urlscan.io logo urlscan.io
SecurityTrails logo

2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io Open in urlscan Pro
2a00:fb01:400:200:5000:45ff:feb5:f777  Public Scan

Go To Rescan Add Verdict Report
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Submission: On December 03 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 5 countries across 17 domains to perform 88 HTTP transactions. The main IP is 2a00:fb01:400:200:5000:45ff:feb5:f777, located in Switzerland and belongs to EVERYWARE-NET EveryWare AG, CH. The main domain is 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io.
TLS certificate: Issued by E6 on October 16th 2024. Valid for: 3 months.
This is the only time 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 2a00:fb01:400... 24951 (EVERYWARE...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.68 15169 (GOOGLE)
6 172.217.18.8 15169 (GOOGLE)
1 146.75.120.157 54113 (FASTLY)
3 2620:1ec:33::10 8075 (MICROSOFT...)
1 2 2620:116:800d... 16509 (AMAZON-02)
5 88.221.123.11 20940 (AKAMAI-AS...)
2 157.240.253.1 32934 (FACEBOOK)
3 172.217.16.142 15169 (GOOGLE)
1 2 216.58.212.166 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.198 15169 (GOOGLE)
2 4 142.250.185.70 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 172.66.0.227 13335 (CLOUDFLAR...)
1 104.244.42.195 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 157.240.0.35 32934 (FACEBOOK)
1 91.228.74.200 16509 (AMAZON-02)
2 142.250.74.194 15169 (GOOGLE)
2 142.250.181.226 15169 (GOOGLE)
88 27
29    2a00:fb01:400:200:5000:45ff:feb5:f777 (Switzerland)

ASN24951 (EVERYWARE-NET EveryWare AG, CH)
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
6    172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net
www.googletagmanager.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
5    88.221.123.11 (Hamburg, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a88-221-123-11.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
3    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.google-analytics.com
2    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net
6785438.fls.doubleclick.net
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
td.doubleclick.net
3    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
4    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
10304459.fls.doubleclick.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
1    2600:9000:223c:ca00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
1    91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel-ssn.quantserve.com
2    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
td.doubleclick.net
Apex Domain
Subdomains		 Transfer
29 icp0.io
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
6 KB
18 doubleclick.net
6785438.fls.doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 182
ad.doubleclick.net — Cisco Umbrella Rank: 145
10304459.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
7 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
820 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
91 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
138 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
128 B
3 google.ch
www.google.ch — Cisco Umbrella Rank: 31394
670 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1536
pixel.quantserve.com — Cisco Umbrella Rank: 1059
pixel-ssn.quantserve.com — Cisco Umbrella Rank: 51440
11 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
15 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
216 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1552
1 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 991
725 B
1 t.co
t.co — Cisco Umbrella Rank: 904
628 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1016
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
811 B
0 freshmarketer.com Failed
cdn.freshmarketer.com Failed
88 17
Domain Requested by
29 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
9 www.googletagmanager.com 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
www.googletagmanager.com
www.google-analytics.com
6 td.doubleclick.net www.googletagmanager.com
5 analytics.tiktok.com 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
analytics.tiktok.com
5 www.google-analytics.com 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
www.google-analytics.com
4 10304459.fls.doubleclick.net 2 redirects www.googletagmanager.com
3 www.google.ch 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
3 ad.doubleclick.net 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
3 bat.bing.com www.googletagmanager.com
bat.bing.com
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
3 www.google.com www.googletagmanager.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 www.facebook.com 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
2 region1.google-analytics.com www.googletagmanager.com
2 6785438.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
connect.facebook.net
1 pixel-ssn.quantserve.com 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
1 pixel.quantserve.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 analytics.twitter.com 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
1 t.co 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
1 secure.quantserve.com 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
1 static.ads-twitter.com www.googletagmanager.com
1 fonts.googleapis.com 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
0 cdn.freshmarketer.com Failed 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
88 26

This site contains no links.

Subject Issuer Validity Valid
boundary.dfinity.network
E6		 2024-10-16 -
2025-01-14		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
quantserve.com
R11		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-11 -
2024-12-10		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
t.co
E6		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-30 -
2025-09-29		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.ch
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Frame ID: BA9A30C6D54971F9DC5DD2E0ACD3A8D6
Requests: 78 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Frame ID: 5879BFC40D9F3FC6985052FD2DD85BCE
Requests: 1 HTTP requests in this frame

Frame: https://6785438.fls.doubleclick.net/activityi;dc_pre=CKyK3fC1iooDFaCS_QcdGdAmwg;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html
Frame ID: 7391C26889C58B59A0A328C39D36FA8D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html
Frame ID: 9E17066717BF69E5C901DE3B8FDB848E
Requests: 1 HTTP requests in this frame

Frame: https://10304459.fls.doubleclick.net/activityi;dc_pre=CPff3_C1iooDFRbnuwgdefA3vQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html
Frame ID: D1A8FDADA627882DDC74D290156F0A2E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html
Frame ID: 60E528B42CB4C86DD0912A0B3E27B142
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-H5L6YQ6FMF&gacid=1064957423.1733188386&gtm=45je4bk0v9125602221za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1392319933
Frame ID: BD44842DCEF8D7683427F4A91B467619
Requests: 1 HTTP requests in this frame

Frame: https://10304459.fls.doubleclick.net/activityi;dc_pre=CPysjvG1iooDFRGW_Qcd-s05bw;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html
Frame ID: 152AC163179417DA7B2466F85A916816
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html
Frame ID: 74AB016A75090F626DE16EC78A4C9BE2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/850038554?random=1733188387106&cv=11&fst=1733188387106&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9126769981z86583067za201zb6583067&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&hn=www.googleadservices.com&frm=0&tiba=MWEB%20Homepage&npa=0&pscdl=noapi&auid=784676055.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: A66A3D25EE563C827F6A68439A215721
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/966096362?random=1733188387133&cv=11&fst=1733188387133&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v893841285z86583067za201zb6583067&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&hn=www.googleadservices.com&frm=0&tiba=MWEB%20Homepage&npa=0&pscdl=noapi&auid=784676055.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: AC24B4EF851DECE3055A5B680D62370F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MWEB Homepage

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

88
Requests

97 %
HTTPS

42 %
IPv6

17
Domains

26
Subdomains

27
IPs

5
Countries

1179 kB
Transfer

3752 kB
Size

29
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://6785438.fls.doubleclick.net/activityi;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html HTTP 302
  • https://6785438.fls.doubleclick.net/activityi;dc_pre=CKyK3fC1iooDFaCS_QcdGdAmwg;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html
Request Chain 51
  • https://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html HTTP 302
  • https://10304459.fls.doubleclick.net/activityi;dc_pre=CPff3_C1iooDFRbnuwgdefA3vQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html
Request Chain 66
  • https://pixel.quantserve.com/pixel;r=2661637;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733188386322;tzo=-60;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2Fmweb-blue-bg%252Ejpg;ses=730bb58d-8d22-4caf-8484-e5833fb4109d;d=icp0.io;uht=2;fpan=1;fpa=P0-1033464409-1733188386324;pbc=;gdpr=0;mdl= HTTP 302
  • https://pixel-ssn.quantserve.com/pixel;r=2661637;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733188386322;tzo=-60;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2Fmweb-blue-bg%252Ejpg;ses=730bb58d-8d22-4caf-8484-e5833fb4109d;d=icp0.io;uht=2;fpan=1;fpa=P0-1033464409-1733188386324;pbc=;gdpr=0;mdl=;dip=82f99e0f-ad8f-4d00-a7c7-4a68a29e86c3
Request Chain 74
  • https://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html HTTP 302
  • https://10304459.fls.doubleclick.net/activityi;dc_pre=CPysjvG1iooDFRGW_Qcd-s05bw;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ui-icons_ffffff_256x240.png.html
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
a37f2f8b4b906ca126b42f2d5c3a9c7091bc6868cbd9da8a2f2c829a6e0cc467
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
content-encoding
gzip
content-length
2813
content-type
text/html
date
Tue, 03 Dec 2024 01:13:05 GMT
ic-certificate
certificate=:2dn3o2R0cmVlgwGDAYMBggRYIKZa+jjiJCKIY6ieu3PP5Vz5wLXmyPh1bDmIzXg5dl6LgwJIY2FuaXN0ZXKDAYIEWCCgfK3xmTfXbEgBeu+hLPpfXLqyWjOjDvFr8XgrkiF3XoMBgwGDAYIEWCCcuCEd6IDdYMc0PLL65ccmumJIbApuugzHSWHPfKNJjoMBggRYIOBk1RIP9dEthvK/XgZQI8pME7Ex0srw8YrYVKo8bruqgwGDAYIEWCDbM7LGf79MPvQRGQ8iEvGId04BkajGuIkbt0YVk9b0yIMBgwGDAYIEWCDCCPEfQN78MwahIXIYxHXTJzIymRyndWMLsTl6V8IAEIMBggRYICz0vP0/UL0eFaeeapBO3bKaWxTU97rG8Mkbo+LeN22JgwGCBFggqLzklFtQCJrvthgBMngZZ4VloL+1pnOjC2gcv0qWsOKDAYMCSgAAAAAAcCxiAQGDAYMBgwJOY2VydGlmaWVkX2RhdGGCA1ggmIEC2I/ZNbz5pwcLi1kTAOPgIHPZvBypRm+OIOQLvrmCBFgg+k3LTMt6nrDVkoFLyoQGbHVQYSJQwGFCByw2mT6lQvaCBFgghRIZEuCkjWKLmBvxtxGAx07lW7hQvAmgDwtWjYnPX4qCBFggwLq47GxHYj0idNguloe/MQncyBVMf1XTvOTamme78EuCBFggMTVdXx/gRt77jMF7hYBF0JXGMpgm70SBluqgBfjJWDiCBFggJe7CLk11qDQkYoYYVd2hCwuz0B1QBHVCJTzwIcnD+aGCBFggTFRjFO4llwDPNTngquRJiOd9Gb6Od9NsN8PlHT5HU9+CBFggnu02UA8ildxzpDVopzdP4sqQLzWwpBSz8T36zbnWuNuCBFgg1muQLcC6KmWkMLNnAQlfw8wjSM0WwuQMHUH8PrGv5+mCBFggFdOSuTH9+D7l8nOc2xBdHZWqeHiszTjUwVhuFm5FDDaDAYIEWCCtA+D6U7nkEPRUNs/hYNNl1de9B9nmP5/NGhQef5gsx4MCRHRpbWWCA0nrtZn+8bThhhhpc2lnbmF0dXJlWDCgwXSD++UcC+iSO5bHazW1/cmWyHXGqlRchaCsnzs+aLvYwlCSzMyGhENcmTTCIadqZGVsZWdhdGlvbqJpc3VibmV0X2lkWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AmtjZXJ0aWZpY2F0ZVkCfdnZ96JkdHJlZYMBggRYIDqK4CviBTA47O8+7FZJxqhgrsjHCLxm1nZgPpIxTjnIgwGDAYIEWCCmFOf0RSVEHUuIc7h17OK9VIKudRAGyL1edx0xKKTom4MCRnN1Ym5ldIMBgwGDAYIEWCA6DNT3kKu1QgxjepJySMeoMhLjqlOvjjW4B0ihByZGD4MBggRYIEZqcChs+azpgBylPiKvbuBZoJT9YEmGBtSEtoVAWDB9gwGCBFggPKLFVJCdOfm7gxBgwjXXo6/tTocHi9j5w2KgLNZb9HyDAYMCWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AoMBgwJPY2FuaXN0ZXJfcmFuZ2VzggNYG9nZ94GCSgAAAAAAcAAAAQFKAAAAAAB///8BAYMCSnB1YmxpY19rZXmCA1iFMIGCMB0GDSsGAQQBgtx8BQMBAgEGDCsGAQQBgtx8BQMCAQNhAJVfUvc8LexZpjeylOULk0211t4p5zu8+E59hqSsQbrXtTn5gXreiRaWHZ3Wv5JXAQ1YVxVuj+aq/Pb9BoeV5wvTOZs0ETAMnMyOug0GjBDkz7b04n0ZWx6teF1hjrOTuYIEWCBMuWZ8ICOS8cNBrUdjkIDhpwYyp2HSspVRssQmTfercYIEWCBpYe8TfCruCwRnCC7208EsA+kwE7YCpMtiFCcOSEhj8YIEWCABFVGeTWbthGrxj28heaWMPzqe8D7gtMQ2ic6BW8zp6oMCRHRpbWWCA0m6nND35fHghRhpc2lnbmF0dXJlWDC4AQGgNgVKLMDaAPjAaIeC1UtFEJsXYQjIhsLOakMhVPK1Fc6cODYRJahejbmJLDE=:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYIEWCCD6Rn25Ps7zsUIIaqc4Smqta1kae8850xCmFGnOQDPiYMBggRYIAGb767MZpjqChWdFSyndmWdysbz92RwGBmWvgIYZ7DegwGCBFggzJgiZ2orND8/DSB2EpAbSZAFmd5Luke+BOk8h6UG17WDAYIEWCBtnjr5kPWCawJtICEUtqfkpmCF/itOKK/eZoHD8p8JrYMBggRYIHRYnfb6BKjB3Hxck1J2RCInMVOjUyppLphmR+g+CR/TgwGCBFgg5/F6JeB+/l7aYUOKafrs4W9u7yeJDv3C7mkP5z6d8xaDAYMBggRYIAlZg+WfYEh1kBwKduoE3Y2muJT63L5Oc563e5J39ulGgwGCBFggQUPsnM6OThsEXSwWr8UTP8Q0rzjDgzQVvyhtKBwowl2DAYMBggRYINbctQTlFZKq3pPPeZUYJTzeHeHOYPznRpL+ajexBg7mgwGCBFggRSXqNRjOAZt57/QYhHFXZZJYTmhjJ7dHDcO+Vi4nCZ+DAYIEWCB5+XWK0/Dnj83AB+ma5CbpOgvmSWM+Hcqd9TtSl8Af4YMCWCYvbXdlYi91aS1pY29uc19mZmZmZmZfMjU2eDI0MC5wbmcuaHRtbIIDWCCjfy+LS5BsoSa0Ly1cOpxwkbxoaMvZ2oovLIKabgzEZ4IEWCCvEIBzSItUmzpu8zW0AuTXp+PMNft0r5BjKkZikPnXG4IEWCBecsd8JBziSxArEaxMhz9TfSabk+7A+jkkZqoMdw6w+w==:
strict-transport-security
max-age=31536000; includeSubDomains
vary
origin, access-control-request-method, access-control-request-headers
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
x-request-id
01938a13-fb22-7e93-b64b-ab82c1ccb42c
all.min.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/FontAwesome/v5.14/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/FontAwesome/v5.14/css/all.min.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb5f-7572-839a-3f045cbcc6a9
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
bootstrap.min.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/bootstrap.min.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb5f-7572-839a-3ef2f203954c
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
bootstrap-slider.min.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/bootstrap-slider.min.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb5f-7572-839a-3f1cb89f2a5d
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
jquery-ui.min.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/jquery-ui.min.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb60-7f93-bd44-dcd157d02272
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
icon
fonts.googleapis.com/ 		569 B
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 01:13:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:05 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 03 Dec 2024 01:13:05 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
styles.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/styles.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb5f-7572-839a-3f369cbfb0b1
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
mweb-custom.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-custom.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb60-7f93-bd44-dcee4419023f
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
rebrand-june-2020.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/rebrand-june-2020.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb60-7f93-bd44-dcfed187e63f
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
main.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/main.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb5f-7572-839a-3f488e43a340
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
order-summary.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/order-summary.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb60-7f93-bd44-dd0b680223a9
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
login-register.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/login-register.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb5f-7572-839a-3f2c93f420ce
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
customer-info.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/customer-info.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb6f-7652-8117-f53548e803ed
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
order-confirmation.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/order-confirmation.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb6f-7652-8117-f4edb9e28ed5
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
dashboard.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/dashboard.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb70-7583-859e-5efc0809f6bd
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
sales-order-tracking.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/sales-order-tracking.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb6f-7652-8117-f50f4b56983f
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
flags.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/flags.css
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb6f-7652-8117-f55c35d06e23
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
mweb-loader-2020.gif
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/media/images/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/media/images/mweb-loader-2020.gif
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
2c07efd1f26aa5c9fb83bdd0fdd03093570c5456ce4d51d01205bf068160bd27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb70-7583-859e-5eeb5eb42bfe
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
jquery.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery.min.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb6f-7652-8117-f516bdfbf194
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
popper.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/popper.min.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb9a-7fc2-bfe5-bd78f4aa4844
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
bootstrap.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/bootstrap.min.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb99-7da2-b100-f42d6c59fa0e
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
jquery-ui.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery-ui.min.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb9a-7fc2-bfe5-bdb92b4012b9
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
stickyfill.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/vendor/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/vendor/stickyfill.min.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb9a-7fc2-bfe5-bd9195cf380a
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
jquery.ui.touch-punch.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery.ui.touch-punch.min.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb9a-7fc2-bfe5-bdab0cfd1395
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
mweb_pollyfills.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/mweb_pollyfills.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb9a-7fc2-bfe5-bd878a15b3ca
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
js
www.googletagmanager.com/gtag/ 		210 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-51279388-1
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ec9c7af9ee80e08ff1b483a602a401852db32ccda114eadcf80f0a173bb83b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 01:13:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:05 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77379
x-xss-protection
0
server
Google Tag Manager
runtime-es2015.0692c2471bd6c4971612.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/runtime-es2015.0692c2471bd6c4971612.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb6f-7652-8117-f5418fd04af0
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
polyfills-es2015.77fe35c7126b5bfe4482.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/polyfills-es2015.77fe35c7126b5bfe4482.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb6f-7652-8117-f5615007d261
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
styles-es2015.5cfc0694cc2b754e769c.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/styles-es2015.5cfc0694cc2b754e769c.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb6f-7652-8117-f522fd960053
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
main-es2015.40e7d0dc7ea88a1ab3a7.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/main-es2015.40e7d0dc7ea88a1ab3a7.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a13-fb70-7583-859e-5ed38430cd97
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:05 GMT
vary
origin, access-control-request-method, access-control-request-headers
gtm.js
www.googletagmanager.com/ 		617 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e21103fcbddf794fe8e577cc9b27e5be5cec3e373e9698bd8a1c050282f5b76d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 03 Dec 2024 01:13:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:05 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
155267
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
gzip
age
1900
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 02:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 00:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.google-analytics.com/gtm/ 		192 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-W5WQJV9&t=gtag_UA_51279388_1&cid=1064957423.1733188386
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbae48372fe4562a231bb7efd53a9d196f510d013f9b83d47b4eb4c392cabea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1073:0"}],}
expires
Tue, 03 Dec 2024 01:13:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1073:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
70644
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&scrsrc=www.googletagmanager.com&frm=0&rnd=359769312.1733188386&auid=784676055.1733188386&npa=0&gtm=45He4bk0v6583067za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733188386034&tfd=510&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers
js
www.googletagmanager.com/gtag/ 		400 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8f3fa8b2e5fe93f1f13c27a70e0f719d869e7f9f13ca34a10cecd9e14596b116
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 01:13:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
132676
x-xss-protection
0
server
Google Tag Manager
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Tue, 03 Dec 2024 01:13:06 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 20:04:45 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kcgs7200099-IAD, cache-fra-etou8220120-FRA
x-amz-server-side-encryption
AES256
destination
www.googletagmanager.com/gtag/ 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-6785438&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
777c63a6adf89c531e16c90539ec8f81526c6d9bd4105a3bb5bfee9ca5fc00bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 03 Dec 2024 01:13:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83690
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10304459&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5b9a3e8941a2f185a6600cf38473dbe0b8e6ec50abfa6d4e1e935269f1e2e9eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 03 Dec 2024 01:13:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83728
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9359E9BB506841DC8C30B25AE0195043 Ref B: ZRHEDGE1919 Ref C: 2024-12-03T01:13:06Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Tue, 03 Dec 2024 01:13:05 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
1405338.js
cdn.freshmarketer.com/454157/ 		0
0
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"mLYq618hJoRcW1Crupr2OQ=="
expires
Tue, 10 Dec 2024 01:13:06 GMT
accept-ranges
bytes
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/javascript
vary
Accept-Encoding
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C82FSI868TKSFI88NQE0&lib=ttq
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a88-221-123-11.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
90b49342b6a5eab704bec67abc01076c4a9dbdb9bdf2001d1bb267e8438d3d87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-147.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
expires
Tue, 03 Dec 2024 01:13:06 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=9, inner; dur=5
x-cache
TCP_MISS from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
a6a8e39.2b080a0b
x-tt-trace-host
01f3367fd9927d86e2066b2ca070318c6221c86d56c5110d944fe9664cab813c243852816b4140eb5c98293fee0e7c741b569bc90b94a27e3ca4a952b6e95982818688f49665f9bd12c9b1f0cf23aff56d5c6ea9467eb15eb0bf6aa270e4944b289802ce5937d0761f63bd9634a639da0f
x-origin-response-time
9,23.220.104.147
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-241203011306D9C85643EC4736A2F863-7E9FD4D0523EC0F0-00
x-parent-response-time
105,88.221.123.103
x-tt-logid
20241203011306D9C85643EC4736A2F863
server
nginx
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-iJAuWIG8' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-iJAuWIG8' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4429, tp=9, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
hk+FWcPx23gRCB7F8uLCp5b4cTxDp8sMA/C+PjP0ZOTJF0IwkMVEtqOWSiOfCTf6h6Lk/Ylc6JPKgBC2cz1B7g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 5879 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:06 GMT
expires
Wed, 03 Dec 2025 01:13:06 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=694241706&t=pageview&_s=1&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&ul=de-ch&de=UTF-8&dt=MWEB%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAACAAI~&jid=1144247577&gjid=1385718484&cid=1064957423.1733188386&tid=UA-51279388-1&_gid=1132012322.1733188386&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=799647526
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
www.google-analytics.com/j/ 		3 B
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=694241706&t=pageview&_s=1&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&ul=de-ch&de=UTF-8&dt=MWEB%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAACAAI~&jid=884895817&gjid=291606121&cid=1064957423.1733188386&tid=UA-51279388-1&_gid=1132012322.1733188386&_r=1&_slc=1&gtm=45He4bk0n71588RWDv6583067za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1071755537
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
www.google-analytics.com/j/ 		15 B
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=694241706&t=pageview&_s=1&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&ul=de-ch&de=UTF-8&dt=MWEB%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAAUADQAAAACAAI~&jid=165740304&gjid=1536189373&cid=1064957423.1733188386&tid=UA-51279388-5&_gid=1132012322.1733188386&_r=1&_slc=1&gtm=45He4bk0n71588RWDv6583067za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=733822575
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
4938bb39e07470f2bf908e6c693dd5b44bea2677aa8afff74de7898f68b3c336
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		293 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H5L6YQ6FMF&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2e83d2fe29139ac1760b08b0ab8d02b587020934260b93c33de1f036a57f2658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 01:13:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103610
x-xss-protection
0
server
Google Tag Manager
1554984301242335
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1554984301242335?v=2.9.176&r=stable&domain=2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
b07fd63e356952a7c94b2c096c6e37a7308d969c490417cc58eae4b43ff9ebc5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-izxZWhg0' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-izxZWhg0' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=77, mss=1232, tbw=70317, tp=65, tpl=0, uplat=139, ullat=0
pragma
public
x-fb-debug
vAE8GmbwK8cCGQleIC4cnp/9RZh65f7UiK1OTHxtexWPs33y2sg3tN9oR92gY2ygTwhjwmcUbG0FwNX2ku3kiw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
activityi;dc_pre=CKyK3fC1iooDFaCS_QcdGdAmwg;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
6785438.fls.doubleclick.net/ Frame 7391
Redirect Chain
  • https://6785438.fls.doubleclick.net/activityi;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
  • https://6785438.fls.doubleclick.net/activityi;dc_pre=CKyK3fC1iooDFaCS_QcdGdAmwg;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6785438.fls.doubleclick.net/activityi;dc_pre=CKyK3fC1iooDFaCS_QcdGdAmwg;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-6785438&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
397
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:06 GMT
expires
Tue, 03 Dec 2024 01:13:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://6785438.fls.doubleclick.net/activityi;dc_pre=CKyK3fC1iooDFaCS_QcdGdAmwg;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45...
td.doubleclick.net/td/fls/rul/ Frame 9E17 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-6785438&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=6785438;type=mwebe0;cat=opens0;ord=3509767215767;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1350837598;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 03 Dec 2024 01:13:06 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"15406991721839437009"}],"aggregatable_trigger_data":[{"filters":[{"14":["10202266"]}],"key_piece":"0x3b3834a54d9d756b","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x9cfb6946eb4b0435","not_filters":{"14":["10202266"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"14553286463322705496","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15406991721839437009","filters":[{"14":["10202266"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15406991721839437009","filters":[{"14":["10202266"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15406991721839437009","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15406991721839437009","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["6785438"]}}
content-type
image/png
x-xss-protection
0
server
cafe
activityi;dc_pre=CPff3_C1iooDFRbnuwgdefA3vQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
10304459.fls.doubleclick.net/ Frame D1A8
Redirect Chain
  • https://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
  • https://10304459.fls.doubleclick.net/activityi;dc_pre=CPff3_C1iooDFRbnuwgdefA3vQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;u...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10304459.fls.doubleclick.net/activityi;dc_pre=CPff3_C1iooDFRbnuwgdefA3vQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10304459&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
397
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:06 GMT
expires
Tue, 03 Dec 2024 01:13:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10304459.fls.doubleclick.net/activityi;dc_pre=CPff3_C1iooDFRbnuwgdefA3vQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=...
td.doubleclick.net/td/fls/rul/ Frame 60E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10304459&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10304459;type=mwebs0;cat=tmi_m000;ord=5529540941109;npa=0;auiddc=784676055.1733188386;ps=1;pcor=147090205;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 03 Dec 2024 01:13:06 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"6990798408261040932"}],"aggregatable_trigger_data":[{"filters":[{"14":["10173440"]}],"key_piece":"0xa9cbb84557e718b8","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x17ef02ffdd1a85f5","not_filters":{"14":["10173440"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"13099230383860033120","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6990798408261040932","filters":[{"14":["10173440"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"6990798408261040932","filters":[{"14":["10173440"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"6990798408261040932","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"6990798408261040932","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10304459"]}}
content-type
image/png
x-xss-protection
0
server
cafe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-85DEGRW3JJ&gtm=45je4bk0v876767749z86583067za200zb6583067&_p=1733188385908&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1064957423.1733188386&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733188386&sct=1&seg=0&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&dt=MWEB%20Homepage&en=page_view&_fv=1&_ss=1&tfd=669
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
text/plain
server
Golfe2
adsct
t.co/1/i/ 		43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&dv=Europe%2FZurich%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2632%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=6b53ded8-e6f6-40b1-a0ca-0e9e0b5eeb4b&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=66bdf0e8-63ef-4f9f-8ba9-b409eda22780&tw_document_href=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&tw_iframe_status=0&txn_id=nxho2&type=javascript&version=2.3.31
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security
max-age=0
x-transaction-id
c94d5784eedc2e6e
cache-control
no-cache, no-store, max-age=0
x-connection-hash
615962c5e85a090298a6dc15d33dbb69f765b7ef90ad60f2e70130d2d958fbbc
cf-cache-status
DYNAMIC
cf-ray
8ebfb136090bbaad-ZRH
x-response-time
182
content-length
43
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FZurich%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2632%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=6b53ded8-e6f6-40b1-a0ca-0e9e0b5eeb4b&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=66bdf0e8-63ef-4f9f-8ba9-b409eda22780&tw_document_href=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&tw_iframe_status=0&txn_id=nxho2&type=javascript&version=2.3.31
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
582f998cd533359f
cache-control
no-cache, no-store, max-age=0
x-connection-hash
29816401bd099d8dc7a2fbf04c8d48b0ad89c3bd200f9f2a0142f8136c7c4ce0
x-response-time
172
content-length
43
date
Tue, 03 Dec 2024 01:13:05 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H5L6YQ6FMF&gtm=45je4bk0v9125602221za200&_p=1733188385908&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=de-ch&sr=1600x1200&cid=1064957423.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&dt=MWEB%20Homepage&sid=1733188386&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=706
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5L6YQ6FMF&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
559 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H5L6YQ6FMF&cid=1064957423.1733188386&gtm=45je4bk0v9125602221za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5L6YQ6FMF&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame BD44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-H5L6YQ6FMF&gacid=1064957423.1733188386&gtm=45je4bk0v9125602221za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1392319933
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5L6YQ6FMF&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H5L6YQ6FMF&cid=1064957423.1733188386&gtm=45je4bk0v9125602221za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1484192371
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Dec 2024 01:13:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
rules-p-7cjmQwa897H2c.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-7cjmQwa897H2c.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ca00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df84a0aead96f4b065bd848f00a7678455297d68b17040c99fe4a507d64d4f29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
gzip
etag
W/"14a7994ec743a847ac238aa942388a81"
age
1629
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
uvUM8eEwGM2xYlXOXm7jCMf-vTEthVirhOCsB3OTiHP9phUrqBgv7Q==
date
Tue, 03 Dec 2024 00:45:58 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 13 Oct 2022 15:31:46 GMT
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
211046735.js
bat.bing.com/p/action/ 		364 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/211046735.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3FDFB902C9364DBA97CF9C61FAE5091C Ref B: ZRHEDGE1919 Ref C: 2024-12-03T01:13:06Z
x-cache
CONFIG_NOCACHE
date
Tue, 03 Dec 2024 01:13:05 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1554984301242335&ev=PageView&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&rl=&if=false&ts=1733188386300&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733188386298.488588034845366621&ler=empty&cdl=API_unavailable&it=1733188386129&coo=false&eid=page_1733188385908.1&rqm=GET
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4475, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1554984301242335&ev=PageView&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&rl=&if=false&ts=1733188386300&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733188386298.488588034845366621&ler=empty&cdl=API_unavailable&it=1733188386129&coo=false&eid=page_1733188385908.1&rqm=FGET
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443987435730261735"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0ddc682c5f573a02","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["6665900523491365"]},"debug_reporting":true,"debug_key":"4234084533682228795"}
date
Tue, 03 Dec 2024 01:13:07 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
syNlENVA6QU7Te88e2h0LmXXX+ANx2W/itQU16R4JpzE/0nbYmlz3PfrY/lFD+Eaj7gDfZiYICLk05I8RI9f4w==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443987435730261735", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4843, tp=13, tpl=0, uplat=678, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=211046735&tm=gtm002&Ver=2&mid=5bceac46-d100-46df-8b3f-7a14ea8ff2a3&bo=1&sid=c072e4d0b11311efb8afa7d26368e127&vid=c0730dc0b11311ef9394bdfcace9a970&vids=1&msclkid=N&pi=918639831&lg=de-CH&sw=1600&sh=1200&sc=24&tl=MWEB%20Homepage&p=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&r=&lt=395&evt=pageLoad&sv=1&cdb=AQAQ&rn=133614
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6A28C67F1B074F7F8C344060CD8FE60D Ref B: ZRHEDGE1919 Ref C: 2024-12-03T01:13:06Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 03 Dec 2024 01:13:05 GMT
pixel;r=2661637;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html;ns=0;ce=1;qjs=1;qv=6cdb9339-202411090...
pixel-ssn.quantserve.com/
Redirect Chain
  • https://pixel.quantserve.com/pixel;r=2661637;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html;ns=0;ce=...
  • https://pixel-ssn.quantserve.com/pixel;r=2661637;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html;ns=0...
35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-ssn.quantserve.com/pixel;r=2661637;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733188386322;tzo=-60;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2Fmweb-blue-bg%252Ejpg;ses=730bb58d-8d22-4caf-8484-e5833fb4109d;d=icp0.io;uht=2;fpan=1;fpa=P0-1033464409-1733188386324;pbc=;gdpr=0;mdl=;dip=82f99e0f-ad8f-4d00-a7c7-4a68a29e86c3
Requested by
Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html
Protocol
H2
Server
91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
date
Tue, 03 Dec 2024 01:13:06 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["XIs9cXuHhiR3L4rY6hRZdQ=="],"pcode":["p-7cjmQwa897H2c"]}],"trigger_data":"1"}]}
content-type
image/gif

Redirect headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
location
https://pixel-ssn.quantserve.com/pixel;r=2661637;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733188386322;tzo=-60;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2Fmweb-blue-bg%252Ejpg;ses=730bb58d-8d22-4caf-8484-e5833fb4109d;d=icp0.io;uht=2;fpan=1;fpa=P0-1033464409-1733188386324;pbc=;gdpr=0;mdl=;dip=82f99e0f-ad8f-4d00-a7c7-4a68a29e86c3
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Tue, 03 Dec 2024 01:13:06 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["XIs9cXuHhiR3L4rY6hRZdQ=="],"pcode":["p-7cjmQwa897H2c"]}],"trigger_data":"1"}]}
content-type
image/gif
main.MTBlZWM4ZGM2MA.js
analytics.tiktok.com/i18n/pixel/static/ 		344 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C82FSI868TKSFI88NQE0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a88-221-123-11.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
61b9d2759cc84695715ac68f96a0b09ddc34ab6c471103c4f608a255ab30ea8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

x-cache
TCP_HIT from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=99
x-tt-trace-id
00-24112612151775920AC1D0B787288592-3E76155B76D82DAA-00
content-length
96665
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024112612151775920AC1D0B787288592
server
nginx
x-akamai-request-id
2b080a2c
x-tt-trace-host
018e0161ab5b8286319941b894ad15067d5dc58ff6bffa9a9d7a3809eaa2cf6c4f1a4a0c2545c08ca60a07d79565f464cca0c6370bf4ef71f0c8c2f1ab541b254bd78b8d152960f6a4c4508519d817f64f035e2965958690bbcd1fd56afc2db77c
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a88-221-123-11.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

x-cache
TCP_MEM_HIT from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id
00-2411150502460C796FB397A41A14221E-020D63BB7F92EA48-00
content-length
39315
date
Tue, 03 Dec 2024 01:13:06 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202411150502460C796FB397A41A14221E
server
nginx
x-akamai-request-id
2b080a48
x-tt-trace-host
01678848fe5f3e0e4d1cf0f366d73cbb1df117915333d0768a4e3413576b4ab452cf32d22d3469e51179760e41e9e2964ad03668ccadbbede19fd487e6f674aa6066c0fac7f2fb47afd2afb6ca7cf5e5783f1fe4b9c4cd1b9339fec7137833ad0f
pixel
analytics.tiktok.com/api/v2/ 		0
877 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a88-221-123-11.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

x-cache-remote
TCP_MISS from a23-220-104-134.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 03 Dec 2024 01:13:06 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=30, inner; dur=17
x-cache
TCP_MISS from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Tue, 03 Dec 2024 01:13:06 GMT
x-akamai-request-id
c69fc795.2b080a4a
access-control-allow-headers
Authorization,*
x-tt-trace-host
01f3367fd9927d86e2066b2ca070318c6221c86d56c5110d944fe9664cab813c248fb1c816ffbe8f7cc4901a4711ebcb6584ee3233333f8970dd8868f35860162b65baf2f69ea0b27e57bce3ca4bfcd413ea70db7922c31bbeca8cf803763d398a203b812ebf439d2b0b29944e432971a7
x-origin-response-time
30,23.220.104.134
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241203011306BE6C37A6CD6D65F7FF1A-37750DFA850C6A68-00
content-length
0
x-parent-response-time
118,88.221.123.103
x-tt-logid
20241203011306BE6C37A6CD6D65F7FF1A
server
nginx
act
analytics.tiktok.com/api/v2/pixel/ 		0
878 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.123.11 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a88-221-123-11.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

x-cache-remote
TCP_MISS from a23-220-104-138.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Tue, 03 Dec 2024 01:13:07 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=235, inner; dur=198
x-cache
TCP_MISS from a88-221-123-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date
Tue, 03 Dec 2024 01:13:07 GMT
x-akamai-request-id
7b262cc0.2b080a6f
access-control-allow-headers
Authorization,*
x-tt-trace-host
01f3367fd9927d86e2066b2ca070318c6221c86d56c5110d944fe9664cab813c2442a231bd132d3bf67c9ca8ad58535b4fd6c045c2b890da8a1fa2da5bc4a3ab8f3b1b59ac86cff2f2ad6a1cdb5657807548d6d5e1226bdaf2470ab736ada8bef0df4b527aaab78925ed108b32091f3d73
x-origin-response-time
235,23.220.104.138
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-24120301130653A515C966F9189B5038-7864F2C75DA02CAF-00
content-length
0
x-parent-response-time
327,88.221.123.103
x-tt-logid
2024120301130653A515C966F9189B5038
server
nginx
destination
www.googletagmanager.com/gtag/ 		287 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-850038554&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
88e64b11c1b1cdf232fabcd52f864d3d426acf12f7fc98681514b990e02e25da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 03 Dec 2024 01:13:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100594
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		289 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-966096362&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d3a252226304a338babb47f4044620d8327e82a7266d4611c7a3ed36c23e6b8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 03 Dec 2024 01:13:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101022
x-xss-protection
0
server
Google Tag Manager
1405338.js
cdn.freshmarketer.com/454157/ 		0
0
activityi;dc_pre=CPysjvG1iooDFRGW_Qcd-s05bw;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
10304459.fls.doubleclick.net/ Frame 152A
Redirect Chain
  • https://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
  • https://10304459.fls.doubleclick.net/activityi;dc_pre=CPysjvG1iooDFRGW_Qcd-s05bw;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;u...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://10304459.fls.doubleclick.net/activityi;dc_pre=CPysjvG1iooDFRGW_Qcd-s05bw;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10304459&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
527
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:07 GMT
expires
Tue, 03 Dec 2024 01:13:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10304459.fls.doubleclick.net/activityi;dc_pre=CPysjvG1iooDFRGW_Qcd-s05bw;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=...
td.doubleclick.net/td/fls/rul/ Frame 74AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10304459&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10304459;type=mwebs0;cat=tmi_m00;ord=4485502287013;npa=0;auiddc=784676055.1733188386;ps=1;pcor=1793005211;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 03 Dec 2024 01:13:07 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"16388016862047794218"}],"aggregatable_trigger_data":[{"filters":[{"14":["10169936"]}],"key_piece":"0xd4757e04498cc76c","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x8e49585161fa5a99","not_filters":{"14":["10169936"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"18304721416737224711","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"16388016862047794218","filters":[{"14":["10169936"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"16388016862047794218","filters":[{"14":["10169936"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"16388016862047794218","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"16388016862047794218","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10304459"]}}
content-type
image/png
x-xss-protection
0
server
cafe
favicon.ico
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/ 		51 B
141 B 		Other
General
Check archive.org
Download Go to
Full URL
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/favicon.ico?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:fb01:400:200:5000:45ff:feb5:f777 , Switzerland, ASN24951 (EVERYWARE-NET EveryWare AG, CH),
Reverse DNS
Software
/
Resource Hash
2c07efd1f26aa5c9fb83bdd0fdd03093570c5456ce4d51d01205bf068160bd27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_ffffff_256x240.png.html

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
01938a14-00e5-7ff2-a5c5-57aeb3c5dd16
x-ic-canister-id
2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers
accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin
*
content-length
51
date
Tue, 03 Dec 2024 01:13:07 GMT
vary
origin, access-control-request-method, access-control-request-headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/?random=1733188387106&cv=11&fst=1733188387106&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9126769981z86583067za201zb6583067&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&hn=www.googleadservices.com&frm=0&tiba=MWEB%20Homepage&npa=0&pscdl=noapi&auid=784676055.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-850038554&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
4c94a1130cc6d7fe6daf8ce2bdf17ba7aeb3992db4a66ada30a67ace047ab818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2378
date
Tue, 03 Dec 2024 01:13:07 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
850038554
td.doubleclick.net/td/rul/ Frame A66A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/850038554?random=1733188387106&cv=11&fst=1733188387106&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9126769981z86583067za201zb6583067&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&hn=www.googleadservices.com&frm=0&tiba=MWEB%20Homepage&npa=0&pscdl=noapi&auid=784676055.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-850038554&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/966096362/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966096362/?random=1733188387133&cv=11&fst=1733188387133&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v893841285z86583067za201zb6583067&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&hn=www.googleadservices.com&frm=0&tiba=MWEB%20Homepage&npa=0&pscdl=noapi&auid=784676055.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-966096362&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a884259c00a61a215d1f163dd31ecc3aa1ba057a909f49b194fd6b5f63d91ce5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2377
date
Tue, 03 Dec 2024 01:13:07 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
966096362
td.doubleclick.net/td/rul/ Frame AC24 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/966096362?random=1733188387133&cv=11&fst=1733188387133&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v893841285z86583067za201zb6583067&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&hn=www.googleadservices.com&frm=0&tiba=MWEB%20Homepage&npa=0&pscdl=noapi&auid=784676055.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-966096362&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 01:13:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/966096362/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/966096362/?random=1733188387133&cv=11&fst=1733187600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v893841285z86583067za201zb6583067&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&hn=www.googleadservices.com&frm=0&tiba=MWEB%20Homepage&npa=0&pscdl=noapi&auid=784676055.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dQ6bBa4G6c4iQ3cyzCJ-y_lbewbJLxgQEFc4JDc-LmWuyWeiY&random=2213562231&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Dec 2024 01:13:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ch/pagead/1p-user-list/966096362/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/966096362/?random=1733188387133&cv=11&fst=1733187600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v893841285z86583067za201zb6583067&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&hn=www.googleadservices.com&frm=0&tiba=MWEB%20Homepage&npa=0&pscdl=noapi&auid=784676055.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dQ6bBa4G6c4iQ3cyzCJ-y_lbewbJLxgQEFc4JDc-LmWuyWeiY&random=2213562231&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Dec 2024 01:13:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/850038554/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/850038554/?random=1733188387106&cv=11&fst=1733187600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9126769981z86583067za201zb6583067&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&hn=www.googleadservices.com&frm=0&tiba=MWEB%20Homepage&npa=0&pscdl=noapi&auid=784676055.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dxTsyDcWjdF7bvbjPLBHwx2Rlf3za0zXHOQkUKClHKVCp3MCK&random=1283166859&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Dec 2024 01:13:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ch/pagead/1p-user-list/850038554/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/pagead/1p-user-list/850038554/?random=1733188387106&cv=11&fst=1733187600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9126769981z86583067za201zb6583067&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&hn=www.googleadservices.com&frm=0&tiba=MWEB%20Homepage&npa=0&pscdl=noapi&auid=784676055.1733188386&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dxTsyDcWjdF7bvbjPLBHwx2Rlf3za0zXHOQkUKClHKVCp3MCK&random=1283166859&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Dec 2024 01:13:07 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-85DEGRW3JJ&gtm=45je4bk0v876767749za200zb6583067&_p=1733188385908&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1064957423.1733188386&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1733188386&sct=1&seg=0&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_ffffff_256x240.png.html&dt=MWEB%20Homepage&en=scroll&epn.percent_scrolled=90&_et=15&tfd=5685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 01:13:11 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.freshmarketer.com
URL
https://cdn.freshmarketer.com/454157/1405338.js
Domain
cdn.freshmarketer.com
URL
https://cdn.freshmarketer.com/454157/1405338.js

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| dataLayer string| GoogleAnalyticsObject function| ga function| gtag object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| twq function| zargetTimeout function| zargetGAInteg number| zargetTimer object| _qevents string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq function| onYouTubeIframeAPIReady object| regeneratorRuntime object| twttr function| quantserve function| __qc object| ezt function| UET function| UET_init function| UET_push object| ueto_62d4d09192 object| uetq object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| GooglebQhCsO

29 Cookies

Domain/Path Name / Value
.icp0.io/ Name: _gid
Value: GA1.2.1132012322.1733188386
.icp0.io/ Name: _gcl_au
Value: 1.1.784676055.1733188386
.icp0.io/ Name: _gat_gtag_UA_51279388_1
Value: 1
.2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/ Name: _ga
Value: GA1.3.1064957423.1733188386
.2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/ Name: _gid
Value: GA1.3.1132012322.1733188386
.2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/ Name: _gat_UA-51279388-1
Value: 1
.2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/ Name: _gat_UA-51279388-5
Value: 1
.icp0.io/ Name: _ga
Value: GA1.1.1064957423.1733188386
.icp0.io/ Name: _ga_85DEGRW3JJ
Value: GS1.1.1733188386.1.0.1733188386.0.0.0
.2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/ Name: _ga_H5L6YQ6FMF
Value: GS1.3.1733188386.1.0.1733188386.60.0.0
.doubleclick.net/ Name: ar_debug
Value: 1
.icp0.io/ Name: _fbp
Value: fb.1.1733188386298.488588034845366621
.doubleclick.net/ Name: IDE
Value: AHWqTUnvTSVrvNhfSGiGk4gzTMmAR8ersbexOBU0-Rxf38WF0Zfr5taGJxFCSN6SJmU
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.icp0.io/ Name: _uetsid
Value: c072e4d0b11311efb8afa7d26368e127
.icp0.io/ Name: _uetvid
Value: c0730dc0b11311ef9394bdfcace9a970
.bing.com/ Name: MUID
Value: 2077B4F191E9678E142EA1BB90B2667A
.quantserve.com/ Name: mc
Value: 674e5b22-58f32-1e1f6-c6fed
.tiktok.com/ Name: _ttp
Value: 2pgWq890NdTtU5p2IeB24Rq8twv
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173318838632016933
.twitter.com/ Name: guest_id_ads
Value: v1%3A173318838632016933
.twitter.com/ Name: personalization_id
Value: "v1_9dCJuxqsqCw7U//xGjYxOQ=="
.twitter.com/ Name: guest_id
Value: v1%3A173318838632016933
.t.co/ Name: muc_ads
Value: 21b97e29-cb2f-4b27-9d9b-d563efa5f8c7
.t.co/ Name: __cf_bm
Value: r3x_hIharAcU2lfK7IgsCydJSN68q8N_3zbslYuyxVI-1733188386-1.0.1.1-Glf_mYIZPgJlO2QyEpZHzeFgZDJMeA4MBEcyptPyINZ8pJDqUeiiyaElM6qUKIy2sK_kcZ950FpPy1vPh.3Mcg
.icp0.io/ Name: __qca
Value: P0-1033464409-1733188386324
.icp0.io/ Name: _tt_enable_cookie
Value: 1
.icp0.io/ Name: _ttp
Value: OQAVj5Ef5FemxFCPOrIZhgkeNk7.tt.1
.doubleclick.net/ Name: APC
Value: AfxxVi5uDf-LL55l2UxOhbgneP-QKT-UyBgKOXpYzji0hqaqUW82nQ

28 Console Messages

Source Level URL
Text
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/bootstrap.min.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/sales-order-tracking.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/order-summary.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/flags.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/login-register.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/styles.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/polyfills-es2015.77fe35c7126b5bfe4482.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/order-confirmation.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/runtime-es2015.0692c2471bd6c4971612.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/jquery-ui.min.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/vendor/stickyfill.min.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/mweb_pollyfills.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/customer-info.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery.ui.touch-punch.min.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/bootstrap-slider.min.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/rebrand-june-2020.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/bootstrap.min.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery-ui.min.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/styles-es2015.5cfc0694cc2b754e769c.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/FontAwesome/v5.14/css/all.min.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/media/images/mweb-loader-2020.gif
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/dashboard.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/popper.min.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/main.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-custom.css
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/main-es2015.40e7d0dc7ea88a1ab3a7.js
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/favicon.ico?v=2
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10304459.fls.doubleclick.net
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
6785438.fls.doubleclick.net
ad.doubleclick.net
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
cdn.freshmarketer.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
pixel-ssn.quantserve.com
pixel.quantserve.com
region1.analytics.google.com
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
cdn.freshmarketer.com
104.244.42.195
142.250.181.226
142.250.185.198
142.250.185.70
142.250.186.68
142.250.74.194
146.75.120.157
157.240.0.35
157.240.253.1
172.217.16.142
172.217.18.8
172.66.0.227
2001:4860:4802:34::36
216.58.212.166
2600:9000:223c:ca00:6:44e3:f8c0:93a1
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:33::10
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9b
2a00:fb01:400:200:5000:45ff:feb5:f777
88.221.123.11
91.228.74.200
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2c07efd1f26aa5c9fb83bdd0fdd03093570c5456ce4d51d01205bf068160bd27
2e83d2fe29139ac1760b08b0ab8d02b587020934260b93c33de1f036a57f2658
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
4938bb39e07470f2bf908e6c693dd5b44bea2677aa8afff74de7898f68b3c336
4c94a1130cc6d7fe6daf8ce2bdf17ba7aeb3992db4a66ada30a67ace047ab818
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5b9a3e8941a2f185a6600cf38473dbe0b8e6ec50abfa6d4e1e935269f1e2e9eb
5ec9c7af9ee80e08ff1b483a602a401852db32ccda114eadcf80f0a173bb83b1
61b9d2759cc84695715ac68f96a0b09ddc34ab6c471103c4f608a255ab30ea8a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
777c63a6adf89c531e16c90539ec8f81526c6d9bd4105a3bb5bfee9ca5fc00bb
88e64b11c1b1cdf232fabcd52f864d3d426acf12f7fc98681514b990e02e25da
8f3fa8b2e5fe93f1f13c27a70e0f719d869e7f9f13ca34a10cecd9e14596b116
90b49342b6a5eab704bec67abc01076c4a9dbdb9bdf2001d1bb267e8438d3d87
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a37f2f8b4b906ca126b42f2d5c3a9c7091bc6868cbd9da8a2f2c829a6e0cc467
a884259c00a61a215d1f163dd31ecc3aa1ba057a909f49b194fd6b5f63d91ce5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b07fd63e356952a7c94b2c096c6e37a7308d969c490417cc58eae4b43ff9ebc5
cbae48372fe4562a231bb7efd53a9d196f510d013f9b83d47b4eb4c392cabea9
cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba
d3a252226304a338babb47f4044620d8327e82a7266d4611c7a3ed36c23e6b8b
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df84a0aead96f4b065bd848f00a7678455297d68b17040c99fe4a507d64d4f29
e21103fcbddf794fe8e577cc9b27e5be5cec3e373e9698bd8a1c050282f5b76d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85