddBUY334R1Pe/agQGEhMk=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
E8NGD6TZGS8BV8NR
cf-ray
8fdc5717ad0ecfcd-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
47373
server
cloudflare
x-amz-server-side-encryption
AES256
64b06eaa5a3bd010af07aeb5%2F652d31f3dc22d7b4ee708e44%2F671803b6b54ba7dbbab28118%2Fclarity_script-4.9.8.js
cdn.prod.website-files.com/ 		318 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5%2F652d31f3dc22d7b4ee708e44%2F671803b6b54ba7dbbab28118%2Fclarity_script-4.9.8.js
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
672d37ff4fee546ac500bccd9551c93bba3784b818873b0bcef4d94c8f0f61f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"82632b28da49b29aae58d104befbc8d6"
x-amz-version-id
EJ_sLEZbrd.6CZrVeNF33lO1VwzBUjlL
age
82270
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 19:57:43 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-amz-id-2
mlLmjXILPlSUhXU1q8J9vfu+ftwYpq0QOBe1KcImV7NNkvFQmkc59kRddIzqH1Iss1qcNMp6Qk0=
cache-control
max-age=84600, must-revalidate
x-amz-request-id
DP5W97EBMYJFM01V
cf-ray
8fdc5717ad10cfcd-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
247
server
cloudflare
x-amz-server-side-encryption
AES256
64e50526d0a9029ceff668d5_Logo.svg
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/64e50526d0a9029ceff668d5_Logo.svg
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b5ad526fbc46799bfd0f6c263502f9c2c039abe2acdd24262403c0ecb82781

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"c98fbd3aeda7b2dced667056db8f149d"
x-amz-version-id
Gw5_nyl2reWCx8iFNf_DPaoDJqSmgH60
age
882407
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
image/svg+xml
last-modified
Tue, 22 Aug 2023 18:57:44 GMT
vary
Accept-Encoding
priority
u=2,i
x-amz-id-2
yLMWWjJK69M6ELLitBN4HWugq0YgafErn1Ae9MuaKL/UdU0DGB5ykIV5B6Miq2qEjeP4Lo38B/4=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
DP5G4GJNGG9K5X99
cf-ray
8fdc5717ad11cfcd-MAD
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
page-not-found.211a85e40c.svg
cdn.prod.website-files.com/static/ 		754 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/static/page-not-found.211a85e40c.svg
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58afd37317e5adb23a1e2b5006169e2350cdbc8948ee7998250fce897f3fb699

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
0gxtxNJ0N3yfqHO_jy8.CvIJW1g5Fi8V
etag
W/"211a85e40c7aeb39347a880746cd17c3"
age
5767
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
image/svg+xml
last-modified
Mon, 19 Dec 2016 20:52:42 GMT
vary
Accept-Encoding
priority
u=2,i
x-amz-id-2
4D7jHLBokaZXilaMMd8+HXIIkgmSLeMzWnzmHenIKCuN/bAHWZpxTKdLTViFAzxIdfW+ghXHRZ0p9qP7b3oRGIla9ycWnNoBK61nowej8e0=
cache-control
max-age=84600, must-revalidate
x-amz-request-id
R1XXGC52306JEABT
cf-ray
8fdc5717ad14cfcd-MAD
access-control-allow-origin
*
server
cloudflare
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64b06eaa5a3bd010af07aeb5
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-144.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.direct.com
Referer
https://www.direct.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
3377
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
Qwu-d7h1YswKJzR27yLckR2h0n6R8ggb7AteqEuRpbkXmLP_sok8bA==
date
Mon, 06 Jan 2025 13:22:40 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
accept-encoding
cache-control
max-age=84600, must-revalidate
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P4
server
AmazonS3
dfcu.ffe9fcd8bee8a7a24e7fa6ff2b61d7ab.js
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/js/ 		847 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/js/dfcu.ffe9fcd8bee8a7a24e7fa6ff2b61d7ab.js
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db699d1c90112c6b022c737ac740596f77f3aca7c8517ba42f19fead04c958da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"975ca0dada2ff14f2c62efd6dd7bc2d3"
x-amz-version-id
wl4UM4NDJrEiWtIO6dXOz4nHWEJuNDH1
age
882406
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
text/javascript
last-modified
Mon, 23 Dec 2024 19:35:34 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-amz-id-2
xZBUW9hnbxtTTHkjSeA85lW1X2ADlyikHcoLn9qvtxGqTxKul+CnjAgcKRZX1Z02xQC6ahg1OsYSoFJf9EpBAPO+bR0xJrCNYAPyH+Po00Q=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
J7XVMN6WWFG0JFXE
cf-ray
8fdc57188da0cfcd-MAD
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
cmsload.js
cdn.jsdelivr.net/npm/@finsweet/attributes-cmsload@1/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsload@1/cmsload.js
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8995f652e1aa37c3519fbbe182cd2c581f00290f885f35b55c8e00cf32dc4fe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"4808-98jcUWHSC9JHe1jYw2HWpeOx6ko"
age
769
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WA9yWEd4wkPN7JAX8JWmm6p3j%2BLEsG0H3cUKE%2BU074xvJJ%2Bcz8qK6WygGqLpRj3fAe3gdVlRM3N1vsnFeDjnMSP9fQ2RInKJGzSKtdPznbZq%2B0%2B9AzBlwJEv1vwPGe%2B%2B5ap%2BsAAJf%2BrZSpji6wI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230066-FRA, cache-lga21936-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8fdc57193c95cbd6-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
7477
server
cloudflare
x-jsd-version
1.12.0
cmsfilter.js
cdn.jsdelivr.net/npm/@finsweet/attributes-cmsfilter@1/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsfilter@1/cmsfilter.js
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb214c44d76ed3b2d6ab77a887ba0012e339548d1df3395fa5793611e75c49b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"5a4b-PT05vO68/Eb2gc6xYWwNzdj8FTo"
age
34331
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZ1vM69ImZre2JBG%2FMMHsMImNHB9B9nJcT%2FIXaY4OwnthAHxZ6Cbwwm1s7X6Gqhv45SvhvYoOTK4pihhx5m4BeDZS3bLJdqRycB2MxEwOtxyKCCzfQedMb9Tx6AG9Hthd94187j8soP0e%2FrYDGU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220148-FRA, cache-lga21987-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8fdc57193c96cbd6-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
8371
server
cloudflare
x-jsd-version
1.16.3
widget.js
assets.calendly.com/assets/external/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.calendly.com/assets/external/widget.js
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80ce7415f7fb5c4bf1d8eed31652b1246241e4e3cef6cbf6c853b9a7e16dde0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=300
content-encoding
br
cf-cache-status
HIT
etag
W/"ef3bf711963c747494cae07900aacd7c"
age
281
x-content-type-options
nosniff
cf-ray
8fdc57193fa2ec8b-MAD
expires
Tue, 07 Jan 2025 14:18:56 GMT
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
text/javascript
last-modified
Fri, 20 Dec 2024 21:57:58 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/ 		349 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K4D5M9
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b827ebfbf7302b907513275c73c476ec9b327d97aa3d8345d85527ab711e4af4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 06 Jan 2025 14:18:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 06 Jan 2025 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112536
x-xss-protection
0
server
Google Tag Manager
omrnd53sn8
www.clarity.ms/tag/ 		689 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/omrnd53sn8?ref=Webflow
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5%2F652d31f3dc22d7b4ee708e44%2F671803b6b54ba7dbbab28118%2Fclarity_script-4.9.8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2292012364240e43f3f4450593a51cda67218e444f44208c86497eaace32fb3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
application/x-javascript
x-azure-ref
20250106T141856Z-166954b7664vgjsphC1PARpwms0000000u60000000006em0
652586b2724e0cccd757e232_icon-contact.svg
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/ 		265 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/652586b2724e0cccd757e232_icon-contact.svg
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c93374afaa0024f554bcba6f1780592ae590fb633f162afe9af121c8eaf091f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"251b8128f590ce3dddc7116384e1f4e8"
x-amz-version-id
S3EpJNorYhdTaKSi65E6K1MMVRQANvde
age
82269
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Oct 2023 17:15:31 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
YqT8qrwAcIynEaQJYvJmb0We6VPcEqrXoBzFAeHTTiZBOCrhzuM+w/aijdM3BSNETIbjkONNCLw=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
MXXMVEYQ4KF8S2TS
cf-ray
8fdc5718adb5cfcd-MAD
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
652586b2724e0cccd757e239_icon-search.svg
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/ 		714 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/652586b2724e0cccd757e239_icon-search.svg
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ebed9b45082be042e7d8bd706a6bc4443412ffd58a70fd051a3756109ecf6d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"754e9ae96fb155eedbb0c91b474e5a41"
x-amz-version-id
oUi_MFEQUOBks147nTebV0rw056_9q2h
age
82269
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Oct 2023 17:15:32 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
ZrR8TRdkh0gvQkP+8FoTkBYLrXGVL5ImZxF135MLXeJ+XCFefZtLE8J+mfv5jONlWh6M5ymCqCE=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
MXXXXXVC9WHBAESH
cf-ray
8fdc5718adb7cfcd-MAD
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
651b79aaa3255cf8cae75d64_Gotham-Medium.otf
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/ 		126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/651b79aaa3255cf8cae75d64_Gotham-Medium.otf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.direct.com
Referer
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"e19c20e966bde501f94e41cd0322dbe8"
x-amz-version-id
AMI7c_7WoJuVJ9oJSM.KR2rIZ7PW2WPe
age
882406
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
application/x-font-otf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 03 Oct 2023 02:17:15 GMT
x-amz-id-2
W1Gr18BsxOjy8MKjPeKrlKarQVQgSOg75cI9QUt32YFAQWrjasgHtGQ+Gdckn8KMUXLSHyxKhZ0=
priority
u=0,i=?0
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
MNSV6WJC65FXPK6F
cf-ray
8fdc57190e412189-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
128768
server
cloudflare
x-amz-server-side-encryption
AES256
651b79a0a3255cf8cae75709_Gotham-Book.otf
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/651b79a0a3255cf8cae75709_Gotham-Book.otf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3c79bd7ec9e3b465f0b821cf931be66542bff3694f7c70e0aeae0f6d7036756

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.direct.com
Referer
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"eca1317ee8a99162d0d0e2df77330cec"
x-amz-version-id
NzxXlu4OZ46d8yheg9e0V.iSM62QTsqC
age
82269
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
application/x-font-otf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 03 Oct 2023 02:17:05 GMT
x-amz-id-2
OYLipkcMbwDm24HQ9n2hA+x9k4xbWCyMEq86y4/fiMZ32PJHmnndnmqjlY0380TsfZhri0rsEpc=
priority
u=0,i=?0
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
MNSGQP5FA8MRKA1G
cf-ray
8fdc57190e422189-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
128020
server
cloudflare
x-amz-server-side-encryption
AES256
651b794f96b829a772be19a8_Rene%20Bieder%20-%20Choplin%20Light.otf
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/ 		66 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/651b794f96b829a772be19a8_Rene%20Bieder%20-%20Choplin%20Light.otf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2087636836f4b4bb4139bc68ce2a8368b476e23339d244f06a80219b57fd265

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.direct.com
Referer
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"7eec8638952a81c226f94cbb03cefb92"
x-amz-version-id
dgzB5c6r_GDLK2S1fxOu0J4H25LzaREv
age
1200676
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
application/x-font-otf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Tue, 03 Oct 2023 02:15:44 GMT
x-amz-id-2
ufvnVsEPKQOY0ZGxuK7rqWdryBmEkfmDqYGyUknIUkJv+QetN/iHSDrDHOEk3Xpp6WYVlV8+7Os=
priority
u=0,i=?0
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
MNSVKQH108AMNJK6
cf-ray
8fdc57190e442189-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
67964
server
cloudflare
x-amz-server-side-encryption
AES256
64e65ddd1bede8d21cced4a8_fa-brands-400.woff2
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/ 		108 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/64e65ddd1bede8d21cced4a8_fa-brands-400.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.direct.com
Referer
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/css/dfcu.a79d4819f.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"f022fca674f561d3f3f9f187a7fa3222"
x-amz-version-id
S_R_M5KdGXRuUU5MWRzdqxOsX2cCveO1
age
882405
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
application/octet-stream
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 23 Aug 2023 19:28:31 GMT
x-amz-id-2
/xgFJcarGUdq0Bdw5lXoKVbvhDT+5GyH6glMw00MFM2fZtoftIkuO4Jj428z5q6w2u6SkcaZd2M=
priority
u=0,i=?0
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
MNSZQYQ5XD5FRMT6
cf-ray
8fdc57190e452189-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
110932
server
cloudflare
x-amz-server-side-encryption
AES256
651b6ddd37d53bdb040d9893_DFCU_Standard_Logo_RGB%201.svg
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/651b6ddd37d53bdb040d9893_DFCU_Standard_Logo_RGB%201.svg
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef6b34461d0536eea47b4e92e5a981770195b5885687ea17433bd8bd62c1613f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"b3b8f62d40d6a8d05f42a39aeb90b93e"
x-amz-version-id
RJWrDKcXJi.0Yidd9c3YWpVnRBq_8iBx
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
image/svg+xml
last-modified
Tue, 03 Oct 2023 01:26:55 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
AnCbC/1Pz2qhmpj2Sbhlg736H6bbstbmTnO7gjt9FmXwJKVZYCZtTy0UqvZAWfE/QlW4yMzUfsaA9fFPjtOK13WuX9FlD9AQ0dWC2vue4ZI=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
57Y10JTN5PY4RZWW
cf-ray
8fdc5718bdc6cfcd-MAD
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
64e64c4414a94f768da79c2a_eq-ncua-white%202%20(1).png
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/64e64c4414a94f768da79c2a_eq-ncua-white%202%20(1).png
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306a49365adbf5f928685addb9472b7e000753b1f8a7b1acbbffbdc25749a8a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cf-cache-status
HIT
etag
"a34f767bcd56e5bcf48f025de391ce23"
x-amz-version-id
Xem5TjFxHyZCMnVZEbFhm3xfym6iG8e9
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:56 GMT
content-type
image/png
last-modified
Wed, 23 Aug 2023 18:13:26 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
U9u4A0i7oy5XkjxjbvEPeUm64uzTIeR4DK11TnmcIRBNdMh6d4khlK2eXC2SWRKrMlZo3SKB2XE=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
FBF2NG61S0EZCDTQ
cf-ray
8fdc5718cdc7cfcd-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
8259
server
cloudflare
x-amz-server-side-encryption
AES256
animation.esm.js
cdn.jsdelivr.net/npm/@finsweet/attributes-animation@1/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/attributes-animation@1/animation.esm.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsload@1/cmsload.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c65101e31646c5ce1e2f253a5c554604c5fb5d4f0016fcf5e5c8dc127862076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.direct.com
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"2dcc-d2LLzMwVxUMcDcR94bZTJr30OVE"
age
1044
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Je9Q%2FYm%2BEgHMBROh6eCSxjNv5HylufrkOn2OiGu%2FaS%2Bd%2BQzw5IBZSMSJHyECkOxZiFMqB4nvyJ6wWJnXHzH%2BdTOlVMGzZYJnMyhffLe8HNZ5TZJsOyQHNGYtuarTUwyhjdk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220025-FRA, cache-lga21978-LGA
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8fdc571a984e384a-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
5006
server
cloudflare
x-jsd-version
1.2.2
cmscore.js
cdn.jsdelivr.net/npm/@finsweet/attributes-cmscore@1/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmscore@1/cmscore.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@finsweet/attributes-cmsload@1/cmsload.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
652b782499578fc71edc11f16015aecfd4b77f5a65dea68670bcae86be9a8bc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.direct.com
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"4f1f-pHD/Uv7Ztjs1OXmoYMvrzeid69M"
age
28322
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6xQyX78U8%2FX37ooxPKupSybbRueBGdLqbrqT8mTvFlTme3Mesg60DOU86XpMjp5Q9stJHrtTrRux5A3N32NNQmhpiSxjhLU6j%2F4vqLMDqBaOow%2Bjb6vsztktdfe6mxIBvwk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230137-FRA, cache-lga21943-LGA
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8fdc571a9853384a-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
7208
server
cloudflare
x-jsd-version
1.13.0
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=abrechnungsmanager-paypal.dcy.one&dl=https%3A%2F%2Fwww.direct.com%2Fm&scrsrc=www.googletagmanager.com&frm=0&rnd=627790798.1736173137&dt=Not%20Found&auid=73152858.1736173137&navt=n&npa=1&gtm=45He4cc1v72378796za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1736173137158&tfd=1784&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4D5M9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers
js
www.googletagmanager.com/gtag/ 		447 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HQY655DBDD&l=dataLayer&cx=c&gtm=45He4cc1v72378796za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4D5M9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60cb5f7860d09b38577dc5f20e03e5074adcefbee0057c615d65ae7eb3ab1c76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 06 Jan 2025 14:18:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
140746
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		250 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-952710236&l=dataLayer&cx=c&gtm=45He4cc1v72378796za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4D5M9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98e3dcaaa45c9a5889e5f5c80ec6f98aee698030dd26aacfaf9dc729442290cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 06 Jan 2025 14:18:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 06 Jan 2025 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91639
x-xss-protection
0
server
Google Tag Manager
omrnd53sn8
www.clarity.ms/tag/ 		689 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/omrnd53sn8?ref=gtm2
Requested by
Host: abrechnungsmanager-paypal.dcy.one
URL: https://abrechnungsmanager-paypal.dcy.one/m/f03632632
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2292012364240e43f3f4450593a51cda67218e444f44208c86497eaace32fb3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
application/x-javascript
x-azure-ref
20250106T141857Z-166954b7664vgjsphC1PARpwms0000000u60000000006emm
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 389C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.direct.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4D5M9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Jan 2025 14:18:57 GMT
expires
Tue, 06 Jan 2026 14:18:57 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
clarity.js
www.clarity.ms/s/0.7.59/ 		67 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/omrnd53sn8?ref=Webflow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

x-azure-ref
20250106T141857Z-166954b7664vgjsphC1PARpwms0000000u60000000006emp
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD2B2845EC4413"
x-fd-int-roxy-purgeid
0
x-ms-request-id
cfabc8f6-201e-0051-0383-5db357000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 02 Jan 2025 12:23:32 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HQY655DBDD&gtm=45je4cc1v877017633z872378796za200zb72378796&_p=1736173136719&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=605436389.1736173137&ul=es-es&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736173137&sct=1&seg=0&dl=https%3A%2F%2Fwww.direct.com%2Fm&dr=https%3A%2F%2Fabrechnungsmanager-paypal.dcy.one%2F&dt=Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2045
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HQY655DBDD&l=dataLayer&cx=c&gtm=45He4cc1v72378796za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.direct.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HQY655DBDD&cid=605436389.1736173137&gtm=45je4cc1v877017633z872378796za200zb72378796&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HQY655DBDD&l=dataLayer&cx=c&gtm=45He4cc1v72378796za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.direct.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.es/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.es/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HQY655DBDD&cid=605436389.1736173137&gtm=45je4cc1v877017633z872378796za200zb72378796&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1305444715
Requested by
Host: www.direct.com
URL: https://www.direct.com/m
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 06 Jan 2025 14:18:57 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
t.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.direct.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://www.direct.com
Date
Mon, 06 Jan 2025 14:18:58 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D72EF3078F624487B26DD0305FA7F851&RedC=c.clarity.ms&MXFR=21168C559E41627A3A6399399A416C8C
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D72EF3078F624487B26DD0305FA7F851&MUID=1389AE32F3EE6FAA397BBB5EF2576E64
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D72EF3078F624487B26DD0305FA7F851&MUID=1389AE32F3EE6FAA397BBB5EF2576E64
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"9270eb7934bdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Mon, 06 Jan 2025 14:18:58 GMT
content-type
image/gif
last-modified
Tue, 10 Dec 2024 13:00:24 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D72EF3078F624487B26DD0305FA7F851&MUID=1389AE32F3EE6FAA397BBB5EF2576E64
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BF757CC29667453194F49E37B379420B Ref B: PAR02EDGE0716 Ref C: 2025-01-06T14:18:58Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Mon, 06 Jan 2025 14:18:57 GMT
x-powered-by
ASP.NET
insight.min.js
snap.licdn.com/li.lms-analytics/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: abrechnungsmanager-paypal.dcy.one
URL: https://abrechnungsmanager-paypal.dcy.one/m/f03632632
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
c8879b289784c2f0e524c601ee26bd458ab9d35a527c22ce582904004e47d018
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cache-control
max-age=67739
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
9404
date
Mon, 06 Jan 2025 14:18:58 GMT
last-modified
Mon, 06 Jan 2025 08:56:54 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: abrechnungsmanager-paypal.dcy.one
URL: https://abrechnungsmanager-paypal.dcy.one/m/f03632632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
4b851bd9af5635c2682387427eb718d453b8e7aeefdbb01c8521ab32a49004b3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-cx9EAMJ7' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-cx9EAMJ7' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=23, mss=1232, tbw=4475, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
1rsbNb4UT/ybeAD4mcqP8gNuZTj7DZ1SzMUqznhEiMZcn1Sat260+APSMiluckHFxLNigzjaIZmwvrLtjaCGjA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62279
x-xss-protection
0
origin-agent-cluster
?1
sa.js
sibautomation.com/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/sa.js?key=46t9oyk3ya47i8447oqn6
Requested by
Host: abrechnungsmanager-paypal.dcy.one
URL: https://abrechnungsmanager-paypal.dcy.one/m/f03632632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
a9817fcc8c47c660cb1e81807de582da407dd5f52138f429b6acec3fe302f55b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cache-control
public, max-age=60
content-encoding
gzip
cf-cache-status
HIT
etag
W/"3687-Ncss2E3+J0ix+og4f5dw0t1/Q1M"
cf-ray
8fdc57204904eca7-MAD
expires
Mon, 06 Jan 2025 14:19:58 GMT
access-control-allow-origin
*
date
Mon, 06 Jan 2025 14:18:58 GMT
content-type
text/javascript; charset=utf-8
x-powered-by
Sails <sailsjs.com>
vary
Accept-Encoding
server
cloudflare
salemove_integration.js
api.glia.com/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.glia.com/salemove_integration.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4D5M9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:3400:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a39fda84d9a110d7deecae1b8926b1ac860dd1c76f79e14b3a0d740c315c58c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
etag
"3466cc6f2068120138b624ff9fd4a77b"
age
136
via
1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
9323
x-amz-cf-id
rjEAbdw-2ltiEmh7-VkZWRqBHqML0H4rIeIeyGuOEel5r_ooHjoDhw==
date
Mon, 06 Jan 2025 14:16:43 GMT
content-type
application/javascript
last-modified
Fri, 03 Jan 2025 03:02:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
65956f779409eb5bcfc6afbd_favicon32.png
cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/ 		594 B
1005 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/64b06eaa5a3bd010af07aeb5/65956f779409eb5bcfc6afbd_favicon32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9d36c840cd150ebdedd5bb5a6a55b9c11282312a51f3cc3156281438fdae1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cf-cache-status
HIT
etag
"04ffc42879e0d6929bb592d1435c6720"
x-amz-version-id
DbEzhZolcg9_swEQ2xvjIcYYliVWvYE3
age
882405
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
image/png
last-modified
Wed, 03 Jan 2024 14:30:16 GMT
vary
Accept-Encoding
priority
u=1,i
x-amz-id-2
A7lYoaxLf7dejRmeB+vOnYkMscbUH310HSFkf62XWgZvbP4LCsLqYympWUa5fl/WisExbxIZLaY=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
BY1FAVVKKDEC88JZ
cf-ray
8fdc57201aa4cfcd-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
594
server
cloudflare
x-amz-server-side-encryption
AES256
cm.html
sibautomation.com/ Frame 4FCD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?key=46t9oyk3ya47i8447oqn6
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=46t9oyk3ya47i8447oqn6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Referer
https://www.direct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
8fdc5721592a0412-MAD
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 06 Jan 2025 14:18:58 GMT
expires
Mon, 06 Jan 2025 16:18:58 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
Sails <sailsjs.com>
778267309032281
connect.facebook.net/signals/config/ 		89 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/778267309032281?v=2.9.179&r=stable&domain=www.direct.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
33130166ab6367d4efd3efa7fb7835cc813dde97531cfcabb4a63f75712c388a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Xzke3zzm' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Jan 2025 14:18:58 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Xzke3zzm' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=66, rtx=0, c=77, mss=1232, tbw=70491, tp=65, tpl=0, uplat=108, ullat=0
pragma
public
x-fb-debug
p+EVTmz4n3kdCfumfEov2dCFEfITUVxso2vAgJY6bi2usRgQSKpCq1iogb8XJ/lgDa07SqBkRMwQHWiE/feP1w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cache-control
max-age=73706
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Mon, 06 Jan 2025 14:18:58 GMT
last-modified
Mon, 02 Dec 2024 10:13:56 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
visitor_config
api.glia.com/ 		27 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fwww.direct.com%2Fm&
Requested by
Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:3400:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f7e39feaa49d1308e4b00c10df037946095e39f44a2f29ebe2a96caddbe55290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.direct.com/

Response headers

x-site-visitor-config
true
access-control-max-age
7200
access-control-expose-headers
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
DS-KN_fOz19yCCvpIAC1HDYw_i75rigVC5KWPoN8nEne_mbH0ukhgg==
date
Mon, 06 Jan 2025 14:18:58 GMT
content-type
application/json
vary
Origin
access-control-allow-headers
Content-Type, Accept, Authorization
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
via
1.1 e787a68a5271d06ea7b7e56fa6886dc8.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.direct.com
content-length
27991
x-amz-cf-pop
FRA56-P12
attribution_trigger
px.ads.linkedin.com/ 		2 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=295810&time=1736173138183&url=https%3A%2F%2Fwww.direct.com%2Fm
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://www.direct.com/

Response headers

x-li-pop
afd-prod-ltx1-x
content-encoding
gzip
x-fs-uuid
00062b0a4f2f14b826cf646f7a615b32
x-msedge-ref
Ref A: AAB7F2A9E0074D878CC63E279DFAC8A7 Ref B: PRAEDGE1010 Ref C: 2025-01-06T14:18:58Z
x-li-fabric
prod-ltx1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYrCk8vFLgmz2RvemFbMg==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Mon, 06 Jan 2025 14:18:57 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=295810&time=1736173138183&url=https%3A%2F%2Fwww.direct.com%2Fm
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=295810&time=1736173138183&url=https%3A%2F%2Fwww.direct.com%2Fm&e_ipv6=AQKpcAI54CcqOgAAAZQ7-7IG9EHzbhYl6z-HEM8i9QvI7CHGWxg7yF3mgNZ-KBJTuoeyow
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=295810&time=1736173138183&url=https%3A%2F%2Fwww.direct.com%2Fm&e_ipv6=AQKpcAI54CcqOgAAAZQ7-7IG9EHzbhYl6z-HEM8i9QvI7CHGWxg7yF3mgNZ-KBJTuoeyow
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: EE89C14EAFF74202A38F29079196891A Ref B: PAR02EDGE0920 Ref C: 2025-01-06T14:18:58Z
x-li-fabric
prod-lor1
x-li-uuid
AAYrCk81AC6sFZv2JPiIxA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Mon, 06 Jan 2025 14:18:58 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=295810&time=1736173138183&url=https%3A%2F%2Fwww.direct.com%2Fm&e_ipv6=AQKpcAI54CcqOgAAAZQ7-7IG9EHzbhYl6z-HEM8i9QvI7CHGWxg7yF3mgNZ-KBJTuoeyow
x-msedge-ref
Ref A: 156D6C820AD24CCD985F7CE872913BC9 Ref B: PRAEDGE1609 Ref C: 2025-01-06T14:18:58Z
x-li-fabric
prod-lor1
x-li-uuid
AAYrCk8vTjipOvyu7MNyKA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Mon, 06 Jan 2025 14:18:57 GMT
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=778267309032281&ev=PageView&dl=https%3A%2F%2Fwww.direct.com&rl=https%3A%2F%2Fabrechnungsmanager-paypal.dcy.one&if=false&ts=1736173138271&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1736173138267.607569721897561698&cs_est=true&pm=1&hrl=74c15c&ler=other&cdl=API_unavailable&it=1736173138073&coo=false&cs_cc=1&cas=26721260754154180%2C5859403910805009&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=62, rtx=0, c=23, mss=1232, tbw=4523, tp=10, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 06 Jan 2025 14:18:58 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=778267309032281&ev=PageView&dl=https%3A%2F%2Fwww.direct.com&rl=https%3A%2F%2Fabrechnungsmanager-paypal.dcy.one&if=false&ts=1736173138271&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1736173138267.607569721897561698&cs_est=true&pm=1&hrl=74c15c&ler=other&cdl=API_unavailable&it=1736173138073&coo=false&cs_cc=1&cas=26721260754154180%2C5859403910805009&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7456806848218313435"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Jan 2025 14:18:58 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
nCjBR0uRQFivDr8Rg05HS+F0YPzVdvwP0T85sVzNlYw7RUonlQ2UkCKiiQ+kuG7kSHb6BCCs8nqMAXKStRvUbA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7456806848218313435", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=62, rtx=0, c=23, mss=1232, tbw=4891, tp=13, tpl=0, uplat=106, ullat=1
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
bootstrapper-c56d4afc5-a719e0bec.js
libs.salemove.com/visitor/ 		649 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.salemove.com/visitor/bootstrapper-c56d4afc5-a719e0bec.js
Requested by
Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:3c00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe92f4544cbae71c1b5b0f79284208923a3f8d5ac1b75f6527249a4d6d56e2b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
gzip
etag
W/"6b18218ff0cc476e3e7c5fe05915b119"
age
354785
x-cache
Hit from cloudfront
x-amz-cf-id
Zd0YKWALBvlMQVliCVo3Mex246ttlO5ZO31zPAJqlHaaiLWfIorNrg==
date
Thu, 02 Jan 2025 11:45:54 GMT
content-type
application/javascript
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
last-modified
Thu, 02 Jan 2025 11:22:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
max-age=31536000
x-amz-meta-s3cmd-attrs
md5:6b18218ff0cc476e3e7c5fe05915b119
via
1.1 90cfd2dca03ef57cde2166b6abbd53ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
server
AmazonS3
x-amz-server-side-encryption
AES256
p
in-automate.brevo.com/ 		0
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-automate.brevo.com/p?key=46t9oyk3ya47i8447oqn6&cuid=0417deb1-8b47-4ac6-b8db-abab512f7585&ma_url=https%3A%2F%2Fwww.direct.com%2Fm&sib_type=page&ma_title=Not%20Found&sib_name=Not%20Found&ma_referrer=https%3A%2F%2Fabrechnungsmanager-paypal.dcy.one%2F&ma_path=%2Fm
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=46t9oyk3ya47i8447oqn6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

cf-ray
8fdc5723ecc3af76-MAD
access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
date
Mon, 06 Jan 2025 14:18:58 GMT
server
cloudflare
collect
t.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.direct.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://www.direct.com
Date
Mon, 06 Jan 2025 14:18:58 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
webcomponents_es5-c56d4afc5-a719e0bec.js
libs.salemove.com/visitor/ 		936 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.salemove.com/visitor/webcomponents_es5-c56d4afc5-a719e0bec.js
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-c56d4afc5-a719e0bec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:3c00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

etag
"f86098c5208655efb405300993461936"
age
354784
x-cache
Hit from cloudfront
x-amz-cf-id
hBV3xZlGMLJBqJzjdgPNyhHD_cH47ImUTphKNrrmOwu75MT3DZW79Q==
date
Thu, 02 Jan 2025 11:45:55 GMT
content-type
application/javascript
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
last-modified
Thu, 02 Jan 2025 11:22:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
max-age=31536000
x-amz-meta-s3cmd-attrs
md5:f86098c5208655efb405300993461936
via
1.1 90cfd2dca03ef57cde2166b6abbd53ca.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
936
x-amz-cf-pop
FRA56-P12
server
AmazonS3
x-amz-server-side-encryption
AES256
visitor-app.f2ce0a9b.min.js
libs.salemove.com/ 		696 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.salemove.com/visitor-app.f2ce0a9b.min.js
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-c56d4afc5-a719e0bec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:3c00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1caf319d2f0b949e2c3bdcd6fc9ab2fdf732b8509fcbce8f92ae913997f18315
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
gzip
etag
W/"e8cc790536eafead4770edb269d1fa1a"
age
552108
x-cache
Hit from cloudfront
x-amz-cf-id
Ti3kiU-fRnj1AtbeSlY_DVIKcKBAvCdlcAmQ_34t13s-ZhYWJdGHCQ==
date
Tue, 31 Dec 2024 04:57:11 GMT
content-type
application/javascript
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
last-modified
Tue, 31 Dec 2024 04:32:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
max-age=31536000
x-amz-meta-s3cmd-attrs
md5:e8cc790536eafead4770edb269d1fa1a
via
1.1 90cfd2dca03ef57cde2166b6abbd53ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
server
AmazonS3
x-amz-server-side-encryption
AES256
visitor-app.f2ce0a9b.default.css
libs.salemove.com/ 		277 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://libs.salemove.com/visitor-app.f2ce0a9b.default.css
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-c56d4afc5-a719e0bec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:3c00:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f81abc642247ee095c6e16e8131cc54be971a537bf9b3f41d4526dda1d72025e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

content-encoding
gzip
etag
W/"d639efaf1ab0050c9c4dab2f96ab5016"
age
552108
x-cache
Hit from cloudfront
x-amz-cf-id
NNIAme2vvOEs9m1GI1fsmGC1HP4S7JeSifEkCklYkaXESAo3eP7eYg==
date
Tue, 31 Dec 2024 04:57:11 GMT
content-type
text/css
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
last-modified
Tue, 31 Dec 2024 04:32:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
max-age=31536000
x-amz-meta-s3cmd-attrs
md5:d639efaf1ab0050c9c4dab2f96ab5016
via
1.1 90cfd2dca03ef57cde2166b6abbd53ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
server
AmazonS3
x-amz-server-side-encryption
AES256
72ba80f1bfb108
api.salemove.com/visitor_app/f2ce0a9b/sites/64660a6e-3a97-4dd8-a53d-2d8e71698912/custom_locales/en-us-chat/ 		15 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salemove.com/visitor_app/f2ce0a9b/sites/64660a6e-3a97-4dd8-a53d-2d8e71698912/custom_locales/en-us-chat/72ba80f1bfb108
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-c56d4afc5-a719e0bec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:3400:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7e545fca4146635ef5b6ac27634638883fd926aa1c755d82b3cadf7ca796bf73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.direct.com/

Response headers

access-control-max-age
7200
access-control-expose-headers
age
537136
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
xyQaBgjBadnZQy8TEH4AoA7zaaO4BDyHfDXf2Vf9s6shyChaW0sRWg==
date
Tue, 31 Dec 2024 09:06:43 GMT
content-type
application/json
vary
Origin
access-control-allow-headers
Content-Type, Accept, Authorization
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=31536000
via
1.1 506bffda4b1949c4425629ce0bdce052.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.direct.com
content-length
14993
x-amz-cf-pop
FRA56-P12
/
px.ads.linkedin.com/wa/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.direct.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 0251D468591F46779F8AE6CEAB41A359 Ref B: PRAEDGE1609 Ref C: 2025-01-06T14:18:58Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYrCk84w1FIuxsPHURijQ==
x-li-proto
http/2
access-control-allow-origin
https://www.direct.com
x-cache
CONFIG_NOCACHE
date
Mon, 06 Jan 2025 14:18:58 GMT
vary
Origin
sources_triggered
api.salemove.com/overseer/ 		2 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salemove.com/overseer/sources_triggered
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-c56d4afc5-a719e0bec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:3400:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjBmM2VmOTQyLTY5MDgtNDA1Yi1iM2E1LWYwZDZkZWEwNjBmNSJ9.eyJpYXQiOjE3MzYxNzMxMzgsImV4cCI6MTczNzM4MjczOCwiaXNzIjoiR2xpYSBTaXRlIFZpc2l0b3IgQ29uZmlnIiwic3ViIjoidmlzaXRvcjozN2Y3NmE0YS01MTBlLTQyMDEtODg0NC0xZDA4MDAyOTQ0YWUiLCJyb2xlcyI6W3sidHlwZSI6InZpc2l0b3IiLCJ2aXNpdG9yX2lkIjoiMzdmNzZhNGEtNTEwZS00MjAxLTg4NDQtMWQwODAwMjk0NGFlIn0seyJ0eXBlIjoic2l0ZV92aXNpdG9yIiwic2l0ZV9pZCI6IjY0NjYwYTZlLTNhOTctNGRkOC1hNTNkLTJkOGU3MTY5ODkxMiIsImVuZ2FnZW1lbnRfc2l0ZV9pZHMiOlsiNjQ2NjBhNmUtM2E5Ny00ZGQ4LWE1M2QtMmQ4ZTcxNjk4OTEyIl19XSwiYWNjb3VudF9pZCI6IjczOTQ1YmZmLWZhNjAtNDMwMi04YWNkLTFiYjAwZDI4NjBiZSJ9.c_4qnH36F8of0PyGmDnDgSwtOo1cf0566vgaDuA8_P7-BCzaE9aRguhtfgCs_zJGi3x1p3BJEeamRMxog3NlSg
Referer
https://www.direct.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/vnd.salemove.private+json
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
7200
access-control-expose-headers
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE
x-content-type-options
nosniff
via
1.1 506bffda4b1949c4425629ce0bdce052.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.direct.com
x-cache
Miss from cloudfront
content-length
2
x-amz-cf-id
G2rTCr-nm4lPrjTQgt-4rwqefjTMKazXTgu3erISTUFAmBCD-rF66Q==
date
Mon, 06 Jan 2025 14:18:59 GMT
content-type
application/json
vary
Origin
x-amz-cf-pop
FRA56-P12
access-control-allow-headers
Content-Type, Accept, Authorization
sources_triggered
api.salemove.com/overseer/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.salemove.com/overseer/sources_triggered
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:3400:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.direct.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
GET, PUT, PATCH, POST, DELETE, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-length
0
date
Mon, 06 Jan 2025 14:18:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 506bffda4b1949c4425629ce0bdce052.cloudfront.net (CloudFront)
x-amz-cf-id
2KDOBYHsZa7IUu21xle-lylxkOZO40u5k52AGkgqiZ_CX6kJOI05Hg==
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
collect
t.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.direct.com/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://www.direct.com
Date
Mon, 06 Jan 2025 14:19:00 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
client-logger.salemove.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client-logger.salemove.com/
Requested by
Host: libs.salemove.com
URL: https://libs.salemove.com/visitor/bootstrapper-c56d4afc5-a719e0bec.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.199.211.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-211-219.compute-1.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.direct.com/

Response headers

strict-transport-security
max-age=31536000
access-control-max-age
7200
access-control-expose-headers
x-envoy-upstream-service-time
1
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 06 Jan 2025 14:19:01 GMT
vary
Origin
server
envoy
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HQY655DBDD&gtm=45je4cc1v877017633z872378796za200zb72378796&_p=1736173136719&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=605436389.1736173137&ul=es-es&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1736173137&sct=1&seg=0&dl=https%3A%2F%2Fwww.direct.com%2Fm&dr=https%3A%2F%2Fabrechnungsmanager-paypal.dcy.one%2F&dt=Not%20Found&_s=2&tfd=7487
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HQY655DBDD&l=dataLayer&cx=c&gtm=45He4cc1v72378796za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.direct.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.direct.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Jan 2025 14:19:02 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| clarity object| __WEBFLOW_CURRENCY_SETTINGS function| $ function| jQuery function| tram object| Webflow object| fsAttributes object| FsAttributes object| Calendly object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| _linkedin_partner_id object| _linkedin_data_partner_ids function| fbq function| _fbq object| sib object| sendinblue object| Brevo object| sm function| lintrk boolean| _already_called_lintrk object| ORIBILI object| webpackJsonpSalemoveVisitorApp

23 Cookies

Domain/Path Name / Value
.calendly.com/ Name: __cf_bm
Value: btgO_EuVg0GaniafPVJq0o.8yMEvLi1Y7BjMrpO5h1w-1736173136-1.0.1.1-HH3sy27h3l8WoDB2KmYERoG3MUo6wTd0QzaiqeEpuev2QV.fx35ZiyvLzSa0jQDy5lEMxtMJeOwU9EfUnSseiA
.calendly.com/ Name: _cfuvid
Value: i1ZDLiaEmeCXirEHfHHU9kosSiyNY2nLkSLOSgEYvwo-1736173136921-0.0.1.1-604800000
.direct.com/ Name: _gcl_au
Value: 1.1.73152858.1736173137
.direct.com/ Name: _clck
Value: oy9rnv%7C2%7Cfsc%7C0%7C1832
.direct.com/ Name: _ga
Value: GA1.1.605436389.1736173137
www.clarity.ms/ Name: CLID
Value: a151612623bc46c191f15753f84f1811.20250106.20260106
.direct.com/ Name: _ga_HQY655DBDD
Value: GS1.1.1736173137.1.0.1736173137.60.0.0
.www.direct.com/ Name: sib_cuid
Value: 0417deb1-8b47-4ac6-b8db-abab512f7585
sibautomation.com/ Name: uuid
Value: bdc6510f-9b57-4560-ae2e-8809094499e9
.direct.com/ Name: _fbp
Value: fb.1.1736173138267.607569721897561698
.direct.com/ Name: _clsk
Value: g9bz0e%7C1736173138308%7C1%7C1%7Ct.clarity.ms%2Fcollect
api.glia.com/ Name: visitor_session
Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MzYxNzMxMzgsInZpc2l0b3JfaWQiOiIzN2Y3NmE0YS01MTBlLTQyMDEtODg0NC0xZDA4MDAyOTQ0YWUiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiJiZThjM2M2Ni02NTcyLTQzN2YtOTI3ZC1jNGM0MTA2Zjg0OGMifQ.DqKlXG48U5iXQVciL_NXS92EDovOybOagwTYjMCvIWTXPBSdXqNNt9HztXKKoXQeFIY8QhpwtHFSU5iSOv3Wdw
api.glia.com/ Name: visitor_session_partitioned
Value: eyJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE3MzYxNzMxMzgsInZpc2l0b3JfaWQiOiIzN2Y3NmE0YS01MTBlLTQyMDEtODg0NC0xZDA4MDAyOTQ0YWUiLCJpc3MiOiJHbGlhIFNpdGUgVmlzaXRvciBDb25maWciLCJraWQiOiJiZThjM2M2Ni02NTcyLTQzN2YtOTI3ZC1jNGM0MTA2Zjg0OGMifQ.DqKlXG48U5iXQVciL_NXS92EDovOybOagwTYjMCvIWTXPBSdXqNNt9HztXKKoXQeFIY8QhpwtHFSU5iSOv3Wdw
.bing.com/ Name: MUID
Value: 1389AE32F3EE6FAA397BBB5EF2576E64
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1389AE32F3EE6FAA397BBB5EF2576E64
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1389AE32F3EE6FAA397BBB5EF2576E64
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&74e1de09-d40f-46c9-8b82-b0ab79e3823b"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzYxNzMxMzg7MjswMjFDTPNWMpiGMLy3L5QkcQ8zUwbEmQL6MLkgiAohqD6kOA==
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3434:u=1:x=1:i=1736173138:t=1736259538:v=2:sig=AQGJRacQHGzdyTKXMuWVRfmpDTCxG7P1"

1 Console Messages

Source Level URL
Text
network error URL: https://www.direct.com/m
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abrechnungsmanager-paypal.dcy.one
api.glia.com
api.salemove.com
assets.calendly.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.prod.website-files.com
client-logger.salemove.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
direct.com
in-automate.brevo.com
libs.salemove.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sibautomation.com
snap.licdn.com
stats.g.doubleclick.net
t.clarity.ms
www.clarity.ms
www.direct.com
www.facebook.com
www.google.com
www.google.es
www.googletagmanager.com
104.18.160.117
104.18.187.31
13.107.42.14
13.74.129.1
142.250.186.164
157.240.253.1
157.240.253.35
20.114.189.70
2001:4860:4802:34::36
2600:9000:2724:3400:17:4c3f:1b80:93a1
2600:9000:2724:3c00:0:99b9:cd80:93a1
2606:4700:4400::6812:2528
2606:4700:4400::6812:29af
2606:4700:4400::ac40:9473
2606:4700::6812:bb1f
2620:1ec:21::14
2620:1ec:29:1::45
2620:1ec:c11::237
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2008
2a00:1450:400c:c1f::9d
2a02:26f0:480:15::213:7e4a
34.199.211.219
34.44.31.3
35.152.104.113
52.222.232.144
75.2.70.75
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e
1caf319d2f0b949e2c3bdcd6fc9ab2fdf732b8509fcbce8f92ae913997f18315
2292012364240e43f3f4450593a51cda67218e444f44208c86497eaace32fb3e
2c65101e31646c5ce1e2f253a5c554604c5fb5d4f0016fcf5e5c8dc127862076
306a49365adbf5f928685addb9472b7e000753b1f8a7b1acbbffbdc25749a8a2
33130166ab6367d4efd3efa7fb7835cc813dde97531cfcabb4a63f75712c388a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b851bd9af5635c2682387427eb718d453b8e7aeefdbb01c8521ab32a49004b3
4f7b7fdd8ef1d1d6f6d812d825f9025224e9d298147ccb2a21d8033270594210
58afd37317e5adb23a1e2b5006169e2350cdbc8948ee7998250fce897f3fb699
60cb5f7860d09b38577dc5f20e03e5074adcefbee0057c615d65ae7eb3ab1c76
652b782499578fc71edc11f16015aecfd4b77f5a65dea68670bcae86be9a8bc0
672d37ff4fee546ac500bccd9551c93bba3784b818873b0bcef4d94c8f0f61f8
790163830bb6d9bd803d57992c29ec73871cc99ce8f4926c1b92090cdded1b58
7e545fca4146635ef5b6ac27634638883fd926aa1c755d82b3cadf7ca796bf73
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
832dbd199f70ade357e88a3f5d32920c8c63e69258dc173d3b261686320895db
8995f652e1aa37c3519fbbe182cd2c581f00290f885f35b55c8e00cf32dc4fe1
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
98e3dcaaa45c9a5889e5f5c80ec6f98aee698030dd26aacfaf9dc729442290cd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ebed9b45082be042e7d8bd706a6bc4443412ffd58a70fd051a3756109ecf6d9
a39fda84d9a110d7deecae1b8926b1ac860dd1c76f79e14b3a0d740c315c58c6
a9817fcc8c47c660cb1e81807de582da407dd5f52138f429b6acec3fe302f55b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af9d36c840cd150ebdedd5bb5a6a55b9c11282312a51f3cc3156281438fdae1d
b827ebfbf7302b907513275c73c476ec9b327d97aa3d8345d85527ab711e4af4
c2087636836f4b4bb4139bc68ce2a8368b476e23339d244f06a80219b57fd265
c8879b289784c2f0e524c601ee26bd458ab9d35a527c22ce582904004e47d018
c93374afaa0024f554bcba6f1780592ae590fb633f162afe9af121c8eaf091f8
c9b5ad526fbc46799bfd0f6c263502f9c2c039abe2acdd24262403c0ecb82781
ca96b194d5abd138d0f672418e50343290aa4f47bd0a13ec7fc7478629397a38
cb214c44d76ed3b2d6ab77a887ba0012e339548d1df3395fa5793611e75c49b0
d3c79bd7ec9e3b465f0b821cf931be66542bff3694f7c70e0aeae0f6d7036756
db699d1c90112c6b022c737ac740596f77f3aca7c8517ba42f19fead04c958da
dbc91b1bb88d76884727ccc6a35cf07653714b0a519a6d04193c09b2614c06c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b34461d0536eea47b4e92e5a981770195b5885687ea17433bd8bd62c1613f
f7e39feaa49d1308e4b00c10df037946095e39f44a2f29ebe2a96caddbe55290
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f80ce7415f7fb5c4bf1d8eed31652b1246241e4e3cef6cbf6c853b9a7e16dde0
f81abc642247ee095c6e16e8131cc54be971a537bf9b3f41d4526dda1d72025e
fe92f4544cbae71c1b5b0f79284208923a3f8d5ac1b75f6527249a4d6d56e2b1