Submitted URL: http://zipperthatdoll.com/
Effective URL: https://www.fbdemo.com/
Submission Tags: @phish_report
Submission: On September 27 via api from FI — Scanned from AU

Summary

This website contacted 10 IPs in 2 countries across 13 domains to perform 32 HTTP transactions. The main IP is 172.67.198.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fbdemo.com.
TLS certificate: Issued by WE1 on September 26th 2024. Valid for: 3 months.
This is the only time www.fbdemo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.212.247 13335 (CLOUDFLAR...)
1 1 172.67.200.8 13335 (CLOUDFLAR...)
1 1 172.67.211.139 13335 (CLOUDFLAR...)
1 1 172.67.157.119 13335 (CLOUDFLAR...)
9 172.67.198.209 13335 (CLOUDFLAR...)
1 142.250.67.10 15169 (GOOGLE)
2 172.67.222.13 13335 (CLOUDFLAR...)
3 103.180.114.1 200325 (BUNNYCDN)
2 172.217.167.72 15169 (GOOGLE)
7 142.250.71.78 15169 (GOOGLE)
2 157.240.8.23 32934 (FACEBOOK)
1 142.251.221.67 15169 (GOOGLE)
2 157.240.8.35 32934 (FACEBOOK)
32 10
Apex Domain
Subdomains
Transfer
9 fbdemo.com
www.fbdemo.com
960 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
23 KB
3 b-cdn.net
lennelucrecia01.b-cdn.net
11 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
72 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
184 KB
2 lennelucrecia.com
www.lennelucrecia.com
371 KB
1 gstatic.com
fonts.gstatic.com
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 beautepoints.com
beautepoints.com
470 B
1 grupdaunemas.com
grupdaunemas.com
469 B
1 daunemas.support
daunemas.support
503 B
1 zipperthatdoll.com
zipperthatdoll.com
479 B
32 13
Domain Requested by
9 www.fbdemo.com www.fbdemo.com
7 www.google-analytics.com www.fbdemo.com
www.googletagmanager.com
www.google-analytics.com
3 lennelucrecia01.b-cdn.net www.fbdemo.com
lennelucrecia01.b-cdn.net
2 www.facebook.com www.fbdemo.com
2 connect.facebook.net www.fbdemo.com
connect.facebook.net
2 www.googletagmanager.com www.fbdemo.com
www.google-analytics.com
2 www.lennelucrecia.com www.fbdemo.com
www.lennelucrecia.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.fbdemo.com
1 beautepoints.com 1 redirects
1 grupdaunemas.com 1 redirects
1 daunemas.support 1 redirects
1 zipperthatdoll.com 1 redirects
32 13

This site contains links to these domains. Also see Links.

Domain
cutt.ly
www.lennelucrecia.com
www.82cart.com
Subject Issuer Validity Valid
fbdemo.com
WE1
2024-09-26 -
2024-12-25
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
lennelucrecia.com
WE1
2024-08-13 -
2024-11-11
3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA
2023-11-05 -
2024-11-11
a year crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-07-06 -
2024-10-04
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.fbdemo.com/
Frame ID: A02692BB02F30F29B6C2B165CDF5F0B3
Requests: 32 HTTP requests in this frame

Screenshot

Page Title

Daunemas Link Alternatif | Login Daunemas Slot | Daftar Situs Daunemas

Page URL History Show full URLs

  1. http://zipperthatdoll.com/ HTTP 307
    https://zipperthatdoll.com/ HTTP 301
    https://daunemas.support/ HTTP 301
    https://grupdaunemas.com/ HTTP 301
    https://beautepoints.com/ HTTP 301
    https://www.fbdemo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

91 %
HTTPS

0 %
IPv6

13
Domains

13
Subdomains

10
IPs

2
Countries

1665 kB
Transfer

3738 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zipperthatdoll.com/ HTTP 307
    https://zipperthatdoll.com/ HTTP 301
    https://daunemas.support/ HTTP 301
    https://grupdaunemas.com/ HTTP 301
    https://beautepoints.com/ HTTP 301
    https://www.fbdemo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.fbdemo.com/
Redirect Chain
  • http://zipperthatdoll.com/
  • https://zipperthatdoll.com/
  • https://daunemas.support/
  • https://grupdaunemas.com/
  • https://beautepoints.com/
  • https://www.fbdemo.com/
99 KB
16 KB
Document
General
Full URL
https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b10ddcbdcfe683f6fc9782c200341b5cdd1c1e53d5d1a55102ad297ab85158c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c9a6cc3ed34a876-SYD
content-encoding
br
content-type
text/html
date
Fri, 27 Sep 2024 09:21:40 GMT
last-modified
Fri, 27 Sep 2024 08:02:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3fdLVucURz7ANlbvpUTeUo64VHkBYnrVKiKBbzWlBMlQXXmiwkwoGmFkEZLAqB%2FYnfzk88O0YcOE5M4DlQtqa0dUhJgfAU1p4vwZRdPWcHUFsDtLnJb1rijWzcs5ZUMA7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding,User-Agent

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8c9a6cc02df0d5d7-SYD
content-type
text/html; charset=iso-8859-1
date
Fri, 27 Sep 2024 09:21:40 GMT
location
https://www.fbdemo.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QsgVgqNwgY1jebIST7r0Dlav%2B8P6XhN9JzvKshd8PRSlDlio0bsz6LOQxNScXX4%2BcbPpAWdCFB5su5IkwCkHpLVnyaKVZ9BozE0CCiGe43UCUMwrae7QDDdjyCvG%2FDseLRqb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
www.fbdemo.com/cdn-cgi/
128 B
556 B
Other
General
Full URL
https://www.fbdemo.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://www.fbdemo.com
Referer
https://www.fbdemo.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYdAefcS5LnIois7w57B8Ccw0dfoE4rq0qXYdTmV2pLXYc400MVbkPg4OQdwN9MUYLJDsZ3FxLx2A6wn0goVwWZH4jhuoSpMGb4%2FKphDjZLxoGpBuhwb3vjm9293UAYEKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9a6cc60fc6a876-SYD
access-control-allow-origin
https://www.fbdemo.com
alt-svc
h3=":443"; ma=86400
content-length
128
date
Fri, 27 Sep 2024 09:21:40 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito|Nunito:700|Alegreya:regular|Archivo+Black:regular|Amaranth:regular|Vollkorn:regular|Carrois+Gothic+SC:regular|Bubblegum+Sans:regular|Allerta+Stencil:regular
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
bd6616ef95557bd745ac4bcc9e17f0640780de3f51cc62a920924a928ef8f0e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, max-age=86400
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 09:21:40 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 09:21:40 GMT
x-xss-protection
0
content-type
text/css; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
theme-44da91514.css
www.lennelucrecia.com/themes/82cart_cloud_store_child/assets/cache/
693 KB
125 KB
Stylesheet
General
Full URL
https://www.lennelucrecia.com/themes/82cart_cloud_store_child/assets/cache/theme-44da91514.css
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a442fe374499e985bc70821de2da84ceadf5b5374749c7dc5a3850f72ee23729

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"662c6cbf-ad55c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0qWjmmZ%2F0nvM5nciQSWvX3H7Jtxgn0NBeqkvTM1Si3kpklvcCzEH0cQyx0qaqj2%2B3HgEbhabnzYDfEOCJY6ALABS7D98krBn3lHf9foxNFqWapObxTsUGQGMX%2Fk2UTyqeuZb8JUESk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9a6cc85b6dd5de-SYD
date
Fri, 27 Sep 2024 09:21:41 GMT
content-type
text/css
last-modified
Sat, 27 Apr 2024 03:10:55 GMT
vary
Accept-Encoding
server
cloudflare
customer-s1.css
lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/
33 KB
7 KB
Stylesheet
General
Full URL
https://lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/customer-s1.css?4180
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 /
Resource Hash
401593f82ab4dc9ff61d5dcec3f5a3d2f4365da206121a18dce161ff5e631b3e

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
cf-cache-status
HIT
etag
W/"64456f9f-82f0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yuCSmE6xjMM21zzQKr6cExWhLCTtb4KtBMqXL7Xvc4feBJ%2BBtO%2FDfSsO5vAlPX67pkmlP7Cn7uepp6ztrsE3fNXBuIYwr3CXkBPKxdPf8vZ%2B41ZVUzcRfwscnWz1sISSMBxhZnTqM3g%3D"}],"group":"cf-nel","max_age":604800}
date
Fri, 27 Sep 2024 09:21:40 GMT
last-modified
Sun, 23 Apr 2023 17:49:19 GMT
content-type
text/css
vary
Accept-Encoding
cdn-cache
MISS
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
09/27/2024 09:21:40
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestpullsuccess
True
cdn-uid
841997ea-5385-4018-a16e-be0b247587d6
cdn-requestid
f4ad7f8401ee68412ea3c24249bc3034
cdn-pullzone
483037
cdn-proxyver
1.04
cf-ray
8c9a6cc63d1379d0-SYD
cdn-requesttime
0
access-control-allow-origin
*
cdn-edgestorageid
1151
server
BunnyCDN-SYD1-1151
cdn-requestcountrycode
AU
js
www.googletagmanager.com/gtag/
254 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-61V6FKMWZ5
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ea7ff52b230f183c817cd474a986eed586de86faf5ef9a7e8b02ae84172024df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 09:21:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 09:21:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91986
x-xss-protection
0
server
Google Tag Manager
logo_daunemas.png
www.fbdemo.com/img/
574 KB
574 KB
Image
General
Full URL
https://www.fbdemo.com/img/logo_daunemas.png
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20a702d7dd78ce5ae83e7e4f61538fed69b05aa8c7c6b08270c960c4046fc2a3

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"8f73c-6231531a38aee"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFaXOc%2Fp2RFtKbQI2YIZ%2FJbpmwEgEra6wv0k9bwgbTBwiEZQH2ZzJNQq45pXpfyhOcty7JI6VCE9o%2F3PrPkh7dP74yhxNuUxkXISufd2KoOxxWtrtKtqvUvWJRqrbn5a3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9a6cca0c42a876-SYD
accept-ranges
bytes
content-length
587580
date
Fri, 27 Sep 2024 09:21:42 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 07:56:34 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
email-decode.min.js
www.fbdemo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.fbdemo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66f31e14-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRprzp0SjP3Nv5xnhS5I35tqVRh8R1E3ya0JZzR5zmIAXNrgfa2CTBSuIxYKIyLIbqeSIVXJ31LmDH06xt7D5rvnJXrS7axXk4nQvEfmgROL%2BacqsZc0ejCJGkQNu2cMbw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c9a6cc6c8f8a876-SYD
expires
Sun, 29 Sep 2024 09:21:40 GMT
date
Fri, 27 Sep 2024 09:21:40 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 20:16:20 GMT
server
cloudflare
vary
Accept-Encoding
bottom-712919513.js
www.lennelucrecia.com/themes/82cart_cloud_store_child/assets/cache/
917 KB
246 KB
Script
General
Full URL
https://www.lennelucrecia.com/themes/82cart_cloud_store_child/assets/cache/bottom-712919513.js
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001d582faf300dc16f4e377ac4b0db096c61134e046dd49e324e2944decdb7ed

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"662c6cc4-e520d"
age
27003
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIfGn9oKJpFGMZBuMOJJ5Y1J%2B%2BRNs7EZYzH0ggY60XI3iSr3juVROvFEoDx6Txb1iSbNDmVHz4g5oj0HoiohcM%2FgiJFZiIs6KPUupLVyozVq3JLNlIqg%2BjRBPawLBCX4VocgX0FdBzA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9a6cc85b70d5de-SYD
date
Fri, 27 Sep 2024 09:21:41 GMT
content-type
application/javascript
last-modified
Sat, 27 Apr 2024 03:11:00 GMT
vary
Accept-Encoding
server
cloudflare
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
gzip
age
4681
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 10:03:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 08:03:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
fbevents.js
connect.facebook.net/en_US/
226 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 27 Sep 2024 09:21:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4409, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
+S7aVjN8nsdMOckv9dW4Lwdjomr4lQwnRGsWsLTjdJBpPRfxiS1VJWoHOXrri4qacKkz5Oceodxl/0EKjKIFpw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59070
x-xss-protection
0
noun_Search_2861426.svg
lennelucrecia01.b-cdn.net/img/cms/icons/
3 KB
2 KB
Image
General
Full URL
https://lennelucrecia01.b-cdn.net/img/cms/icons/noun_Search_2861426.svg
Requested by
Host: lennelucrecia01.b-cdn.net
URL: https://lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/customer-s1.css?4180
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 /
Resource Hash
e3acca85e5cd4befa0770d8957dd59b44a8871a32f48fd6a885a71d46d9069e8

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/customer-s1.css?4180

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"64456f1d-c03"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9BE%2Fp5K19IeS%2BLUPY0e1kCOBjOcuUs7gjlXDDPrAGYQcnnvYgqbxYNlWXHOg%2B9GghLDPZzow8hmXQK9si%2F0XEa7DO0pyp1WkbSaQIaElHEr8srZjBaMY4mLIDFEMti1MSI2jx1r0VUY%3D"}],"group":"cf-nel","max_age":604800}
date
Fri, 27 Sep 2024 09:21:41 GMT
last-modified
Sun, 23 Apr 2023 17:47:09 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cdn-cache
MISS
cdn-requestpullcode
200
cdn-cachedat
09/27/2024 09:21:41
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestpullsuccess
True
cdn-uid
841997ea-5385-4018-a16e-be0b247587d6
cdn-requestid
40eb98ac9e0cb0676ff111c9559083e3
cdn-pullzone
483037
cdn-proxyver
1.04
cf-ray
8c9a6cca7be5a95b-SYD
cdn-requesttime
0
cdn-edgestorageid
1151
server
BunnyCDN-SYD1-1151
cdn-requestcountrycode
AU
sb.png
lennelucrecia01.b-cdn.net/img/cms/icons/
1 KB
2 KB
Image
General
Full URL
https://lennelucrecia01.b-cdn.net/img/cms/icons/sb.png
Requested by
Host: lennelucrecia01.b-cdn.net
URL: https://lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/customer-s1.css?4180
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 /
Resource Hash
a62d88c98e628a9ca22a0c6d70f72d87b68b1807397ca6b66565890c51ed4bda

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/customer-s1.css?4180

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"64456f1d-569"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TyUhYJlSCJT4nIIVFK6D%2BlzGnRFx9TQbPlGLc%2BT40eLPAWaFEgf%2FxtIgR641zjKyOfg5NfZPhIXn7Z5DN59qTYGms5Rx9gMRVLlgpPjNy1uUdw5W2f%2BR0jS8QDFbyT4sxdfOdz5CFaY%3D"}],"group":"cf-nel","max_age":604800}
date
Fri, 27 Sep 2024 09:21:41 GMT
content-type
image/png
last-modified
Sun, 23 Apr 2023 17:47:09 GMT
cdn-cachedat
09/27/2024 09:21:41
cdn-cache
MISS
cdn-requestpullcode
200
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestpullsuccess
True
cdn-uid
841997ea-5385-4018-a16e-be0b247587d6
cdn-requestid
6599a13a3b4174418cc3123c1e4131a1
cdn-pullzone
483037
cdn-proxyver
1.04
cf-ray
8c9a6cca7f5fa823-SYD
cdn-requesttime
0
accept-ranges
bytes
content-length
1385
cdn-edgestorageid
1151
server
BunnyCDN-SYD1-1151
cdn-requestcountrycode
AU
XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v26/
38 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaBTMnFcQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito|Nunito:700|Alegreya:regular|Archivo+Black:regular|Amaranth:regular|Vollkorn:regular|Carrois+Gothic+SC:regular|Bubblegum+Sans:regular|Allerta+Stencil:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
dd1d87a3e43058c21090e00341b2ccce34653e9ca3e67c33e4ad7ac9ab6bc883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://www.fbdemo.com
Referer
https://fonts.googleapis.com/

Response headers

age
501640
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 21 Sep 2025 14:01:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Sep 2024 14:01:01 GMT
last-modified
Thu, 14 Sep 2023 00:02:27 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39188
x-xss-protection
0
server
sffe
bb14167c8c69bd2302067a56625efaf2.woff2
www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/
0
0

banner_daunemas.jpg
www.fbdemo.com/img/
325 KB
325 KB
Image
General
Full URL
https://www.fbdemo.com/img/banner_daunemas.jpg
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d87e0d5ab936560cfe7ef2d40021f46a5542bc596df62d2110d6445bb79f4d8

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"51289-62315316ad752"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7VoInljfrLd%2B0woOsOUXVdoXsjbkPQPXGu4ACLHH%2BtiF6RPFtjzOpbNuZaj2YkBufRtrPYHtyXj2i%2F%2B0KHK2ewC5aaga%2BgfI56jBF3gmqZDUlUUyoEILLUJRVMeMMbqz2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9a6ccacd3aa876-SYD
accept-ranges
bytes
content-length
332425
date
Fri, 27 Sep 2024 09:21:42 GMT
content-type
image/jpeg
last-modified
Fri, 27 Sep 2024 07:56:30 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
194715485617120
connect.facebook.net/signals/config/
74 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/194715485617120?v=2.9.168&r=stable&domain=www.fbdemo.com&hme=3ba426d944c98eb3ce406a0f93fc097d0320a486b65b445a33b2eda3a5aa3429&ex_m=70%2C119%2C105%2C109%2C61%2C4%2C98%2C69%2C16%2C95%2C87%2C51%2C54%2C170%2C173%2C185%2C181%2C182%2C184%2C29%2C99%2C53%2C76%2C183%2C165%2C168%2C178%2C179%2C186%2C129%2C41%2C34%2C141%2C15%2C50%2C192%2C191%2C131%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C91%2C17%2C14%2C94%2C90%2C89%2C106%2C52%2C108%2C39%2C107%2C30%2C92%2C26%2C166%2C169%2C138%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C74%2C100%2C27%2C75%2C9%2C8%2C79%2C48%2C21%2C102%2C101%2C103%2C96%2C10%2C20%2C3%2C38%2C19%2C84%2C56%2C82%2C33%2C73%2C0%2C93%2C32%2C81%2C86%2C47%2C46%2C85%2C37%2C5%2C88%2C80%2C44%2C35%2C83%2C2%2C36%2C63%2C42%2C104%2C45%2C78%2C68%2C110%2C60%2C59%2C31%2C97%2C58%2C55%2C49%2C77%2C72%2C24%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
7c6a34d546726c76728e89d8eb930685b75b9bc643d4bc7a8ef38fdb3c410c0b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 27 Sep 2024 09:21:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=74, mss=1232, tbw=67207, tp=63, tpl=0, uplat=240, ullat=0
pragma
public
x-fb-debug
200n1/0+DCR1cbSHVwStzn7ZA6PzSW/xZS/1zgtXXTqaQSEvZnZZS/iLKCkfQ8dJWl7dr3AZJRl1np4iPmzsyQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-61V6FKMWZ5&gtm=45je49p0v9101452853za200&_p=1727428901476&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=125090984.1727428902&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727428901&sct=1&seg=0&dl=https%3A%2F%2Fwww.fbdemo.com%2F&dt=Daunemas%20Link%20Alternatif%20%7C%20Login%20Daunemas%20Slot%20%7C%20Daftar%20Situs%20Daunemas&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3760
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-61V6FKMWZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.fbdemo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 09:21:41 GMT
content-type
text/plain
server
Golfe2
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
br
age
1419
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 09:58:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 08:58:02 GMT
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1129
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/j/
15 B
296 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1411347477&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fbdemo.com%2F&ul=en-au&de=UTF-8&dt=Daunemas%20Link%20Alternatif%20%7C%20Login%20Daunemas%20Slot%20%7C%20Daftar%20Situs%20Daunemas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEIJAAAAACAAI~&jid=1877041604&gjid=1789058466&cid=125090984.1727428902&tid=UA-159293754-96&_gid=1438840873.1727428902&_r=1&_slc=1&did=d6YPbH&z=970225206
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
c45801f2ac423a4fc50b5d573011cf9ba89bc0aefd78aa16f0d1f5d014c813d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain
Referer
https://www.fbdemo.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 09:21:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.fbdemo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
www.google-analytics.com/
35 B
407 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1411347477&t=event&ni=1&cu=IDR&_s=2&dl=https%3A%2F%2Fwww.fbdemo.com%2F&ul=en-au&de=UTF-8&dt=Daunemas%20Link%20Alternatif%20%7C%20Login%20Daunemas%20Slot%20%7C%20Daftar%20Situs%20Daunemas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=UX&ea=detail&el=Product%20Detail%20View&_u=aCDAAEIJAAAAACAMI~&jid=&gjid=&cid=125090984.1727428902&tid=UA-159293754-96&_gid=1438840873.1727428902&did=d6YPbH&pa=detail&pr1id=646&pr1nm=golden-maple-leaf-daun-emas-artificial-palsu-dekorasi&pr1ca=bunga-artifisial&pr1br=&pr1va=0&pr1ps=0&pr1qt=1&pr1pr=Rp15.000&z=202904209
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

age
68456
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 14:20:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
js
www.googletagmanager.com/gtag/
267 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WFP3HRSSFR&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1d3d9da72105a8e940543e9de70515c764e3a6c757763740ac86c76fd779e91a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 09:21:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 09:21:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96013
x-xss-protection
0
server
Google Tag Manager
47abf9ab81bffceef802e33fb4fb1b89.woff
www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/
0
0

/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=194715485617120&ev=PageView&dl=https%3A%2F%2Fwww.fbdemo.com%2F&rl=&if=false&ts=1727428901882&sw=1600&sh=1200&v=2.9.168&r=stable&ec=0&o=12318&fbp=fb.1.1727428901879.582743614956459163&cs_est=true&ler=empty&cdl=API_unavailable&it=1727428901580&coo=false&rqm=GET
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 27 Sep 2024 09:21:42 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=194715485617120&ev=PageView&dl=https%3A%2F%2Fwww.fbdemo.com%2F&rl=&if=false&ts=1727428901882&sw=1600&sh=1200&v=2.9.168&r=stable&ec=0&o=12318&fbp=fb.1.1727428901879.582743614956459163&cs_est=true&ler=empty&cdl=API_unavailable&it=1727428901580&coo=false&rqm=FGET
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 27 Sep 2024 09:21:42 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
T6TdJ1djsZJ4vx+pWFf7f/LWGpZt/vZaCUDq9s5aMj5RNL4Xx3YLeZB8m+xNOdpPxcUweDKhR5cYYKSffmIdMQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=3088, tp=-1, tpl=-1, uplat=225, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
9e54cf2cf0d1eb640867446fcbd7d254.ttf
www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/
0
0

collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WFP3HRSSFR&gtm=45je49p0v9124598362za200&_p=1727428901476&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101671035~101747727&ul=en-au&sr=1600x1200&cid=125090984.1727428902&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.fbdemo.com%2F&dt=Daunemas%20Link%20Alternatif%20%7C%20Login%20Daunemas%20Slot%20%7C%20Daftar%20Situs%20Daunemas&sid=1727428902&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&edid=d6YPbH&tfd=4176
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFP3HRSSFR&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.fbdemo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 09:21:42 GMT
content-type
text/plain
server
Golfe2
pavicon-daunemas.png
www.fbdemo.com/img/
42 KB
42 KB
Other
General
Full URL
https://www.fbdemo.com/img/pavicon-daunemas.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7f0b985a16b3a07578c1f49594371a5acda059ca75420a5522097a2cd0de89

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a789-6231531770099"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e92h4%2BNtiOOuJotRFU5luGIX1FTqkoJ1RJEE6mrEmHGxexuZYSFeaXGqVj9TCiyjSZD1i%2B51LDqHGoVC5xA2b1tByjEke6E5%2F%2FCEWK%2BWHsngei29iTRWtXhYon5iufJ9lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9a6cd16bc9a876-SYD
accept-ranges
bytes
content-length
42889
date
Fri, 27 Sep 2024 09:21:43 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 07:56:31 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
pavicon-daunemas.png
www.fbdemo.com/img/
42 KB
0
Other
General
Full URL
https://www.fbdemo.com/img/pavicon-daunemas.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7f0b985a16b3a07578c1f49594371a5acda059ca75420a5522097a2cd0de89

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a789-6231531770099"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e92h4%2BNtiOOuJotRFU5luGIX1FTqkoJ1RJEE6mrEmHGxexuZYSFeaXGqVj9TCiyjSZD1i%2B51LDqHGoVC5xA2b1tByjEke6E5%2F%2FCEWK%2BWHsngei29iTRWtXhYon5iufJ9lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9a6cd16bc9a876-SYD
accept-ranges
bytes
content-length
42889
date
Fri, 27 Sep 2024 09:21:43 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 07:56:31 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
pavicon-daunemas.png
www.fbdemo.com/img/
42 KB
0
Other
General
Full URL
https://www.fbdemo.com/img/pavicon-daunemas.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7f0b985a16b3a07578c1f49594371a5acda059ca75420a5522097a2cd0de89

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a789-6231531770099"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e92h4%2BNtiOOuJotRFU5luGIX1FTqkoJ1RJEE6mrEmHGxexuZYSFeaXGqVj9TCiyjSZD1i%2B51LDqHGoVC5xA2b1tByjEke6E5%2F%2FCEWK%2BWHsngei29iTRWtXhYon5iufJ9lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9a6cd16bc9a876-SYD
accept-ranges
bytes
content-length
42889
date
Fri, 27 Sep 2024 09:21:43 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 07:56:31 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
pavicon-daunemas.png
www.fbdemo.com/img/
42 KB
0
Other
General
Full URL
https://www.fbdemo.com/img/pavicon-daunemas.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7f0b985a16b3a07578c1f49594371a5acda059ca75420a5522097a2cd0de89

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a789-6231531770099"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e92h4%2BNtiOOuJotRFU5luGIX1FTqkoJ1RJEE6mrEmHGxexuZYSFeaXGqVj9TCiyjSZD1i%2B51LDqHGoVC5xA2b1tByjEke6E5%2F%2FCEWK%2BWHsngei29iTRWtXhYon5iufJ9lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9a6cd16bc9a876-SYD
accept-ranges
bytes
content-length
42889
date
Fri, 27 Sep 2024 09:21:43 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 07:56:31 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WFP3HRSSFR&gtm=45je49p0v9124598362za200&_p=1727428901476&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101671035~101747727&ul=en-au&sr=1600x1200&cid=125090984.1727428902&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&cu=IDR&dl=https%3A%2F%2Fwww.fbdemo.com%2F&dt=Daunemas%20Link%20Alternatif%20%7C%20Login%20Daunemas%20Slot%20%7C%20Daftar%20Situs%20Daunemas&sid=1727428902&sct=1&seg=0&_s=2&tfd=9179
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFP3HRSSFR&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8
Referer
https://www.fbdemo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.fbdemo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 09:21:47 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.lennelucrecia.com
URL
https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/bb14167c8c69bd2302067a56625efaf2.woff2
Domain
www.lennelucrecia.com
URL
https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/47abf9ab81bffceef802e33fb4fb1b89.woff
Domain
www.lennelucrecia.com
URL
https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/9e54cf2cf0d1eb640867446fcbd7d254.ttf

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| addtocart_animation number| click_on_header_cart object| prestashop boolean| quick_search_as number| quick_search_as_min number| quick_search_as_size string| st_maximum_already_message string| st_refresh_url object| sttheme string| wrongemailaddress_stnewsletter string| label_payment_fee object| gaDevIds string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer function| fbq function| _fbq object| swiper_options function| st_update_cart function| showFlyimgImage function| init_global_maps object| st_owl_progressBar object| st_owl_bar object| st_owl_elem object| st_owl_isPause object| st_owl_tick object| st_owl_percentTime function| st_owl_progressBar_init function| st_owl_buildProgressBar function| st_owl_start function| st_owl_pauseOnDragging function| st_owl_moved function| vc_js function| vc_initVideoBackgrounds function| vcExtractYoutubeId function| vcResizeVideoBackground function| insertYoutubeVideoAsBackground function| getColumnsCount string| screen_size function| getSizeName function| loadScript function| wpb_prepare_tab_content function| vc_accordionActivate function| addNotification object| func_pa function| ajaxGetPaymentFee function| ajaxChangePaymentMethod object| GoogleAnalyticEnhancedECommerce function| vc_plugin_flexslider function| vc_twitterBehaviour function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts function| $ function| jQuery function| Tether function| Swiper function| Waypoint function| hcSticky function| Stellar function| vc_rowBehaviour object| Select2 string| waypointContextKey object| google_tag_manager object| google_tag_data object| gaGlobal object| gaplugins object| gaData

6 Cookies

Domain/Path Name / Value
.fbdemo.com/ Name: _ga_61V6FKMWZ5
Value: GS1.1.1727428901.1.0.1727428901.0.0.0
.fbdemo.com/ Name: _ga
Value: GA1.2.125090984.1727428902
.fbdemo.com/ Name: _gid
Value: GA1.2.1438840873.1727428902
.fbdemo.com/ Name: _gat
Value: 1
.fbdemo.com/ Name: _fbp
Value: fb.1.1727428901879.582743614956459163
.fbdemo.com/ Name: _ga_WFP3HRSSFR
Value: GS1.2.1727428902.1.0.1727428902.0.0.0

6 Console Messages

Source Level URL
Text
javascript error URL: https://www.fbdemo.com/
Message:
Access to font at 'https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/bb14167c8c69bd2302067a56625efaf2.woff2' from origin 'https://www.fbdemo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/bb14167c8c69bd2302067a56625efaf2.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.fbdemo.com/
Message:
Access to font at 'https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/47abf9ab81bffceef802e33fb4fb1b89.woff' from origin 'https://www.fbdemo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/47abf9ab81bffceef802e33fb4fb1b89.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.fbdemo.com/
Message:
Access to font at 'https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/9e54cf2cf0d1eb640867446fcbd7d254.ttf' from origin 'https://www.fbdemo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/9e54cf2cf0d1eb640867446fcbd7d254.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beautepoints.com
connect.facebook.net
daunemas.support
fonts.googleapis.com
fonts.gstatic.com
grupdaunemas.com
lennelucrecia01.b-cdn.net
www.facebook.com
www.fbdemo.com
www.google-analytics.com
www.googletagmanager.com
www.lennelucrecia.com
zipperthatdoll.com
www.lennelucrecia.com
103.180.114.1
142.250.67.10
142.250.71.78
142.251.221.67
157.240.8.23
157.240.8.35
172.217.167.72
172.67.157.119
172.67.198.209
172.67.200.8
172.67.211.139
172.67.212.247
172.67.222.13
001d582faf300dc16f4e377ac4b0db096c61134e046dd49e324e2944decdb7ed
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1d3d9da72105a8e940543e9de70515c764e3a6c757763740ac86c76fd779e91a
20a702d7dd78ce5ae83e7e4f61538fed69b05aa8c7c6b08270c960c4046fc2a3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d87e0d5ab936560cfe7ef2d40021f46a5542bc596df62d2110d6445bb79f4d8
401593f82ab4dc9ff61d5dcec3f5a3d2f4365da206121a18dce161ff5e631b3e
7b10ddcbdcfe683f6fc9782c200341b5cdd1c1e53d5d1a55102ad297ab85158c
7c6a34d546726c76728e89d8eb930685b75b9bc643d4bc7a8ef38fdb3c410c0b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b7f0b985a16b3a07578c1f49594371a5acda059ca75420a5522097a2cd0de89
979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a
a442fe374499e985bc70821de2da84ceadf5b5374749c7dc5a3850f72ee23729
a62d88c98e628a9ca22a0c6d70f72d87b68b1807397ca6b66565890c51ed4bda
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bd6616ef95557bd745ac4bcc9e17f0640780de3f51cc62a920924a928ef8f0e3
c45801f2ac423a4fc50b5d573011cf9ba89bc0aefd78aa16f0d1f5d014c813d9
dd1d87a3e43058c21090e00341b2ccce34653e9ca3e67c33e4ad7ac9ab6bc883
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3acca85e5cd4befa0770d8957dd59b44a8871a32f48fd6a885a71d46d9069e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7ff52b230f183c817cd474a986eed586de86faf5ef9a7e8b02ae84172024df