signin.tofeliq-jour.online Open in urlscan Pro
194.164.74.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://signin.tofeliq-jour.online/
Submission: On August 25 via automatic, source certstream-suspicious (August 25th 2024, 11:47:14 am UTC) — Scanned from US

Summary HTTP 172 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 37 domains to perform 172 HTTP transactions. The main IP is 194.164.74.181, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is signin.tofeliq-jour.online.
TLS certificate: Issued by R10 on August 25th 2024. Valid for: 3 months.

This is the only time signin.tofeliq-jour.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	194.164.74.181 194.164.74.181	47583 (AS-HOSTINGER) (AS-HOSTINGER)
16	23.44.111.19 23.44.111.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.107.246.40 13.107.246.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	18.173.132.108 18.173.132.108	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
3	108.138.128.75 108.138.128.75	16509 (AMAZON-02) (AMAZON-02)
6	13.226.38.199 13.226.38.199	16509 (AMAZON-02) (AMAZON-02)
3	18.173.219.102 18.173.219.102	16509 (AMAZON-02) (AMAZON-02)
10	142.250.72.104 142.250.72.104	15169 (GOOGLE) (GOOGLE)
1	23.200.3.19 23.200.3.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	150.171.29.10 150.171.29.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.176.206 142.250.176.206	15169 (GOOGLE) (GOOGLE)
8	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
2	23.204.6.193 23.204.6.193	16625 (AKAMAI-AS) (AKAMAI-AS)
6	23.201.174.204 23.201.174.204	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.251.40.138 142.251.40.138	15169 (GOOGLE) (GOOGLE)
2 4	108.138.106.60 108.138.106.60	16509 (AMAZON-02) (AMAZON-02)
2	23.44.201.247 23.44.201.247	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.51.57.57 23.51.57.57	16625 (AKAMAI-AS) (AKAMAI-AS)
1 9	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
4	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.6.57.171 52.6.57.171	14618 (AMAZON-AES) (AMAZON-AES)
2 7	150.171.22.12 150.171.22.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	63.140.37.206 63.140.37.206	16509 (AMAZON-02) (AMAZON-02)
6	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	35.171.12.219 35.171.12.219	14618 (AMAZON-AES) (AMAZON-AES)
4 4	52.201.14.138 52.201.14.138	14618 (AMAZON-AES) (AMAZON-AES)
2	54.197.140.34 54.197.140.34	14618 (AMAZON-AES) (AMAZON-AES)
10	157.240.241.35 157.240.241.35	32934 (FACEBOOK) (FACEBOOK)
2	211.249.221.187 211.249.221.187	7625 (DAUM-AS K...) (DAUM-AS Kakao Corp)
2	18.173.219.34 18.173.219.34	16509 (AMAZON-02) (AMAZON-02)
1 3	44.240.118.251 44.240.118.251	16509 (AMAZON-02) (AMAZON-02)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
6 10	34.160.19.107 34.160.19.107	15169 (GOOGLE) (GOOGLE)
1 1	23.197.253.128 23.197.253.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 2	54.92.162.110 54.92.162.110	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
172	41

36 194.164.74.181 (Germany)

ASN47583 (AS-HOSTINGER, CY)

signin.tofeliq-jour.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.44.111.19 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-111-19.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.132.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-108.jfk52.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.128.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-75.jfk50.r.cloudfront.net

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.226.38.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-38-199.ewr53.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.219.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-102.jfk52.r.cloudfront.net

cdn.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.72.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.200.3.19 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-3-19.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.171.29.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.204.6.193 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-6-193.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.201.174.204 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-174-204.deploy.static.akamaitechnologies.com

idaas-signin-sdk.ets.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.138 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.106.60 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-60.jfk50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.201.247 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-247.deploy.static.akamaitechnologies.com

t1.daumcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.57.57 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-57.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.67.181.211 (North Bergen, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.6.57.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-57-171.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 150.171.22.12 (United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)

20842913p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.37.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-37-206.data.adobedc.net

smetrics.ets.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

709-zco-379.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.12.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-12-219.compute-1.amazonaws.com

events.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.201.14.138 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-14-138.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.197.140.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-140-34.compute-1.amazonaws.com

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 211.249.221.187 (Korea, Republic Of)

ASN7625 (DAUM-AS Kakao Corp, KR)

bc.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.219.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-34.jfk52.r.cloudfront.net

cdn.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.240.118.251 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-118-251.us-west-2.compute.amazonaws.com

tr.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.226 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.160.19.107 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.253.128 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-253-128.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.92.162.110 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-162-110.compute-1.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.154.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	tofeliq-jour.online signin.tofeliq-jour.online	566 KB
18	brand-display.com 7 redirects cdn.brand-display.com — Cisco Umbrella Rank: 75008 tr.brand-display.com — Cisco Umbrella Rank: 73572 dmp.brand-display.com — Cisco Umbrella Rank: 3697	32 KB
16	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	298 KB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	8 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	932 KB
10	adnxs.com 1 redirects acdn.adnxs.com — Cisco Umbrella Rank: 961 secure.adnxs.com — Cisco Umbrella Rank: 764 ib.adnxs.com — Cisco Umbrella Rank: 383	15 KB
8	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 www.linkedin.com — Cisco Umbrella Rank: 914	4 KB
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	98 KB
8	boomtrain.com cdn.boomtrain.com — Cisco Umbrella Rank: 7265 people.api.boomtrain.com — Cisco Umbrella Rank: 7795 events.api.boomtrain.com — Cisco Umbrella Rank: 9880	32 KB
7	doubleclick.net 1 redirects td.doubleclick.net — Cisco Umbrella Rank: 481 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	833 B
7	ets.org idaas-signin-sdk.ets.org — Cisco Umbrella Rank: 618757 smetrics.ets.org — Cisco Umbrella Rank: 608841	174 KB
6	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 937 i6.liadm.com — Cisco Umbrella Rank: 5739	3 KB
6	segment.com cdn.segment.com — Cisco Umbrella Rank: 3005	46 KB
6	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 1114 t.clarity.ms — Cisco Umbrella Rank: 8415	29 KB
4	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 2084	11 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 567	222 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 646	1 KB
3	rfihub.com 20842913p.rfihub.com a.rfihub.com — Cisco Umbrella Rank: 4498
3	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 6745	6 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	1 KB
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 1396	923 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 864	501 B
2	daum.net bc.ad.daum.net — Cisco Umbrella Rank: 59320
2	daumcdn.net t1.daumcdn.net — Cisco Umbrella Rank: 19558	19 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 8471	7 KB
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 1077	1 KB
1	casalemedia.com dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1102	768 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 1285	632 B
1	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 689	489 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 2197	99 B
1	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 499	294 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 1219	565 B
1	mktoresp.com 709-zco-379.mktoresp.com — Cisco Umbrella Rank: 493654	318 B
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	36 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
1	bing.com bat.bing.com — Cisco Umbrella Rank: 534 c.bing.com Failed	14 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
172	37

	Domain	Requested by
36	signin.tofeliq-jour.online	signin.tofeliq-jour.online
16	analytics.tiktok.com	signin.tofeliq-jour.online analytics.tiktok.com
10	dmp.brand-display.com	6 redirects signin.tofeliq-jour.online
10	www.facebook.com	signin.tofeliq-jour.online
10	www.googletagmanager.com	signin.tofeliq-jour.online
8	connect.facebook.net	signin.tofeliq-jour.online connect.facebook.net
7	px.ads.linkedin.com	2 redirects idaas-signin-sdk.ets.org signin.tofeliq-jour.online
6	td.doubleclick.net	signin.tofeliq-jour.online
6	idaas-signin-sdk.ets.org	signin.tofeliq-jour.online
6	cdn.segment.com	signin.tofeliq-jour.online idaas-signin-sdk.ets.org cdn.segment.com
5	ib.adnxs.com	idaas-signin-sdk.ets.org signin.tofeliq-jour.online
5	cdn.brand-display.com	signin.tofeliq-jour.online cdn.brand-display.com
4	i.liadm.com	4 redirects
4	people.api.boomtrain.com	idaas-signin-sdk.ets.org
4	t.clarity.ms	idaas-signin-sdk.ets.org
4	secure.adnxs.com	1 redirects signin.tofeliq-jour.online live.rezync.com
4	live.rezync.com	2 redirects signin.tofeliq-jour.online
4	maps.googleapis.com	signin.tofeliq-jour.online idaas-signin-sdk.ets.org maps.googleapis.com
3	pixel.tapad.com	2 redirects signin.tofeliq-jour.online
3	tr.brand-display.com	1 redirects signin.tofeliq-jour.online
3	c1.rfihub.net	signin.tofeliq-jour.online
3	cdn.boomtrain.com	signin.tofeliq-jour.online
2	match.adsrvr.org	2 redirects
2	ce.lijit.com	1 redirects signin.tofeliq-jour.online
2	us-u.openx.net	1 redirects signin.tofeliq-jour.online
2	bc.ad.daum.net	idaas-signin-sdk.ets.org
2	i6.liadm.com	signin.tofeliq-jour.online
2	20842913p.rfihub.com	c1.rfihub.net
2	t1.daumcdn.net	signin.tofeliq-jour.online t1.daumcdn.net
2	munchkin.marketo.net	signin.tofeliq-jour.online
2	www.clarity.ms	signin.tofeliq-jour.online www.clarity.ms
1	a.rfihub.com	c1.rfihub.net
1	bh.contextweb.com	signin.tofeliq-jour.online
1	dsum-sec.casalemedia.com	signin.tofeliq-jour.online
1	pippio.com	1 redirects
1	idsync.rlcdn.com	1 redirects
1	sync.taboola.com	signin.tofeliq-jour.online
1	x.bidswitch.net	1 redirects
1	tags.bluekai.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	www.linkedin.com	1 redirects
1	events.api.boomtrain.com	idaas-signin-sdk.ets.org
1	709-zco-379.mktoresp.com	munchkin.marketo.net
1	smetrics.ets.org	idaas-signin-sdk.ets.org
1	assets.adobedtm.com	signin.tofeliq-jour.online
1	www.google-analytics.com	signin.tofeliq-jour.online
1	bat.bing.com	signin.tofeliq-jour.online
1	snap.licdn.com	signin.tofeliq-jour.online
1	acdn.adnxs.com	signin.tofeliq-jour.online
0	c.bing.com Failed
172	50

This site contains links to these domains. Also see Links.

Domain
www.ets.org
toefl.cn
get.adobe.com

Subject Issuer	Validity	Valid
signin.tofeliq-jour.online R10	`2024-08-25` - `2024-11-23`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.boomtrain.com Amazon RSA 2048 M02	`2024-01-10` - `2025-02-07`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
brand-display.com Amazon RSA 2048 M03	`2024-03-14` - `2025-04-12`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.ets.org DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-30`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.rezync.com Amazon RSA 2048 M02	`2023-10-25` - `2024-11-21`	a year	crt.sh
*.daumcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-12` - `2025-04-11`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.api.boomtrain.com Amazon RSA 2048 M02	`2024-08-16` - `2025-09-13`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-08` - `2025-04-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
smetrics.ets.org Sectigo RSA Organization Validation Secure Server CA	`2024-03-12` - `2025-03-12`	a year	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
ad.daum.net Thawte TLS RSA CA G1	`2024-01-03` - `2025-01-30`	a year	crt.sh
*.knorex.com Amazon RSA 2048 M03	`2024-05-27` - `2025-06-25`	a year	crt.sh
*.brand-display.com GeoTrust TLS RSA CA G1	`2024-06-11` - `2025-06-11`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://signin.tofeliq-jour.online/
Frame ID: 52B7301BCDDE59DEA6D30270802AA823
Requests: 160 HTTP requests in this frame

Frame: https://20842913p.rfihub.com/ca.html?ver=9&rb=45053&ca=20842913&_o=45053&_t=20842913&userid=fe440bc8-ee24-4194-8e32-e63fd296b19a%3A1724586426.2002556&pe=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&pf=&ra=777860923740443
Frame ID: CC8E8EAB71A6DFF7707544F9635A5005
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/471062756?random=1714219587790&cv=11&fst=1714219587790&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v892194152z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&label=CR008_Creatip_signin&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&value=0&bttype=purchase&npa=0&gclaw=Cj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&gac=UA-44416257-1%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB%3BUA-44416257-5%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: EF48F29AB708BC0B6B241053F8E49D9C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/471062756?random=1714219587803&cv=11&fst=1714219587803&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v892194152z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&label=CR008_Creatip_signin_rm&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&npa=0&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1
Frame ID: B76F7E2EBF7D8A51202B44C8B141815C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11022720383?random=1714219587879&cv=11&fst=1714219587879&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v897788250z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&label=11022720383&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&value=0&bttype=purchase&npa=0&gclaw=Cj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&gac=UA-44416257-1%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB%3BUA-44416257-5%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: F160F21FAF19E22A2ED714A4B5D8DD98
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11350394542?random=1714219588087&cv=11&fst=1714219588087&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v9166903837z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&label=j5ZJCOj_oOYYEK6NpaQq&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&npa=0&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1
Frame ID: 6F2BD48A7F9748305045C6225A6D8668
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/961899722?random=1714219588110&cv=11&fst=1714219588110&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v9171148518z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&label=MwBnCO-d9_QYEMrZ1coD&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&value=0&bttype=purchase&npa=0&gclaw=Cj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&gac=UA-44416257-1%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB%3BUA-44416257-5%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: 73454FE629D862FD932E39997241511A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/961899722?random=1714219588119&cv=11&fst=1714219588119&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v9171148518z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&npa=0&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1
Frame ID: 900BEF0A101C6A5C1D5F0DFEA765B30D
Requests: 1 HTTP requests in this frame

Frame: https://t1.daumcdn.net/kas/static/third-party/cookie/ct2.html
Frame ID: 39C18F0E2995ABCC6665740DDFBCC484
Requests: 1 HTTP requests in this frame

Frame: https://20842913p.rfihub.com/ca.html?ver=9&rb=45053&ca=20842913&_o=45053&_t=20842913&userid=fe440bc8-ee24-4194-8e32-e63fd296b19a%3A1724586426.2002556&pe=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&pf=&ra=9818928095986283
Frame ID: 8E0F9F04686B48A32668817DC27EC0A2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.brand-display.com/tr/tag/cfix.html?key=f9db2a063535de85af8f40b24da323d2205cf281
Frame ID: 4C981C334B7BAA88BA3AAB00675F796C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.brand-display.com/tr/tag/cfix.html?key=f9db2a063535de85af8f40b24da323d2205cf281
Frame ID: 7993AB578A3ACF4FE7F91D83A0B3ED5D
Requests: 1 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=45053&ca=20842913&ri=318e015431833d7bfd00f3e02bf8bad0&stats=undefined&ra=37457584809774636
Frame ID: 07D57F1A3C7A5E6A5E4E4D9C0348B552
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

172
Requests

90 %
HTTPS

0 %
IPv6

37
Domains

50
Subdomains

41
IPs

4
Countries

2582 kB
Transfer

9490 kB
Size

76
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ets.org/
Title: This link will open in a new window

Search URL Search Domain Scan URL

URL: https://www.ets.org/contact/testing-programs/toefl/test-takers.html
Title: Help

Search URL Search Domain Scan URL

URL: https://toefl.cn/at-home
Title: official TOEFL website for China.

Search URL Search Domain Scan URL

URL: https://www.ets.org/
Title: Opens in new window

Search URL Search Domain Scan URL

URL: https://www.ets.org/contact/help
Title: HelpOpens in new window

Search URL Search Domain Scan URL

URL: https://www.ets.org/legal
Title: LegalOpens in new window

Search URL Search Domain Scan URL

URL: https://www.ets.org/legal/privacy
Title: Privacy and SecurityOpens in new window

Search URL Search Domain Scan URL

URL: https://www.ets.org/legal/trademarks/owned
Title: ETS TrademarksOpens in new window

Search URL Search Domain Scan URL

URL: https://www.ets.org/toefl/contact
Title: Contact UsThis link will open in a new window

Search URL Search Domain Scan URL

URL: http://www.ets.org/legal
Title: LegalThis link will open in a new window

Search URL Search Domain Scan URL

URL: http://www.ets.org/legal/privacy
Title: Privacy & SecurityThis link will open in a new window

Search URL Search Domain Scan URL

URL: http://www.ets.org/legal/trademarks/owned
Title: ETS TrademarksThis link will open in a new window

Search URL Search Domain Scan URL

URL: http://get.adobe.com/reader/
Title: Get Adobe Reader (for PDFs)This link will open in a new window

Search URL Search Domain Scan URL

URL: http://www.ets.org/legal/terms/
Title: Terms of Use

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://secure.adnxs.com/seg?add=31891253&t=1&cb=1714219588.0983093 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31891253%26t%3D1%26cb%3D1714219588.0983093

Request Chain 117

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&k=lionly&cache_buster=1724586427047 HTTP 302
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a%3A1724586426.2002556&_=1724586427.1147635 HTTP 303
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.1147635&_li_chk=true&previous_uuid=73256314c681432786f4ef134ab4ab4e HTTP 303
https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.1147635

Request Chain 130

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&k=lionly&cache_buster=1724586427266 HTTP 302
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a%3A1724586426.2002556&_=1724586427.3453367 HTTP 303
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.3453367&_li_chk=true&previous_uuid=490add18dad0474d83a3dc3d0fee7359 HTTP 303
https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.3453367

Request Chain 145

https://px.ads.linkedin.com/collect/?pid=50120&conversionId=13752673&fmt=gif HTTP 302
https://px.ads.linkedin.com/collect/?pid=50120&conversionId=13752673&fmt=gif&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D50120%26conversionId%3D13752673%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?pid=50120&conversionId=13752673&fmt=gif&cookiesTest=true&liSync=true

Request Chain 148

https://tr.brand-display.com/tracking/api/r?r0=1&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dknorex%26google_hm%3D%25%25KNXQ_B64_ENC%25%25%26google_cm&bf=1d9b9edf8407834a17ab7c63c52c3173 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=knorex&google_hm=ZDIyMzRlODJlNjRjZjc3NWVkYjFhZmRl&google_cm&kcid=5213341645326750937705929370055602536 HTTP 302
https://dmp.brand-display.com/adx/cm/pixel?google_gid=CAESELNhvHq5-0vl-4g0ogQSOc4&kcid=5213341645326750937705929370055602536&google_cver=1

Request Chain 149

https://tags.bluekai.com/site/46117?id=1d9b9edf8407834a17ab7c63c52c3173&limit=1&redir=https%3A%2F%2Fdmp.brand-display.com%2Fcm2%2Fapi%2Fpixel%3Fpartner%3D0004%26pid%3D%24_BK_UUID%26bf%3D1d9b9edf8407834a17ab7c63c52c3173&_t1724586428674 HTTP 302
https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=1d9b9edf8407834a17ab7c63c52c3173

Request Chain 150

https://us-u.openx.net/w/1.0/sd?id=539237773&val=1d9b9edf8407834a17ab7c63c52c3173 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=539237773&val=1d9b9edf8407834a17ab7c63c52c3173

Request Chain 151

https://x.bidswitch.net/sync?dsp_id=316&user_id=1d9b9edf8407834a17ab7c63c52c3173&expires=30 HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=cf87b002-abc4-46a3-9648-6d355c9e2199&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=cf87b002-abc4-46a3-9648-6d355c9e2199&gdpr=&gdpr_consent=&us_privacy=&dnr=1

Request Chain 152

https://dmp.brand-display.com/cm/api/taboola?_t=1724586428674&bf=1d9b9edf8407834a17ab7c63c52c3173 HTTP 302
https://sync.taboola.com/sg/knorex-network/1/rtb-h/?taboola_hm=d2234e82-e64c-f775-edb1afde

Request Chain 153

https://dmp.brand-display.com/cm/api/appnexus?_t=1724586428674&bf=1d9b9edf8407834a17ab7c63c52c3173 HTTP 302
https://ib.adnxs.com/setuid?entity=442&code=d2234e82-e64c-f775-edb1afde

Request Chain 154

https://dmp.brand-display.com/cm/api/liveramp?_t={CACHEBUSTER}&bf=1d9b9edf8407834a17ab7c63c52c3173 HTTP 302
https://idsync.rlcdn.com/708804.gif?partner_uid=d2234e82-e64c-f775-edb1afde HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=a960feb53eaeafdce1ac769099d59955a0e14bb2fee663c06237df825ee54add791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a960feb53eaeafdce1ac769099d59955a0e14bb2fee663c06237df825ee54add791426b5417dce21&rand=00234214

Request Chain 155

https://dmp.brand-display.com/cm/api/tapad?_t=1724586428674&bf=1d9b9edf8407834a17ab7c63c52c3173 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3021&partner_device_id=d2234e82-e64c-f775-edb1afde HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3021&partner_device_id=d2234e82-e64c-f775-edb1afde HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d21d92f3-f372-409f-b476-8fcb6deb46a4%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d21d92f3-f372-409f-b476-8fcb6deb46a4%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2588fe98-daaf-471b-bca1-8f0c99a740b1&ttd_puid=d21d92f3-f372-409f-b476-8fcb6deb46a4%2C%2C

Request Chain 158

https://dmp.brand-display.com/cm/api/index?cm_callback_url=%2F%2Fdsum-sec.casalemedia.com%2Frum&cm_dsp_id=191&bf=1d9b9edf8407834a17ab7c63c52c3173 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d2234e82-e64c-f775-edb1afde

Request Chain 159

https://dmp.brand-display.com/cm/api/pulsepoint?_t=1724586428674&bf=1d9b9edf8407834a17ab7c63c52c3173 HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=562385&ev=d2234e82-e64c-f775-edb1afde

Request Chain 165

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A236A3B41BAB40D0B0818B147EBA1C7A&RedC=c.clarity.ms&MXFR=0E343A5E30DC6D8923092EB834DC63DB

172 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
signin.tofeliq-jour.online/ 68 KB
16 KB 472ms
151ms Document
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5b23409d9bd042792d060a61a128ace0c26d3f00498d540f361f743847c185d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 15910
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sun, 25 Aug 2024 11:47:05 GMT
etag: "111ce-6666fb93-9bf3854099240d18;br"
last-modified: Mon, 10 Jun 2024 13:11:47 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 main.MTIyYzc3NzllMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 431 KB
114 KB 352ms
165ms Script
application/javascript 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 29437cd1
date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024041904125592BE535F67DFB2A4000C
x-tt-trace-id: 00-24041904125592BE535F67DFB2A4000C-04FEC5695BFEBA08-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0167448c78ae4dc1b0d1e796cfaa237cff5acd15f97bde5aaf5cac7785dd3a53ae022161b3768550754ea6cfe97de6cbf146a4685dc60cd26808ebc9f85a93cd6f11d28508cc00aca50779296ff875736cd8b58af976d3174cbca866fafb58bb1e
server-timing: cdn-cache; desc=HIT, edge; dur=44, origin; dur=0, inner; dur=2
content-length: 115987

GET
H2 200 343038779 Show response
www.clarity.ms/tag/uet/ 816 B
1 KB 266ms
135ms Script
application/x-javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343038779
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5f5c4d24a9794ee295fc944cd0d4f9110690ae29ce2a56446521d1e2c7267a9d

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
date: Sun, 25 Aug 2024 11:47:05 GMT
x-azure-ref: 20240825T114705Z-r1d488468bd4lbqlzkwkz6zen000000002zg000000005g0c
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 816
expires: -1

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/toefl/ 94 KB
30 KB 250ms
80ms Script
application/javascript 18.173.132.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/toefl/p13n.min.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46187eb85409f20571c72a97a01fcc3de8d999466e2a85b56cf7c4032b58d16e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: xcbeSRX3IRqexzvZooPl1ZgdTmgwx0Ij
Content-Encoding: gzip
Via: 1.1 43504ac56caa49011c8a16d1cb156142.cloudfront.net (CloudFront)
Date: Sun, 25 Aug 2024 11:01:12 GMT
X-Amz-Cf-Pop: JFK52-P2
Age: 2755
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sat, 17 Aug 2024 18:48:44 GMT
Server: AmazonS3
ETag: W/"ad9fbd40d3439ad419d98861ce4c0d16"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: Xr6rn2rHd8nzhVHc6VdhKth5RQsm1Njlp_MDSaxz41btZ-uXqcEcHg==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 22 KB
8 KB 115ms
34ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Cache-Hits: 174560, 136
Date: Sun, 25 Aug 2024 11:47:06 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1301
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 7929
X-Served-By: cache-lga21930-LGA, cache-dfw-kdfw8210038-DFW
Last-Modified: Wed, 19 Jun 2024 17:09:07 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1724586426.086291,VS0,VE0
ETag: W/"667310b3-587e"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
Expires: Sat, 17 Aug 2024 11:25:08 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 295ms
71ms Script
application/x-javascript 108.138.128.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-75.jfk50.r.cloudfront.net
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:19:28 GMT
content-encoding: gzip
via: 1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
last-modified: Sun, 25 Aug 2024 11:19:18 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: JFK50-P4
age: 1658
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: Jpky8DTb6tqIAozx2C3_j9vxSLd0SDfdAi73tG9Zf967MAcRMJ0tow==
expires: Sun, 25 Aug 2024 12:19:28 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/TpqCM3sfCw4SWaHXbjueqN6BGSDWhdeo/ 103 KB
29 KB 255ms
91ms Script
text/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/TpqCM3sfCw4SWaHXbjueqN6BGSDWhdeo/analytics.min.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54fd199553d287d6251b8c37f1fc31c41df8750ce92038127ac287537ad1f8c3

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 1JeM5LYhLhclrDxhl7iK.0XUzQWjEDnN
content-encoding: gzip
via: 1.1 08e4533f506df09f2c978ceaed6e2310.cloudfront.net (CloudFront)
date: Sun, 25 Aug 2024 11:47:06 GMT
x-amz-cf-pop: EWR53-C2
age: 54
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 29 Jul 2024 21:37:01 GMT
server: AmazonS3
etag: W/"77929a14f4e18db3f90e56632a3f2a63"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: 9Wn1DBJjjL3V1HCK4L0414f9yX3YBOr4n_w5BnmceB0Xkv4NQr5SPg==

GET
H2 200 e01fbcef397180f9c94045148f4092039aefb0cc.js Show response
cdn.brand-display.com/tr/knx101882/ 23 KB
8 KB 254ms
71ms Script
text/javascript 18.173.219.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/tr/knx101882/e01fbcef397180f9c94045148f4092039aefb0cc.js?s=e01fbcef397180f9c94045148f4092039aefb0cc&&ord=%%ORDER_ID%%&_t=1714219587368
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-102.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d47eddc81f18e4cd29c14867b1ea549c97c1278a2ad9135e5a4a31e17aa16ae0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: _8YfWwHcRk6pAsQQgq_Yg3lqva4_VfoU
content-encoding: br
via: 1.1 66ea06c52ae44609b3bf6f6054c081b6.cloudfront.net (CloudFront)
date: Sun, 25 Aug 2024 07:53:51 GMT
last-modified: Thu, 14 Mar 2024 18:11:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 14032
x-amz-server-side-encryption: AES256
etag: W/"cd4c25fd7ed03ad99c61150b577cfe79"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-cache, must-revalidate, proxy-revalidate, public, max-age=0
x-amz-cf-id: DYhXJpE6MA3VT3pvVUQqTasi8pp7nJrLSRiv-23VHlOF70I4Lc5Dsg==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 265 KB
92 KB 260ms
97ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-961899722&l=dataLayer&cx=c

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c08c580d853578ddc4e07510e44f439f4a238f068cba317a32fb7f220ac11846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93629
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 262ms
78ms Script
application/javascript 23.200.3.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.3.19 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-200-3-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=77927
accept-ranges: bytes
content-length: 14628

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 143ms
142ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11350394542&l=dataLayer&cx=c

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b1884859fda13a19a3333fb2875d0cfafa05aa4957d3e330dcff175614a6efee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94842
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 334ms
145ms Script
application/javascript 150.171.29.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.29.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 25 Aug 2024 11:47:05 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3EA6AC23B5A480B95F060DC3FE908C5 Ref B: DM2EDGE0419 Ref C: 2024-08-25T11:47:06Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 267 KB
92 KB 115ms
113ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-607176623&l=dataLayer&cx=c

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ac320fbc6134354ac02ac8d87ba7cee7b724672c02bb64ca231b7181e83fa1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94062
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 240 KB
85 KB 128ms
127ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11040439592&l=dataLayer&cx=c

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6946da14dfa0459d6d23d7ffc71766404725eafd265b02316faeb6d7b7444779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87269
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 242 KB
86 KB 138ms
136ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11022720383&l=dataLayer&cx=c

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

75b50911650cfe34e0456becc9126be07f0e075accd663a74e5b46afba470bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87619
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 103ms
99ms Script
application/javascript 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C9Q2TVJC77U8C02RB850
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e83a6f533eacd2089bd3e2d68e5a847b4cd65c7a2fe6fb5dd7c8d569fa0e07b3

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 58f68b57.29437eeb
date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825114706DEE6594D9AA84EFC260C-6E6B661D4F726FF6-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 17,23.44.200.148
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=9, inner; dur=4
content-length: 2508
pragma: no-cache
server: nginx
x-tt-logid: 20240825114706DEE6594D9AA84EFC260C
x-cache-remote: TCP_MISS from a23-48-200-202.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.48.200.202
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c0833cc4385b70fa7abc7c4621b6804479ecfa8777ab3d4d844642165910fd7e2ac4a12c23be17ffc5f7db72e23abdf3bc3d668b9ac786bbb1088534c75f14976275e89e5ca4da12439727598b25740590dfeab9cba6b26e84426700ad8444cfa3e5
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 246 KB
87 KB 144ms
143ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-471062756&l=dataLayer&cx=c

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

372fbf94fbbd119e51fd01ab8b8e327b1800dd5472367704f162bc0f3c9a61b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88790
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 125ms
124ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10380122&l=dataLayer&cx=c

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fc33a06f54a4bf19cbe2bde23159467016bd3f947ec6f3e7d656fe0937fc4643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78720
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 228ms
66ms Script
text/javascript 142.250.176.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 11:43:35 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 211
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 25 Aug 2024 13:43:35 GMT

GET
H3 200 851045928968929 Show response
connect.facebook.net/signals/config/ 22 KB
3 KB 230ms
153ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/851045928968929?v=2.9.154&r=stable&domain=v2.ereg.ets.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

a8d5271df489784ecd6028685f0e3102a8b729bd9218f7290e94061a5c54f61e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 11:47:06 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=45, mss=1232, tbw=82615, tp=76, tpl=0, uplat=84, ullat=0
pragma: public
x-fb-debug: kCYQVznIoqIx+G5tWGO5nFtlNRJmHlolKyGPgAaaeetXEbIRu+uus2ybd1uipp5okw1NNnu5NdnUB/B7lgbajQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 396392671422210 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 219ms
144ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/396392671422210?v=2.9.154&r=stable&domain=v2.ereg.ets.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

f7fe7f9c281f95a487cffe719d46fbe378a0276646e65e2d369a8f149d70dbb9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 11:47:06 GMT
document-policy: force-load-at-top
x-fb-server-load: 46
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=45, mss=1232, tbw=66951, tp=63, tpl=0, uplat=75, ullat=0
pragma: public
x-fb-debug: 6MgA4Z4kPo6y1UHhnyftacxDPXwoXOowVPK/kKdc0xuszoLIEW1GWn3s6t9BlgJDlqjgWQ8CmOUdvxLppttSSA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1124030171385985 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 207ms
147ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1124030171385985?v=2.9.154&r=stable&domain=v2.ereg.ets.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

988cfc16fb729b5606cb7b6c7a946ff5d0c2aac93ecabad1455a15e0a13f9449

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 11:47:06 GMT
document-policy: force-load-at-top
x-fb-server-load: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=45, mss=1232, tbw=70295, tp=66, tpl=0, uplat=78, ullat=0
pragma: public
x-fb-debug: IvQkUsFnv6PeV2hG+xBxFqcL0PbKmiUst7Yzt8piuVQ3+BDEnTTlx7EwrCJqFpnWu+hhpMx+Ctj7KBB3iVBEIg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 126ms
76ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 11:47:06 GMT
document-policy: force-load-at-top
x-fb-server-load: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=4471, tp=12, tpl=0, uplat=6, ullat=-1
pragma: public
x-fb-debug: YOMkqOiipYg9Tw7xJZ9q1EymVBiFnRUs5cxqN+sh57ocE6Tq3HTqpFhzAdIQlizHOOlAWSVwgRDjMcLwhbGMKQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 319 KB
105 KB 130ms
129ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T2TH8KSGFZ&l=dataLayer&cx=c

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ff2e395df532dae6700662141e954054cd5d7c07cfd79cad11573b66e5e6389b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
101 KB 134ms
133ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CRY99YF95F&l=dataLayer&cx=c

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

167388a9bc2d9e6533ae2665a52f50b9446da3bf6dbc4c079aed485f319b35e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103710
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 435 KB
114 KB 142ms
141ms Script
application/javascript 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WT22QXF

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

253d4883e798e5c798b2780bff88f031fa2dbda201fbf00b40959a6d7637aa6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116924
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 249ms
76ms Script
application/x-javascript 23.204.6.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.6.193 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-6-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 11:47:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Tue, 03 Dec 2024 11:47:06 GMT

GET
H2 200 ruxitagentjs_ICANVfqru_10287240325103108.js Show response
signin.tofeliq-jour.online/ereg/ 187 KB
70 KB 148ms
146ms Script
application/x-javascript 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/ruxitagentjs_ICANVfqru_10287240325103108.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

eea13fcd5aa8855c0f3a551d344ebb1ce427e0ae92f1c61f04f161bce08d8fdb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:06 GMT
server: LiteSpeed
etag: "2ed0b-662cfa96-22efea93289706bb;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 71656
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 authHandler.js Show response
idaas-signin-sdk.ets.org/ 2 KB
1 KB 303ms
93ms Script
application/javascript 23.201.174.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://idaas-signin-sdk.ets.org/authHandler.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.174.204 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-174-204.deploy.static.akamaitechnologies.com

Software

Resource Hash

1aa445405524747b8444552f50d91ee385d2721114f544cf2dea45b59ed3b239

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519; includeSubDomains, max-age=86400
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 8GomaZX2WdS6zgs8KRPppSyK2th0aAqO
content-encoding: br
x-content-type-options: nosniff, nosniff
frame-options: SAMEORIGIN, SAMEORIGIN
x-permitted-cross-domain-policies: master-only, master-only
date: Sun, 25 Aug 2024 11:47:05 GMT
x-amz-cf-pop: IAD12-P2
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=631138519; includeSubDomains, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1724586425660_398664881_761383462_49_3074_36_0_219";dur=1
content-length: 457
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 21 Aug 2024 11:18:36 GMT
etag: "722f9bce3da8728d99af0987fe439cd6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
cache-control: max-age=50097
accept-ranges: bytes
x-amz-cf-id: dzF7-wTZR12pXqWUi1FzFQjTdlv5UbDNWl6Mw_c86vN-M0m9ncnQVQ==
expires: Mon, 26 Aug 2024 01:42:02 GMT

GET
H2 200 sessionHandler.js Show response
idaas-signin-sdk.ets.org/ 2 KB
1 KB 299ms
89ms Script
application/javascript 23.201.174.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://idaas-signin-sdk.ets.org/sessionHandler.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.174.204 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-174-204.deploy.static.akamaitechnologies.com

Software

Resource Hash

fa383f0cfb6972f69a0c59134294ead2d24c3891bf66f5bbbe4860235e542c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519; includeSubDomains, max-age=86400
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: PW5_P_Wi85GTxmtkSoZGTzXe7xVmd8Sa
content-encoding: br
x-content-type-options: nosniff, nosniff
frame-options: SAMEORIGIN, SAMEORIGIN
x-permitted-cross-domain-policies: master-only, master-only
date: Sun, 25 Aug 2024 11:47:05 GMT
x-amz-cf-pop: DFW56-P3
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=631138519; includeSubDomains, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1724586425544_398664881_761383409_21_17509_36_0_219";dur=1
content-length: 492
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 14 Aug 2024 20:15:20 GMT
etag: "6d3ac8dfb84e0fe19268d9e6d0413baa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
cache-control: max-age=21250
accept-ranges: bytes
x-amz-cf-id: ogVYsRp3zaUOc0kBfh9hHbF3HWQE1fbYAM1Gl4P_Z4XWHF7_Zz-grA==
expires: Sun, 25 Aug 2024 17:41:15 GMT

GET
H2 200 app.js Show response
idaas-signin-sdk.ets.org/ 7 KB
2 KB 305ms
96ms Script
application/javascript 23.201.174.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://idaas-signin-sdk.ets.org/app.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.174.204 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-174-204.deploy.static.akamaitechnologies.com

Software

Resource Hash

2a282da4afc3033b4b497a18840a93a1eaef11639f7a7648b78c9e24008334e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519; includeSubDomains, max-age=86400
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: DOowBx81VaDFkQTpBBxvULWeZcY4TFco
content-encoding: br
x-content-type-options: nosniff, nosniff
frame-options: SAMEORIGIN, SAMEORIGIN
x-permitted-cross-domain-policies: master-only, master-only
date: Sun, 25 Aug 2024 11:47:05 GMT
x-amz-cf-pop: LAX50-C3
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=631138519; includeSubDomains, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1724586425660_398664881_761383464_56_3132_36_0_219";dur=1
content-length: 1394
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 23 Aug 2024 16:22:14 GMT
etag: "d40d718aeb2fa6b7d3b7d8955a11883e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
cache-control: max-age=7891
accept-ranges: bytes
x-amz-cf-id: w0k8a2-89VuKdFx6Izao7-O9SJU_MeK4c2XwD8g1rDJ5_gckftSEKQ==
expires: Sun, 25 Aug 2024 13:58:36 GMT

GET
H2 200 self-service.js Show response
idaas-signin-sdk.ets.org/ 5 KB
1 KB 299ms
90ms Script
application/javascript 23.201.174.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://idaas-signin-sdk.ets.org/self-service.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.174.204 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-174-204.deploy.static.akamaitechnologies.com

Software

Resource Hash

03321f63f48345121dcb4e77acfa15a95e3e60abc33018db6a3dbafd47003ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519; includeSubDomains, max-age=86400
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: OIFhcQYv7HEzOuNn_Tq_DnoMtdOb2Znw
content-encoding: br
x-content-type-options: nosniff, nosniff
frame-options: SAMEORIGIN, SAMEORIGIN
x-permitted-cross-domain-policies: master-only, master-only
date: Sun, 25 Aug 2024 11:47:05 GMT
x-amz-cf-pop: LAX50-C3
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=631138519; includeSubDomains, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1724586425641_398664881_761383410_19_17996_36_95_219";dur=1
content-length: 711
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 09 Aug 2024 09:20:14 GMT
etag: "c1fafe808f4b5e7a8d11ed7135542df5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
cache-control: max-age=44605
accept-ranges: bytes
x-amz-cf-id: uKY5VGmW61PKGrKGezQdJ1tK9pjhmCv6waCrW4RX_iqCi4ZfHz-tIg==
expires: Mon, 26 Aug 2024 00:10:30 GMT

GET
H2 200 mspHandler.js Show response
idaas-signin-sdk.ets.org/ 7 KB
2 KB 303ms
94ms Script
application/javascript 23.201.174.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://idaas-signin-sdk.ets.org/mspHandler.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.174.204 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-174-204.deploy.static.akamaitechnologies.com

Software

Resource Hash

f8c7a3a77df07fa08bc893a7cce418c878801e9b6b37f866cc7f69c1823bf44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519; includeSubDomains, max-age=86400
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: tXFjc06nUDStHDs.uVSwSyZLtQksJ29R
content-encoding: br
x-content-type-options: nosniff, nosniff
frame-options: SAMEORIGIN, SAMEORIGIN
x-permitted-cross-domain-policies: master-only, master-only
date: Sun, 25 Aug 2024 11:47:05 GMT
x-amz-cf-pop: LAX50-C3
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=631138519; includeSubDomains, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1724586425660_398664881_761383463_50_3087_36_0_219";dur=1
content-length: 803
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 22 Aug 2024 00:58:32 GMT
etag: "d4dc2aa7ea6bc43c56844dc42bed528b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
cache-control: max-age=20686
accept-ranges: bytes
x-amz-cf-id: Q0GX4ZLrBuubW43Y3iDGMRgM8yPKKs647ooFVZL5xyLLVHfDZos-ig==
expires: Sun, 25 Aug 2024 17:31:51 GMT

GET
H2 200 kendo.common.min-803e0f626bd9a7ca6b21ef24ecf09294.css
signin.tofeliq-jour.online/ereg/resources/css/kendo-2017-r3/ 221 KB
34 KB 281ms
276ms Stylesheet
text/css 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/resources/css/kendo-2017-r3/kendo.common.min-803e0f626bd9a7ca6b21ef24ecf09294.css

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

18d2c00cf33ae823f8505681ba26e6629c5c68623bd15378bf35530c0c049de8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:10 GMT
server: LiteSpeed
etag: "37402-662cfa9a-20d375ca631a38b8;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 35208
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 kendo.common-bootstrap.min-9605dae3bf5efca55e3a908a0425ff28.css
signin.tofeliq-jour.online/ereg/resources/css/kendo-2017-r3/ 224 KB
35 KB 291ms
286ms Stylesheet
text/css 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/resources/css/kendo-2017-r3/kendo.common-bootstrap.min-9605dae3bf5efca55e3a908a0425ff28.css

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b95419c494572cd075c7ceeb77b62323ed96db47234f05993d8213e86f74a8f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:09 GMT
server: LiteSpeed
etag: "37fc7-662cfa99-3d8ab0d1793ac61c;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 35837
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 kendo.bootstrap.min-54342dae97d7c1ab0d077c62050a060b.css
signin.tofeliq-jour.online/ereg/resources/css/kendo-2017-r3/ 84 KB
11 KB 292ms
288ms Stylesheet
text/css 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/resources/css/kendo-2017-r3/kendo.bootstrap.min-54342dae97d7c1ab0d077c62050a060b.css

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e269f92c2ce01cf51e6dbfe707da5626e923f7a3cb0c008204ffef429ef2e6c5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:07 GMT
server: LiteSpeed
etag: "14e09-662cfa97-f4c34915b0ea38fc;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11404
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
signin.tofeliq-jour.online/ereg/css/ 616 KB
77 KB 293ms
289ms Stylesheet
text/css 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a27900f2a64161d5b934a683cb3122ee8a1c145edd26a28a80acd5ab2e20191d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:14 GMT
server: LiteSpeed
etag: "99e64-662cfa9e-141575357d82dc60;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 78887
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 404 jquery-3.3.1.min-a09e13ee94d51c524b7e2a728c7d4039.js
signin.tofeliq-jour.online/ereg/framework/js/lib/jquery/ 0
0 291ms
287ms Script
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.tofeliq-jour.online/ereg/framework/js/lib/jquery/jquery-3.3.1.min-a09e13ee94d51c524b7e2a728c7d4039.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 404 jquery.validate.min-93c1dd8416ac2af1850652d5b620a142.js
signin.tofeliq-jour.online/ereg/framework/js/lib/jquery/ 0
0 481ms
477ms Script
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.tofeliq-jour.online/ereg/framework/js/lib/jquery/jquery.validate.min-93c1dd8416ac2af1850652d5b620a142.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 316 KB
103 KB 278ms
123ms Script
text/javascript 142.251.40.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?v=3&libraries=places&channel=ereg_toefl&key=AIzaSyA9YhcxckPxdLGjaiKpGOcbk-wsFptEdXY

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.138 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

4b027670334f092a6046950b2d029a4402fa119344923513de8656b813f67baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105469
x-xss-protection: 0

GET
H2 200 kendo.custom.min-4bce2556a2a0e9bc26d56063b2202d59.js Show response
signin.tofeliq-jour.online/ereg/resources/js/kendo-2017-r3/ 753 KB
217 KB 482ms
479ms Script
application/x-javascript 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/resources/js/kendo-2017-r3/kendo.custom.min-4bce2556a2a0e9bc26d56063b2202d59.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

acc5d865eccfcfdb1f6b31cb2b519ea0b4cfd0f27b3767ec3068e3875982a90e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:08 GMT
server: LiteSpeed
etag: "bc4ec-662cfa98-6e8b844498b15488;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 221665
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 kendo.virtuallist.min-9884f2f9dd0c57915cc1abe486c0a4a6.js Show response
signin.tofeliq-jour.online/ereg/resources/js/kendo-2017-r3/ 24 KB
7 KB 483ms
480ms Script
application/x-javascript 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/resources/js/kendo-2017-r3/kendo.virtuallist.min-9884f2f9dd0c57915cc1abe486c0a4a6.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

fa78e4e9d88b73c703befb00481a6ca3b7d2cbf3473670b087cff993928fbb88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:07 GMT
server: LiteSpeed
etag: "602c-662cfa97-5a72e12c44331a36;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6957
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 KendoEregValidator-28bededaa2580369acc9ee76f20eb1da.js Show response
signin.tofeliq-jour.online/ereg/js/kendo/customWidgets/ 2 KB
896 B 485ms
482ms Script
application/x-javascript 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/js/kendo/customWidgets/KendoEregValidator-28bededaa2580369acc9ee76f20eb1da.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5a1d2beb838b478f10f463a7b9e6cdb3547c7aaa745acee67c8238fcaadba1a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:11 GMT
server: LiteSpeed
etag: "9c8-662cfa9b-84cd26574398db1d;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 833
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 KendoAccessibleDropDownList-2e5d4c31bef0f0152f510ccdaa2bdbdf.js Show response
signin.tofeliq-jour.online/ereg/js/kendo/customWidgets/ 8 KB
2 KB 485ms
482ms Script
application/x-javascript 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/js/kendo/customWidgets/KendoAccessibleDropDownList-2e5d4c31bef0f0152f510ccdaa2bdbdf.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e6a65dcc4d0e208cde76caf63ee77162e812acd25ce9bc07893762d1cc4d02f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:11 GMT
server: LiteSpeed
etag: "1fcb-662cfa9b-3becf61e0551f8e0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2075
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 KendoAccessibleComboBox-b91d9904f268ed2827109a86f69288d8.js Show response
signin.tofeliq-jour.online/ereg/js/kendo/customWidgets/ 8 KB
2 KB 485ms
482ms Script
application/x-javascript 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/js/kendo/customWidgets/KendoAccessibleComboBox-b91d9904f268ed2827109a86f69288d8.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f5a314d9cfbda4973bf86837324770f0cf1b39c0d65a5767ae6615f9946a11ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:11 GMT
server: LiteSpeed
etag: "1fc2-662cfa9b-a0dfac7cd5e5a3f2;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2118
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 KendoAccessibleAutoComplete-8d62d8b73bcc4dd8620c492edc3f9f7d.js Show response
signin.tofeliq-jour.online/ereg/js/kendo/customWidgets/ 4 KB
1 KB 486ms
483ms Script
application/x-javascript 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/js/kendo/customWidgets/KendoAccessibleAutoComplete-8d62d8b73bcc4dd8620c492edc3f9f7d.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

06ce677157edeedce05ddac4cdb623c8674fce603ddc9a6e6cc34b496b6e1898

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:11 GMT
server: LiteSpeed
etag: "116b-662cfa9b-17a92c215b68d9a0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1210
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 404 bootstrap.min-5869c96cc8f19086aee625d670d741f9.js
signin.tofeliq-jour.online/ereg/framework/js/lib/bootstrap/ 0
0 486ms
484ms Script
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.tofeliq-jour.online/ereg/framework/js/lib/bootstrap/bootstrap.min-5869c96cc8f19086aee625d670d741f9.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 404 store.min-c869dd492813da656089d7a02d2c29a0.js
signin.tofeliq-jour.online/ereg/framework/js/lib/ 0
0 486ms
484ms Script
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.tofeliq-jour.online/ereg/framework/js/lib/store.min-c869dd492813da656089d7a02d2c29a0.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 200 ereg_global-35556838f332aae09e507e067c1b9293.js Show response
signin.tofeliq-jour.online/ereg/js/commonweb/ 38 KB
10 KB 486ms
484ms Script
application/x-javascript 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/js/commonweb/ereg_global-35556838f332aae09e507e067c1b9293.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0b5fd920552054bc1c533c2618928757fecedd2fb2a8b6db9dd54963190adec7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:11 GMT
server: LiteSpeed
etag: "97ca-662cfa9b-8b433e0df1a42e06;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10271
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 ets-TEL-logo.jpg
signin.tofeliq-jour.online/ereg/img/ 11 KB
11 KB 288ms
287ms Image
image/jpeg 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://signin.tofeliq-jour.online/ereg/img/ets-TEL-logo.jpg

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ae962bc1fc3fe5b06c8784e00055047fe00593725f8d3e517b50af0c5c63ba30

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:11 GMT
server: LiteSpeed
etag: "2b9f-662cfa9b-db2699b6e9553b8f;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11167
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 language.svg
signin.tofeliq-jour.online/ereg/img/svg/nav/ 4 KB
2 KB 289ms
288ms Image
image/svg+xml 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://signin.tofeliq-jour.online/ereg/img/svg/nav/language.svg

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b8a9dd1279ec2f01ea2221d849538b052c9463467b2422f3a39bdebbb35a22aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 18:04:10 GMT
server: LiteSpeed
etag: "f3e-662d3e1a-3783a1d4bdad2b37;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1705
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H3 200 help.svg
signin.tofeliq-jour.online/ereg/img/svg/nav/ 672 B
636 B 148ms
148ms Image
image/svg+xml 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://signin.tofeliq-jour.online/ereg/img/svg/nav/help.svg

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

80141ca7ea9bffcfd1620fb0fe2fddba6f8c75a897a9e69fbfd53d1aca3f2f5b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 18:04:10 GMT
server: LiteSpeed
etag: "2a0-662d3e1a-98b6b3ee08a2f7da;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 286
expires: Sun, 01 Sep 2024 11:47:05 GMT

GET
H2 200 custom-element-es2015.js Show response
idaas-signin-sdk.ets.org/widget/v1/ 812 KB
166 KB 77ms
76ms Script
application/javascript 23.201.174.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.201.174.204 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-201-174-204.deploy.static.akamaitechnologies.com

Software

Resource Hash

86d73e4c052e886cd6998c9422257f8c5d7e3e1b7b8f949cd6489cb15e37ae15

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519; includeSubDomains, max-age=86400
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: eyX7cZVSfKQoH.ZXMg8NrsSI_G2kQhfe
content-encoding: br
x-content-type-options: nosniff, nosniff
frame-options: SAMEORIGIN, SAMEORIGIN
x-permitted-cross-domain-policies: master-only, master-only
date: Sun, 25 Aug 2024 11:47:05 GMT
x-amz-cf-pop: LAX53-P4
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=631138519; includeSubDomains, max-age=86400
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1724586425960_398664881_761384491_20_5144_37_0_182";dur=1
content-length: 169281
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sun, 28 Jul 2024 15:18:53 GMT
etag: "f4331545f49b73b123cb1c387c3d3b5b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
cache-control: max-age=13300
accept-ranges: bytes
x-amz-cf-id: D9yGs5r89wFobKDTJcU8h7Wg8ojW_iAYBCv8MBZ5mPtQztBJoho_qQ==
expires: Sun, 25 Aug 2024 15:28:45 GMT

GET
H3 404 information-orange.svg
signin.tofeliq-jour.online/ereg/img/svg/icons/ 2 KB
2 KB 150ms
148ms Image
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signin.tofeliq-jour.online/ereg/img/svg/icons/information-orange.svg
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H3 404 caret-circle-up.svg
signin.tofeliq-jour.online/ereg/img/svg/icons/ 2 KB
2 KB 153ms
148ms Image
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signin.tofeliq-jour.online/ereg/img/svg/icons/caret-circle-up.svg
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H3 404 caret-circle-down.svg
signin.tofeliq-jour.online/ereg/img/svg/icons/ 2 KB
2 KB 148ms
146ms Image
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signin.tofeliq-jour.online/ereg/img/svg/icons/caret-circle-down.svg
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H3 404 ets-logo-sm.png
signin.tofeliq-jour.online/assets/images/ 2 KB
2 KB 150ms
149ms Image
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signin.tofeliq-jour.online/assets/images/ets-logo-sm.png
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H3 404 login.svg
signin.tofeliq-jour.online/ereg/img/svg/illustrations/ 2 KB
2 KB 150ms
148ms Image
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signin.tofeliq-jour.online/ereg/img/svg/illustrations/login.svg
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 200 sync Show response
live.rezync.com/ 4 KB
5 KB 282ms
132ms Script
text/javascript 108.138.106.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=81e31b6c6eb656b9449d53af1fb22ebf&k=toefl-pixel-1137&zmpID=toefl
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-60.jfk50.r.cloudfront.net
Software: lighttpd/1.4.69 /
Resource Hash: 656a52042984252a9e00e85bd93372763e997d81eb578f6274e332aae1a63a65

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
via: 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: JFK50-P3
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 4017
x-amz-cf-id: MpuAyG0lS_EKtjoubqku_h03e6TZhR09dJmVLDlrb14XKpRJMjfzIw==

GET
H2 200 kp.js Show response
t1.daumcdn.net/kas/static/ 80 KB
19 KB 380ms
73ms Script
text/javascript 23.44.201.247
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/kas/static/kp.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.247 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-247.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: acdfa728080697176bd5d0b57ad43ab599b5fb5ea565b9c76fcaeeb709c8c647

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2024 05:06:12 GMT
server: openresty
nel: {"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
vary: Accept-Encoding
report-to: {"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type: text/javascript
cache-control: max-age=2472
x-wcss: dC1jb21tb24wMS1id2NhY2hlNDQ6aGl0OjA=
accept-ranges: bytes
content-length: 19237
expires: Sun, 25 Aug 2024 12:28:18 GMT

GET
H2 200 launch-c8a47694ba49.min.js Show response
assets.adobedtm.com/d499970dd37d/25ff0ebafa81/ 112 KB
36 KB 258ms
74ms Script
application/x-javascript 23.51.57.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d499970dd37d/25ff0ebafa81/launch-c8a47694ba49.min.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1b0ce0dd90e808eb95866b3179d722f148d2a4e865faa7d2c6e5f84cffe78ff4

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 00:40:43 GMT
server: AkamaiNetStorage
etag: "c30affe32f32c0318c092636a19a81fe:1676421643.604307"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://signin.tofeliq-jour.online
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 36689
expires: Sun, 25 Aug 2024 12:47:06 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=31891253&t=1&cb=1714219588.0983093
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31891253%26t%3D1%26cb%3D1714219588.0983093

0
1 KB

76ms
75ms

Script
application/javascript

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31891253%26t%3D1%26cb%3D1714219588.0983093

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:06 GMT
an-x-request-uuid: c1234481-58a4-4db5-80be-9b2836fc7313
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 2.56.190.226; 2.56.190.226; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:06 GMT
an-x-request-uuid: fd3f2a31-5d2c-451b-b8e2-2122a3f56622
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31891253%26t%3D1%26cb%3D1714219588.0983093
x-proxy-origin: 2.56.190.226; 2.56.190.226; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.45/ 64 KB
27 KB 50ms
48ms Script
application/javascript 13.107.246.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.45/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343038779
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
last-modified: Thu, 22 Aug 2024 12:43:26 GMT
etag: W/"0x8DCC2A804373A2A"
vary: Accept-Encoding
x-azure-ref: 20240825T114706Z-r1d488468bd4lbqlzkwkz6zen000000002zg000000005g13
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 993847b3-901e-0036-0bd8-f4a3ab000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 identify_c26a2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 78ms
77ms Script
application/javascript 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c26a2.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 29437eec
date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024041904125792BE535F67DFB2A400A5
x-tt-trace-id: 00-24041904125792BE535F67DFB2A400A5-1D6BF094889F4980-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0167448c78ae4dc1b0d1e796cfaa237cff5acd15f97bde5aaf5cac7785dd3a53ae022161b3768550754ea6cfe97de6cbf103aef5a91f1838b0c4203d75ed066a466e8cd02028a3bdb8da3ee14610665613e184e4e265168ff5c4e551007d88135b
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=1
content-length: 37210

GET
H3 404 caret-down.svg
signin.tofeliq-jour.online/ereg/img/svg/icons/ 2 KB
2 KB 147ms
147ms Image
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signin.tofeliq-jour.online/ereg/img/svg/icons/caret-down.svg
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H3 200 open-sans-latin-400-normal-e43b535855a4ae53bd5b07a6eeb3bf67.woff2
signin.tofeliq-jour.online/ereg/css/fonts/open-sans/ 16 KB
16 KB 147ms
147ms Font
font/woff2 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/css/fonts/open-sans/open-sans-latin-400-normal-e43b535855a4ae53bd5b07a6eeb3bf67.woff2

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
Origin: https://signin.tofeliq-jour.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:13 GMT
server: LiteSpeed
etag: "4164-662cfa9d-89fa4bf381e98329;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 16740
expires: Sun, 01 Sep 2024 11:47:06 GMT

GET
H2 200 main.MTcwODM0ODQ4NQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 340 KB
96 KB 80ms
80ms Script
application/javascript 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C9Q2TVJC77U8C02RB850
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 17e9647ba0500f0df9056f07b8c3ce10470d9fb57522b8434b8bfaeaa2eef5b8

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 29437f73
date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202408230056268EC4D47689C5F6C7AA44
x-tt-trace-id: 00-2408230056268EC4D47689C5F6C7AA44-1BAD7190C3CEFC38-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0194b51e9ffc58aa71fb3dbc3a7b212d4996acae1c00240bfdfa348456f56886473c1ccf782b862f3d38ffafe669bce3878d6a6d141a0f6b609973ad43b3a7fcc606369833430a3890036504631ca823b176e844e5feeae3fe25df888b9a907040
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=18
content-length: 97650

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
290 B 232ms
75ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://signin.tofeliq-jour.online
Date: Sun, 25 Aug 2024 11:47:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 open-sans-latin-600-normal-603c99275486a11982874425a0bc0dd1.woff2
signin.tofeliq-jour.online/ereg/css/fonts/open-sans/ 16 KB
16 KB 147ms
147ms Font
font/woff2 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/css/fonts/open-sans/open-sans-latin-600-normal-603c99275486a11982874425a0bc0dd1.woff2

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
Origin: https://signin.tofeliq-jour.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:14 GMT
server: LiteSpeed
etag: "4174-662cfa9e-fcc59a078dff933b;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 16756
expires: Sun, 01 Sep 2024 11:47:06 GMT

GET
H3 200 open-sans-latin-700-normal-e45478d4d6f15dafda1f25d9e0fb5fa1.woff2
signin.tofeliq-jour.online/ereg/css/fonts/open-sans/ 16 KB
16 KB 163ms
162ms Font
font/woff2 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://signin.tofeliq-jour.online/ereg/css/fonts/open-sans/open-sans-latin-700-normal-e45478d4d6f15dafda1f25d9e0fb5fa1.woff2

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
Origin: https://signin.tofeliq-jour.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 27 Apr 2024 13:16:14 GMT
server: LiteSpeed
etag: "3ff4-662cfa9e-3a5c7acaaaca2701;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 16372
expires: Sun, 01 Sep 2024 11:47:06 GMT

GET
H2 200 identify_c2008b8c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 78ms
77ms Script
application/javascript 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 29438092
date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240729124140382AD146317B091C0939
x-tt-trace-id: 00-240729124140382AD146317B091C0939-7296C6678AD67ADC-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010344fd8e86cfa08544f2b52ea1a025a176893e1bafd3d3c5ae93a1eb225780f9b327fc67b4a5f5ec498aee739f3512b1a6d23fb3cef79a4585b05381bd66615fd67008aecfc101e702a04782db18d9127cac9a42e4ff0d886e408e23b2ba0e25
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=10
content-length: 39539

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
719 B 103ms
100ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2943809f
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825114706479788809FDA3CF8C89E-4F23BA92D1470CD5-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=7, origin; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240825114706479788809FDA3CF8C89E
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.44.200.148
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c083401203bf9740db3150212a2bf80e3260cc7837735273313ca93e791dc32ac4482ff16a6f182e8285d25e78bcf1da0205166eee37ac24a259053af4d6d75afc06e42a17ce7bdbe4bbed6f0fe8c357c4f0
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
720 B 134ms
131ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 294380a3
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825114706479788809FDA3CF8C8A2-029AC8E6B42CC3D2-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=8, origin; dur=26
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240825114706479788809FDA3CF8C8A2
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 26,23.44.200.148
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c083401203bf9740db3150212a2bf80e3260cc7837735273313ca93e791dc32ac448486de4654845c0cb10a50f5593323fbd6796d23403fe704caddcd81af984f31c36f2a72b59be854d6aef696fcf7b3573
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
881 B 119ms
117ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c71387d7.294380a4
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24082511470638F5843D0E528CE08314-6148829C269733A0-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 30,23.44.200.148
server-timing: cdn-cache; desc=MISS, edge; dur=26, origin; dur=14, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024082511470638F5843D0E528CE08314
x-cache-remote: TCP_MISS from a23-48-200-203.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.48.200.203
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c0833cc4385b70fa7abc7c4621b6804479ecd1e3b8b344cb72f51c8f215802826cb717ca27b8848931a419773873499fc00d62f98c7af00a7f882de4c81668e843aa7b9b4d5159763a01f237acf34570f9cdd1715291417afb8d34e548f0b586b8c5
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
719 B 132ms
131ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 294380ac
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24082511470699A622D5FCAAFCF8770A-19FA495F70338D9B-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=26, origin; dur=22
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024082511470699A622D5FCAAFCF8770A
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.44.200.148
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c083401203bf9740db3150212a2bf80e3260c3026b84501abe3336bf17e2c85e0b79e027973c44a0752f97f50649f245c71c520350c4c7f55f85890ab2ab0dfd56e850f3cd1d33acac1d33a502fdb7ecace8
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
721 B 172ms
170ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 294380ad
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825114706FF20378D597B56FF5BEF-6ADEB1F40ACA4213-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=37, cdn-cache; desc=MISS, edge; dur=30, origin; dur=51
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240825114706FF20378D597B56FF5BEF
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 51,23.44.200.148
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c083401203bf9740db3150212a2bf80e3260020d52a7e8e298c3ecf84cd060bcf3e633db728f991827588bf63432b38c70caf024f9d47e893ca1e7d724fda31f008a68854ac5d5bf001e97cb6fab468afcbf
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
880 B 162ms
161ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3410d0de.294380ae
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825114706B8D52655838BE872564D-22FE18F5D748A5E9-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 47,23.44.200.148
server-timing: cdn-cache; desc=MISS, edge; dur=47, origin; dur=27, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240825114706B8D52655838BE872564D
x-cache-remote: TCP_MISS from a104-78-78-111.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 28,104.78.78.111
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c0832f8062d0f7e750b9d28c3ecc304e4b7140ba7bd48227eedce59abd4f5bb0b5a6c349680551af7a45ddfd8bbaf11b7b1a8d37fcc4a0b56cb6546a7176513acf73aca3d5fca9b91e96e6932c9c81134bb3feb627361d6078738c2215371839b49f
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
880 B 129ms
128ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c7b9ba3d.294380c6
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24082511470687542F174CAC6AF8B6C5-4DA2B2D2F032DFDC-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 22,23.44.200.148
server-timing: cdn-cache; desc=MISS, edge; dur=14, origin; dur=14, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024082511470687542F174CAC6AF8B6C5
x-cache-remote: TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.220.104.204
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c0833cc4385b70fa7abc7c4621b6804479ec3174343c10401d0be5b24f8ee39e5221261d33f55d74508f9263d48ad2f7995988aea2c1e4369be93a1329401cce713182a9ac03d1df03f5677848ee0eee2901ef5b8174607612a41927c64715618c31
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
881 B 183ms
182ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 58f69c19.294380c7
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408251147067B670A35FE0CDFDCF1D0-3CA5A1A462EF08C3-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 62,23.44.200.148
server-timing: cdn-cache; desc=MISS, edge; dur=49, origin; dur=34, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408251147067B670A35FE0CDFDCF1D0
x-cache-remote: TCP_MISS from a23-48-200-202.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.48.200.202
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c0833cc4385b70fa7abc7c4621b6804479ecfa8777ab3d4d844642165910fd7e2ac4ea30f7fd6e5e04eee59dbc703185143d830b306c95803ea859361e6808f4a2400368202c65ff827d5718256a1385f069a155eb486384dcf1ce7094c385cd8881
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H3 404 fontawesome-webfont.woff2
signin.tofeliq-jour.online/ereg/css/fonts/font-awesome// 0
0 150ms
149ms Font
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.tofeliq-jour.online/ereg/css/fonts/font-awesome//fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
Origin: https://signin.tofeliq-jour.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 139 B
454 B 325ms
99ms XHR
application/json 52.6.57.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6e319&site_id=toefl
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.57.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-57-171.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 07fa55d6be450cf11df50dbabd1160f3661bbe0e8e4e7e73b67d4e74a0d3add3

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 11:47:06 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 139

GET
H2 200 fingerprint3.min.js Show response
cdn.brand-display.com/sv/js/ 31 KB
13 KB 78ms
78ms Script
application/javascript 18.173.219.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/sv/js/fingerprint3.min.js
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx101882/e01fbcef397180f9c94045148f4092039aefb0cc.js?s=e01fbcef397180f9c94045148f4092039aefb0cc&&ord=%%ORDER_ID%%&_t=1714219587368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-102.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1f80ad7ddeaf7cae12ca92666f090bfa4754e1249557ec413814791e13b7fef

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: LRrOfnf2maEBgZxH8vYBQiuujdlwmjSW
content-encoding: gzip
via: 1.1 66ea06c52ae44609b3bf6f6054c081b6.cloudfront.net (CloudFront)
date: Sun, 25 Aug 2024 07:27:47 GMT
last-modified: Mon, 05 Sep 2022 07:52:51 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 15567
etag: W/"75e2fd20cd4f3313b0f19f50caf238fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pC0mHrx7UBulA-CJ0zsTerGkN3MVbI-J0Wjys4h9YZfm6h371EUPxg==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/TpqCM3sfCw4SWaHXbjueqN6BGSDWhdeo/ 1 KB
1 KB 203ms
68ms Fetch
application/json 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/TpqCM3sfCw4SWaHXbjueqN6BGSDWhdeo/settings
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abff8222644f1450fd6c60970a5fb6dfeb5f645567534d8f635f892b0be1e46c

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: kDWqV9zbofC0xj6Mu9i1pblS9Py78Sk0
content-encoding: gzip
via: 1.1 4e3df844337032b56b8434990b0f76ca.cloudfront.net (CloudFront)
date: Sun, 25 Aug 2024 10:42:37 GMT
x-amz-cf-pop: EWR53-C2
age: 4228
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 25 Jul 2024 20:27:16 GMT
server: AmazonS3
etag: W/"444844d96e9a47a4b8c2b78c4577d864"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: 8EEGwePtCUoEjzRr2T8ds8x_AhcHomDmoRdQVs-K6BPCrfMhpjlfOg==

GET
H3 404 fontawesome-webfont.woff
signin.tofeliq-jour.online/ereg/css/fonts/font-awesome// 0
0 157ms
157ms Font
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.tofeliq-jour.online/ereg/css/fonts/font-awesome//fontawesome-webfont.woff?v=4.7.0
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
Origin: https://signin.tofeliq-jour.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
763 B 239ms
103ms XHR
application/json 150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=&time=1724586426609&url=https%3A%2F%2Fsignin.tofeliq-jour.online%2F
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:05 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 71AFE26DA4F048368DDF3613FCC634E8 Ref B: DFW311000106049 Ref C: 2024-08-25T11:47:06Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYggJFafpOnUw8fr9BOdw==
x-fs-uuid: 00062080915a7e93a7530f1fafd04e77

GET
H2 200 collect
px.ads.linkedin.com/ 0
451 B 239ms
104ms Image
application/javascript 150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1724586426609&li_adsId=66704a9d-7473-48e5-a489-ae78b5b10ff5&url=https%3A%2F%2Fsignin.tofeliq-jour.online%2F
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 381F68A6B24744899B16A08343FA960F Ref B: DFW30EDGE1820 Ref C: 2024-08-25T11:47:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYggJFafmKS+5QByzoMtQ==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
574 B 180ms
51ms XHR
text/plain 150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 515DD53F883C4F7A8101C2841B33A472 Ref B: DFW30EDGE1820 Ref C: 2024-08-25T11:47:06Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://signin.tofeliq-jour.online
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYggJFaE0qEQpw4jFxw9A==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
0 0ms
0ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 11:47:06 GMT
document-policy: force-load-at-top
x-fb-server-load: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=4471, tp=12, tpl=0, uplat=6, ullat=-1
pragma: public
x-fb-debug: YOMkqOiipYg9Tw7xJZ9q1EymVBiFnRUs5cxqN+sh57ocE6Tq3HTqpFhzAdIQlizHOOlAWSVwgRDjMcLwhbGMKQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
721 B 127ms
125ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 294381f9
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825114706D1CBBE5058A6BED876BC-2C21C69711F92F1D-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=19, origin; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240825114706D1CBBE5058A6BED876BC
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.44.200.148
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c083401203bf9740db3150212a2bf80e32605a7d63284e28af421433a319b867cbfa2646f9480e41943d8f024012098f66d3278fa1fb57548a866126b2cd983ddc90de3c0432d4050f2f823c482f5b66342e
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
878 B 163ms
161ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4b23f03.294381fa
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24082511470675229C0E4DB3E8F2A84A-1A4CDBCA66A94D28-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 42,23.44.200.148
server-timing: cdn-cache; desc=MISS, edge; dur=49, origin; dur=16, inner; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024082511470675229C0E4DB3E8F2A84A
x-cache-remote: TCP_MISS from a23-220-104-212.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.220.104.212
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c0833cc4385b70fa7abc7c4621b6804479eca429fe835256cee4fd022ef0874a61de6381220c0671d2b8cbac7c775771f2e5f0507e62ef9ed717721536cb53ccc8eaaa11886cf25f3c320027c4d62ff7c4183dfac0e1b27de7c9370c1ff342dcd9ee
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
719 B 109ms
107ms Ping
text/plain 23.44.111.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4NQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 29438211
date: Sun, 25 Aug 2024 11:47:06 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24082511470681DD291B5E3A53F373EB-6E2418338E2DAE66-00
x-cache: TCP_MISS from a23-44-200-148.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=10, origin; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024082511470681DD291B5E3A53F373EB
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.44.200.148
x-tt-trace-host: 015cf769a3b7f9bb74b32699190967c083401203bf9740db3150212a2bf80e326099d020cc5a80f96de6d275e73c7dfb7cc902e20dfddeed3b33dc784ece6b7c44d425f3b402be8f4b9d864cc5248c1f03be8573a2035416d9e456dd4248100b3f
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 11:47:06 GMT

GET
H3 404 fontawesome-webfont.ttf
signin.tofeliq-jour.online/ereg/css/fonts/font-awesome// 0
0 147ms
147ms Font
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.tofeliq-jour.online/ereg/css/fonts/font-awesome//fontawesome-webfont.ttf?v=4.7.0
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/ereg/css/main-2023.min-a0fa0694e74fc96a6ff1d5e0c13ec6c0.css
Origin: https://signin.tofeliq-jour.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 91ms
91ms Script
application/x-javascript 23.204.6.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.6.193 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-204-6-193.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 11:47:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
0 0ms
0ms Script
application/x-javascript 108.138.128.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-75.jfk50.r.cloudfront.net
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:19:28 GMT
content-encoding: gzip
via: 1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
last-modified: Sun, 25 Aug 2024 11:19:18 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: JFK50-P4
age: 1658
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: Jpky8DTb6tqIAozx2C3_j9vxSLd0SDfdAi73tG9Zf967MAcRMJ0tow==
expires: Sun, 25 Aug 2024 12:19:28 GMT

GET
H/1.1 200
OK ca.html
20842913p.rfihub.com/ Frame CC8E 0
0 241ms
73ms Document
text/html 199.38.167.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20842913p.rfihub.com/ca.html?ver=9&rb=45053&ca=20842913&_o=45053&_t=20842913&userid=fe440bc8-ee24-4194-8e32-e63fd296b19a%3A1724586426.2002556&pe=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&pf=&ra=777860923740443
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Length: 4797
Content-Type: text/html;charset=utf-8
Date: Sun, 25 Aug 2024 11:47:07 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 up Show response
ib.adnxs.com/pixie/ 9 B
316 B 78ms
74ms Fetch
application/xml 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.adnxs.com/pixie/up?pi=438b7803-d193-4be8-a453-7c189f1ed1cc
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
server: nginx/1.23.4
access-control-max-age: 0
access-control-allow-methods: GET, OPTIONS
content-type: application/xml
access-control-allow-origin: https://signin.tofeliq-jour.online
access-control-allow-credentials: true
x-proxy-origin: 2.56.190.226; 2.56.190.226; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
access-control-allow-headers: Content-Type
content-length: 9

GET
H2 200 seg Show response
secure.adnxs.com/ 0
1 KB 87ms
85ms Script
application/javascript 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=31891253&t=1&cb=1724586426.2025597

Requested by

Host: live.rezync.com
URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=81e31b6c6eb656b9449d53af1fb22ebf&k=toefl-pixel-1137&zmpID=toefl

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:06 GMT
an-x-request-uuid: e58a1d54-76ad-4c6c-9987-adf4b41741be
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 2.56.190.226; 2.56.190.226; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/toefl/ 94 KB
0 1ms
1ms Script
application/javascript 18.173.132.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/toefl/p13n.min.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46187eb85409f20571c72a97a01fcc3de8d999466e2a85b56cf7c4032b58d16e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: xcbeSRX3IRqexzvZooPl1ZgdTmgwx0Ij
Content-Encoding: gzip
Via: 1.1 43504ac56caa49011c8a16d1cb156142.cloudfront.net (CloudFront)
Date: Sun, 25 Aug 2024 11:01:12 GMT
Last-Modified: Sat, 17 Aug 2024 18:48:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK52-P2
Age: 2755
x-amz-server-side-encryption: AES256
ETag: W/"ad9fbd40d3439ad419d98861ce4c0d16"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: Xr6rn2rHd8nzhVHc6VdhKth5RQsm1Njlp_MDSaxz41btZ-uXqcEcHg==

GET
H2 200 pixie
ib.adnxs.com/ 42 B
223 B 74ms
74ms Image
image/gif 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=AddToCart&c=%7Bcurrency%7D&cust_id=123&cust_type=%7BcustType%7D&store_id=123&category_id=%7BcategoryID%7D&product_id=%7BproductID%7D&cart_id=%7BcartID%7D&cart_total=%7BcartTotal%7D&cart_qty=%7BcartQty%7D&promo_code=%7BpromoCode%7D&email=%7Bcustom1%7D&pi=438b7803-d193-4be8-a453-7c189f1ed1cc&it=1724586426795&v=0.0.38&u=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&st=1724586426124&et=1724586426796&if=0
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.23.4
x-proxy-origin: 2.56.190.226; 2.56.190.226; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 139 B
454 B 115ms
115ms XHR
application/json 52.6.57.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYXBwX2lkIjoidG9lZmwiLCJic2luIjoiUEd2SWdUbmZMRURZWEZrN3V3dytRN3FTRWdPdHpEMFpvVG9mUm1FQUlBblE3UkFIaE1XemVta1UyVyt4bzYyVFFXejFsUXVLT09jZWNUcVU2Yy94U3c9PSIsImlzX2lkZW50aWZpZWQiOmZhbHNlfSwicXVlcnlzdHJpbmciOnt9LCJleHRlcm5hbF9pZHMiOnsienluYyI6ImZlNDQwYmM4LWVlMjQtNDE5NC04ZTMyLWU2M2ZkMjk2YjE5YToxNzI0NTg2NDI2LjIwMDI1NTYifX0%3D&site_id=toefl
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.57.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-57-171.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5fe9fe26cf57bb689e83eb4c5db439056cadfbe58613a366aeaa6135e3402573

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 11:47:06 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 139

GET
H2 200 e01fbcef397180f9c94045148f4092039aefb0cc.js Show response
cdn.brand-display.com/tr/knx101882/ 23 KB
8 KB 72ms
71ms Script
text/javascript 18.173.219.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/tr/knx101882/e01fbcef397180f9c94045148f4092039aefb0cc.js?s=e01fbcef397180f9c94045148f4092039aefb0cc&&ord=%%ORDER_ID%%&_t=1724586426826
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-102.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d47eddc81f18e4cd29c14867b1ea549c97c1278a2ad9135e5a4a31e17aa16ae0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: _8YfWwHcRk6pAsQQgq_Yg3lqva4_VfoU
content-encoding: br
via: 1.1 66ea06c52ae44609b3bf6f6054c081b6.cloudfront.net (CloudFront)
date: Sun, 25 Aug 2024 07:53:51 GMT
last-modified: Thu, 14 Mar 2024 18:11:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 14032
x-amz-server-side-encryption: AES256
etag: W/"cd4c25fd7ed03ad99c61150b577cfe79"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-cache, must-revalidate, proxy-revalidate, public, max-age=0
x-amz-cf-id: A1S8xT9xEItS01xNkIQdysf0gddxO4VUOvWPC6Vd9dI9g_GrvCSbuQ==

POST
H2 200 interact Show response
smetrics.ets.org/ee/v1/ 794 B
857 B 338ms
109ms Fetch
application/json 63.140.37.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.ets.org/ee/v1/interact?configId=e73bc018-e303-4cd6-bf5f-5feddaa35cf0&requestId=4c0cb8c4-fc45-4622-b657-e46e8361a1f2

Requested by

Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.37.206 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-37-206.data.adobedc.net

Software

jag /

Resource Hash

f714ea8224822fa894dbfdc7ae5af50c20cee7b752c33b04a8cfb89e45c972d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://signin.tofeliq-jour.online
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: OR2;9
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 4c0cb8c4-fc45-4622-b657-e46e8361a1f2

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 237ms
94ms XHR
application/json 142.251.40.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.138 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://signin.tofeliq-jour.online
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 68ms
68ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/TpqCM3sfCw4SWaHXbjueqN6BGSDWhdeo/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 13:25:17 GMT
x-amz-version-id: mUKhKkDsTlV_L45onrBdOfv9_aAUrh2t
content-encoding: br
via: 1.1 08e4533f506df09f2c978ceaed6e2310.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 3363710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 16 Jul 2024 17:27:05 GMT
server: AmazonS3
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: Wo99e5N4b-PLFcqju-ncR-K9-wsU795jMaGpZe2kMaeitWo013eYWA==

GET
H2 200 pixie
ib.adnxs.com/ 42 B
223 B 75ms
74ms Image
image/gif 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=AddToCart&c=%7Bcurrency%7D&cust_id=123&cust_type=%7BcustType%7D&store_id=123&category_id=%7BcategoryID%7D&product_id=%7BproductID%7D&cart_id=%7BcartID%7D&cart_total=%7BcartTotal%7D&cart_qty=%7BcartQty%7D&promo_code=%7BpromoCode%7D&email=%7Bcustom1%7D&pi=438b7803-d193-4be8-a453-7c189f1ed1cc&it=1724586426795&v=0.0.38&u=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&st=1724586426124&et=1724586426894&if=0
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:06 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.23.4
x-proxy-origin: 2.56.190.226; 2.56.190.226; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 42
content-type: image/gif

GET
H2 200 471062756
td.doubleclick.net/td/rul/ Frame EF48 0
0 260ms
104ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/471062756?random=1714219587790&cv=11&fst=1714219587790&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v892194152z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&label=CR008_Creatip_signin&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&value=0&bttype=purchase&npa=0&gclaw=Cj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&gac=UA-44416257-1%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB%3BUA-44416257-5%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 11:47:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 471062756
td.doubleclick.net/td/rul/ Frame B76F 0
0 256ms
103ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/471062756?random=1714219587803&cv=11&fst=1714219587803&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v892194152z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&label=CR008_Creatip_signin_rm&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&npa=0&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 11:47:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1124030171385985 Show response
connect.facebook.net/signals/config/ 72 KB
14 KB 132ms
132ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1124030171385985?v=2.9.165&r=stable&domain=signin.tofeliq-jour.online&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

a9fe7247c10ea0b68c018c8458ffb523f2369ec181b6d0d0b7e8196d6900f1b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 11:47:07 GMT
document-policy: force-load-at-top
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=91, mss=1232, tbw=87911, tp=85, tpl=0, uplat=57, ullat=0
pragma: public
x-fb-debug: dmUCIIH+P1DfU9w/CiOjUa5vHeIZwLc/VW7W7UgQddSx4p9qGjFc4pu4DJKWNc3osdoJNwwWKzZKltrd3HjoWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 11022720383
td.doubleclick.net/td/rul/ Frame F160 0
0 214ms
105ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11022720383?random=1714219587879&cv=11&fst=1714219587879&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v897788250z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&label=11022720383&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&value=0&bttype=purchase&npa=0&gclaw=Cj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&gac=UA-44416257-1%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB%3BUA-44416257-5%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 11:47:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11350394542
td.doubleclick.net/td/rul/ Frame 6F2B 0
0 212ms
105ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11350394542?random=1714219588087&cv=11&fst=1714219588087&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v9166903837z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&label=j5ZJCOj_oOYYEK6NpaQq&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&npa=0&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 11:47:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 961899722
td.doubleclick.net/td/rul/ Frame 7345 0
0 211ms
107ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/961899722?random=1714219588110&cv=11&fst=1714219588110&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v9171148518z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&label=MwBnCO-d9_QYEMrZ1coD&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&value=0&bttype=purchase&npa=0&gclaw=Cj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&gac=UA-44416257-1%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB%3BUA-44416257-5%3ACj0KCQiArrCvBhCNARIsAOkAGcXoKgmtVYoVWlyocuBYXhR322660yEScfb-768NYb9Pu8o44eZIzg4aAk3aEALw_wcB&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 11:47:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 961899722
td.doubleclick.net/td/rul/ Frame 900B 0
0 208ms
108ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/961899722?random=1714219588119&cv=11&fst=1714219588119&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be44o0v9171148518z8813049910za201&gcd=13l3l3l3l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL&ref=https%3A%2F%2Fidcs-b9d99f99ccc84342b77c130f617b6067.identity.oraclecloud.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20for%20Test%20Takers&npa=0&pscdl=noapi&auid=857353755.1709755364&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=14.0.0&uaw=0&fledge=1

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 11:47:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 139 B
454 B 105ms
104ms XHR
application/json 52.6.57.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYXBwX2lkIjoidG9lZmwiLCJic2luIjoiVmpHUDYveUNxUW5FZmNabGUrK3g5Ly9WTWNlNWIrVEgwYmJYYkVhVlgxb1E3RDdScXh2SFVrUERBNXErUFlHc1BDSWJGMStETkNZaWVlbU9Od01ycnc9PSIsImlzX2lkZW50aWZpZWQiOmZhbHNlfSwicXVlcnlzdHJpbmciOnt9LCJleHRlcm5hbF9pZHMiOnsienluYyI6IjIyNThkMTEzLTVmMGUtNGYxZC1iZDk4LTBiYzBkYzRiMDQxNzoxNzA4MTg5NzE0Ljc3MzM5OTYifX0%3D&site_id=toefl
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.57.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-57-171.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c003958ef35839ed78e2df83c558ec9fe60fc63518ddfe2723992928077cf715

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 11:47:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 139

GET
H2 200 ct2.html
t1.daumcdn.net/kas/static/third-party/cookie/ Frame 39C1 0
0 224ms
76ms Document
text/html 23.44.201.247
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/kas/static/third-party/cookie/ct2.html
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/kp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.247 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-247.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=3476
content-encoding: gzip
content-length: 337
content-type: text/html
date: Sun, 25 Aug 2024 11:47:07 GMT
expires: Sun, 25 Aug 2024 12:45:03 GMT
last-modified: Mon, 01 Jul 2024 03:33:40 GMT
nel: {"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
report-to: {"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
server: openresty
vary: Accept-Encoding
x-wcss: dC1jb21tb24wMS1id2NhY2hlNjc6aGl0OjA=

POST
H/1.1 200
OK visitWebPage
709-zco-379.mktoresp.com/webevents/ 2 B
318 B 319ms
71ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://709-zco-379.mktoresp.com/webevents/visitWebPage?_mchNc=1724586427031&_mchCn=&_mchId=709-ZCO-379&_mchTk=_mch-tofeliq-jour.online-1724586427030-68211&_mchHo=signin.tofeliq-jour.online&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 11:47:07 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 136f8282-caee-41e9-bc65-ec052ca5dc48

GET
H3 404 caret-down.svg
signin.tofeliq-jour.online/ereg/img/svg/icons/ 2 KB
2 KB 157ms
156ms Image
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signin.tofeliq-jour.online/ereg/img/svg/icons/caret-down.svg
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:07 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

POST
H2 200 track Show response
events.api.boomtrain.com/event/ 2 B
209 B 256ms
86ms XHR
text/plain 35.171.12.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.api.boomtrain.com/event/track
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.12.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-12-219.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 25 Aug 2024 11:47:07 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
content-length: 2
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: text/plain

GET
H2 200 sync Show response
live.rezync.com/ 4 KB
5 KB 134ms
133ms Script
text/javascript 108.138.106.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=81e31b6c6eb656b9449d53af1fb22ebf&k=toefl-pixel-1137&zmpID=toefl
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-60.jfk50.r.cloudfront.net
Software: lighttpd/1.4.69 /
Resource Hash: ccec9e02b25680da11f5c2dae0bcad75e83038ca0eb9ecd34f6ac809f71f5b8c

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:07 GMT
via: 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: JFK50-P3
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 4017
x-amz-cf-id: Yeuw9-To6NKzqqPfbWdziAk8NwYQDQqOwJIyWZKTTsSUvwnHxJmnSA==

GET
H/1.1

200
OK

64581
i6.liadm.com/s/
Redirect Chain

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&k=lionly&cache_buster=1724586427047
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a%3A1724586426.2002556&_=1724586427.1147635
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.1147635&_li_chk=true&previous_uuid=73256314c681432786f4ef134ab4ab4e
https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.1147635

43 B
274 B

300ms
72ms

Image
image/gif

54.197.140.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.1147635

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

HTTP/1.1

Server

54.197.140.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-140-34.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 11:47:07 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.1147635
Date: Sun, 25 Aug 2024 11:47:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 0

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 68ms
65ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/TpqCM3sfCw4SWaHXbjueqN6BGSDWhdeo/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 13:25:18 GMT
x-amz-version-id: IKXrUoItkKbxZQ20ut9b8FhMghJH_Xd7
content-encoding: br
via: 1.1 08e4533f506df09f2c978ceaed6e2310.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 3363710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 16 Jul 2024 17:27:04 GMT
server: AmazonS3
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: kXbC7bKMhCDwLVeXY3sKNkBKCrVI-_g9z87HkdMPHhv1f8_wITFcYg==

GET
H3 200 396392671422210 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 123ms
121ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/396392671422210?v=2.9.165&r=stable&domain=signin.tofeliq-jour.online&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C130%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C123%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

1bce8be7db8e2ffb5f62d08f0b8cc8e056659fee06685b3a7fa677d7cea96ecc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 11:47:07 GMT
document-policy: force-load-at-top
x-fb-server-load: 50
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=103, mss=1232, tbw=103127, tp=100, tpl=0, uplat=52, ullat=0
pragma: public
x-fb-debug: nW5z92tKrVLi0p7JdUbWwogqrsQVa2u2ZhBBFKLg8JTm9GDDOztTi3mqhVI47Qa0qK3/t+/Z1U52x0wAF8GuVA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 212ms
69ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1124030171385985&ev=PageView&dl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&rl=&if=false&ts=1724586427250&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724586427243.29086994111767514&cs_est=true&ler=empty&cdl=API_unavailable&it=1724586426938&coo=false&rqm=GET

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1380, tbw=2812, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 11:47:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 259ms
117ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1124030171385985&ev=PageView&dl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&rl=&if=false&ts=1724586427250&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724586427243.29086994111767514&cs_est=true&ler=empty&cdl=API_unavailable&it=1724586426938&coo=false&rqm=FGET

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 11:47:07 GMT
document-policy: force-load-at-top
x-fb-server-load: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7407042303439921927", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1380, tbw=3162, tp=-1, tpl=-1, uplat=47, ullat=0
pragma: no-cache
x-fb-debug: Wz0W49ktMPGkTr9wzNglmG9qoVzXdyGOFQi34mptCspxwQik5B47j7OT6Yn5pvyUcrzsZEXan+OzMLea/co8Dw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7407042303439921927"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ad70603567d2fd1e96e9.js Show response
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 4 KB
3 KB 67ms
66ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/ad70603567d2fd1e96e9.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/TpqCM3sfCw4SWaHXbjueqN6BGSDWhdeo/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d20fef5c39a29496573f320ec20c08d6f3fe386635f87de035e89d24fdd40556

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 1rSiuqfPe7V0MOHWOgN0RhO6HOY72zz0
content-encoding: gzip
via: 1.1 08e4533f506df09f2c978ceaed6e2310.cloudfront.net (CloudFront)
date: Sun, 25 Aug 2024 08:11:21 GMT
x-amz-cf-pop: EWR53-C2
age: 12947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 02 Jul 2024 17:58:55 GMT
server: AmazonS3
etag: W/"d182a0c483cdfe192fbae74b56192b30"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: Qara063Cs24t0F8DngXQa-pGdbBxj9ImXVwbWKQUzDAqSU28Z-pqFw==

GET
H2 204 bc
bc.ad.daum.net/ 0
0 615ms
199ms Fetch 211.249.221.187
DAUM-AS Kakao Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.ad.daum.net/bc?d=%7B%22track_id%22%3A%22256062844735371724%22%2C%22event_code%22%3A%22PageView%22%2C%22params%22%3A%7B%7D%2C%22props%22%3A%7B%22lmt%22%3A%22N%22%7D%2C%22site%22%3A%7B%22identifier%22%3A%22signin.tofeliq-jour.online%22%7D%2C%22sdk%22%3A%7B%22type%22%3A%22WEB%22%2C%22version%22%3A%221.6.1%22%2C%22tpc%22%3A%22Y%22%7D%2C%22page%22%3A%7B%22url%22%3A%22https%3A%2F%2Fsignin.tofeliq-jour.online%2F%22%2C%22is_frame_env%22%3Afalse%7D%2C%22device%22%3A%7B%22dnt%22%3A%22N%22%2C%22device_type%22%3A%22pc%22%2C%22is_mobile%22%3A%22N%22%7D%7D

Requested by

Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

211.249.221.187 , Korea, Republic Of, ASN7625 (DAUM-AS Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://signin.tofeliq-jour.online
x-kakao-aid
access-control-expose-headers: x-kakao-aid
access-control-allow-credentials: true
access-control-allow-headers: x-kakao-aid

GET
H2 204 bc
bc.ad.daum.net/ 0
0 611ms
197ms Fetch 211.249.221.187
DAUM-AS Kakao Corp

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.ad.daum.net/bc?d=%7B%22track_id%22%3A%22256062844735371724%22%2C%22event_code%22%3A%22SignUp%22%2C%22params%22%3A%7B%7D%2C%22props%22%3A%7B%22lmt%22%3A%22N%22%7D%2C%22site%22%3A%7B%22identifier%22%3A%22signin.tofeliq-jour.online%22%7D%2C%22sdk%22%3A%7B%22type%22%3A%22WEB%22%2C%22version%22%3A%221.6.1%22%2C%22tpc%22%3A%22Y%22%7D%2C%22page%22%3A%7B%22url%22%3A%22https%3A%2F%2Fsignin.tofeliq-jour.online%2F%22%2C%22is_frame_env%22%3Afalse%7D%2C%22device%22%3A%7B%22dnt%22%3A%22N%22%2C%22device_type%22%3A%22pc%22%2C%22is_mobile%22%3A%22N%22%7D%7D

Requested by

Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

211.249.221.187 , Korea, Republic Of, ASN7625 (DAUM-AS Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://signin.tofeliq-jour.online
x-kakao-aid
access-control-expose-headers: x-kakao-aid
access-control-allow-credentials: true
access-control-allow-headers: x-kakao-aid

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
0 0ms
0ms Script
application/x-javascript 108.138.128.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-75.jfk50.r.cloudfront.net
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:19:28 GMT
content-encoding: gzip
via: 1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
last-modified: Sun, 25 Aug 2024 11:19:18 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: JFK50-P4
age: 1658
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: Jpky8DTb6tqIAozx2C3_j9vxSLd0SDfdAi73tG9Zf967MAcRMJ0tow==
expires: Sun, 25 Aug 2024 12:19:28 GMT

GET
H/1.1 200
OK ca.html
20842913p.rfihub.com/ Frame 8E0F 0
0 76ms
74ms Document
text/html 199.38.167.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20842913p.rfihub.com/ca.html?ver=9&rb=45053&ca=20842913&_o=45053&_t=20842913&userid=fe440bc8-ee24-4194-8e32-e63fd296b19a%3A1724586426.2002556&pe=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&pf=&ra=9818928095986283
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Length: 4797
Content-Type: text/html;charset=utf-8
Date: Sun, 25 Aug 2024 11:47:07 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 seg Show response
secure.adnxs.com/ 0
1 KB 85ms
76ms Script
application/javascript 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=31891253&t=1&cb=1724586427.1143556

Requested by

Host: live.rezync.com
URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=81e31b6c6eb656b9449d53af1fb22ebf&k=toefl-pixel-1137&zmpID=toefl

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:07 GMT
an-x-request-uuid: 08b7086c-6aa9-4111-b10b-ca4ed5d3f132
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 2.56.190.226; 2.56.190.226; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/toefl/ 94 KB
0 5ms
5ms Script
application/javascript 18.173.132.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/toefl/p13n.min.js
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46187eb85409f20571c72a97a01fcc3de8d999466e2a85b56cf7c4032b58d16e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: xcbeSRX3IRqexzvZooPl1ZgdTmgwx0Ij
Content-Encoding: gzip
Via: 1.1 43504ac56caa49011c8a16d1cb156142.cloudfront.net (CloudFront)
Date: Sun, 25 Aug 2024 11:01:12 GMT
Last-Modified: Sat, 17 Aug 2024 18:48:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK52-P2
Age: 2755
x-amz-server-side-encryption: AES256
ETag: W/"ad9fbd40d3439ad419d98861ce4c0d16"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: Xr6rn2rHd8nzhVHc6VdhKth5RQsm1Njlp_MDSaxz41btZ-uXqcEcHg==

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 139 B
454 B 94ms
91ms XHR
application/json 52.6.57.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYXBwX2lkIjoidG9lZmwiLCJic2luIjoiYTFpSCt2bjY3QkFUd0JPMHBpN0V4N1RyL3pRWEEvQldNcmFPQlY5WTQ2Vldyd2F0clN3dGV4TW0vY0pPRWFDYk5VRE1ObkxPaTFKNG5wdWlnd3Q1ZEE9PSIsImlzX2lkZW50aWZpZWQiOmZhbHNlfSwicXVlcnlzdHJpbmciOnt9LCJleHRlcm5hbF9pZHMiOnsienluYyI6ImZlNDQwYmM4LWVlMjQtNDE5NC04ZTMyLWU2M2ZkMjk2YjE5YToxNzI0NTg2NDI2LjIwMDI1NTYifX0%3D&site_id=toefl
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.57.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-57-171.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0dcdc9c535c6384117dc5b8124a1b6bf3eabcdd1bc519e251c10863bc64daf5a

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 11:47:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 139

GET
H/1.1

200
OK

64581
i6.liadm.com/s/
Redirect Chain

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&k=lionly&cache_buster=1724586427266
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a%3A1724586426.2002556&_=1724586427.3453367
https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.3453367&_li_chk=true&previous_uuid=490add18dad0474d83a3dc3d0fee7359
https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.3453367

43 B
274 B

305ms
72ms

Image
image/gif

54.197.140.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.3453367

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

HTTP/1.1

Server

54.197.140.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-140-34.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 11:47:07 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/64581?bidder_id=200442&bidder_uuid=fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556&_=1724586427.3453367
Date: Sun, 25 Aug 2024 11:47:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 pixie
ib.adnxs.com/ 42 B
223 B 78ms
74ms Image
image/gif 68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=AddToCart&c=%7Bcurrency%7D&cust_id=123&cust_type=%7BcustType%7D&store_id=123&category_id=%7BcategoryID%7D&product_id=%7BproductID%7D&cart_id=%7BcartID%7D&cart_total=%7BcartTotal%7D&cart_qty=%7BcartQty%7D&promo_code=%7BpromoCode%7D&email=%7Bcustom1%7D&pi=438b7803-d193-4be8-a453-7c189f1ed1cc&it=1724586426795&v=0.0.38&u=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&st=1724586426124&et=1724586427269&if=0
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:07 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.23.4
x-proxy-origin: 2.56.190.226; 2.56.190.226; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 42
content-type: image/gif

GET
H2 200 2d04d1da143afcea0dd4.js Show response
cdn.segment.com/next-integrations/actions/845/ 27 KB
8 KB 77ms
76ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/845/2d04d1da143afcea0dd4.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/ad70603567d2fd1e96e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 6QwFHwiTFjRaoadUFPfbiMxzeAQ1Qs2f
content-encoding: br
via: 1.1 08e4533f506df09f2c978ceaed6e2310.cloudfront.net (CloudFront)
date: Sat, 24 Aug 2024 17:11:56 GMT
x-amz-cf-pop: EWR53-C2
age: 66912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 02 Jul 2024 17:58:54 GMT
server: AmazonS3
etag: W/"3d84aa516e4818a6f28f1cad3a20212d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: zxhHAYZqbKJtV9gYmpZLOn6hST-ortJmCNfa6sCt1qJ3zY2wcn_e2Q==

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
290 B 83ms
79ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://signin.tofeliq-jour.online
Date: Sun, 25 Aug 2024 11:47:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 851045928968929 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 143ms
140ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/851045928968929?v=2.9.165&r=stable&domain=signin.tofeliq-jour.online&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C130%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C123%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

a5b748e3b742899ee89e4e8e4d78f195b985293fdf8a64dde2a3160e9f8aad72

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 11:47:07 GMT
document-policy: force-load-at-top
x-fb-server-load: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=106, mss=1232, tbw=106327, tp=104, tpl=0, uplat=72, ullat=0
pragma: public
x-fb-debug: 1KB9GCMy/WayzijTKJESzdfHd+IjDqjVrT3goBTus8ZwWvFVPs7o0rQnpKe1UvVMIZtQamAiLcp070bTae6g6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 79ms
71ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=396392671422210&ev=PageView&dl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&rl=&if=false&ts=1724586427385&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724586427243.29086994111767514&ler=empty&cdl=API_unavailable&it=1724586426938&coo=false&rqm=GET

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1380, tbw=2812, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 11:47:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
861 B 130ms
122ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=396392671422210&ev=PageView&dl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&rl=&if=false&ts=1724586427385&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724586427243.29086994111767514&ler=empty&cdl=API_unavailable&it=1724586426938&coo=false&rqm=FGET

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 11:47:07 GMT
document-policy: force-load-at-top
x-fb-server-load: 43
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7407042303975048423", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1380, tbw=6424, tp=-1, tpl=-1, uplat=54, ullat=0
pragma: no-cache
x-fb-debug: MXOCB4p3oekL9uDMsjYXKGvP3sX3GgMrYe8bNOK35THl1FhoW+t4U3UR61w6LZVp8PrIiLJykvMOdtQ5K8Sazg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7407042303975048423"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 70ms
68ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=851045928968929&ev=PageView&dl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&rl=&if=false&ts=1724586427542&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1724586427243.29086994111767514&ler=empty&cdl=API_unavailable&it=1724586426938&coo=false&rqm=GET

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1380, tbw=7399, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 11:47:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 91ms
91ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=851045928968929&ev=PageView&dl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&rl=&if=false&ts=1724586427542&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1724586427243.29086994111767514&ler=empty&cdl=API_unavailable&it=1724586426938&coo=false&rqm=FGET

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xbc359d430fcb8ee5","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:25901636936149398","24:9617636958278445","24:9674011899307252","24:4509925649126133","24:8215023748521255","24:9038340509597376","24:8567030433315286","24:7556324314478227","24:7623124334409266","24:3899949996704197","24:6942862125819213","24:7120965447941062","24:4916827265023814","24:6691735160918875","24:6182584898443403","24:6429866073729613","24:6191644367630126","24:5787673641333137","24:6409746815770336","24:6802725269762336","24:6175662225865669","24:9922801737761872","24:4303553109659364","24:5738726456215949","7830:25901636936149398","7830:9617636958278445","7830:9674011899307252","7830:4509925649126133","7830:8215023748521255","7830:9038340509597376","7830:8567030433315286","7830:7556324314478227","7830:7623124334409266","7830:3899949996704197","7830:6942862125819213","7830:7120965447941062","7830:4916827265023814","7830:6691735160918875","7830:6182584898443403","7830:6429866073729613","7830:6191644367630126","7830:5787673641333137","7830:6409746815770336","7830:6802725269762336","7830:6175662225865669","7830:9922801737761872","7830:4303553109659364","7830:5738726456215949","10853:25901636936149398","10853:9617636958278445","10853:9674011899307252","10853:4509925649126133","10853:8215023748521255","10853:9038340509597376","10853:8567030433315286","10853:7556324314478227","10853:7623124334409266","10853:3899949996704197","10853:6942862125819213","10853:7120965447941062","10853:4916827265023814","10853:6691735160918875","10853:6182584898443403","10853:6429866073729613","10853:6191644367630126","10853:5787673641333137","10853:6409746815770336","10853:6802725269762336","10853:6175662225865669","10853:9922801737761872","10853:4303553109659364","10853:5738726456215949","41:25901636936149398","41:9617636958278445","41:9674011899307252","41:4509925649126133","41:8215023748521255","41:9038340509597376","41:8567030433315286","41:7556324314478227","41:7623124334409266","41:3899949996704197","41:6942862125819213","41:7120965447941062","41:4916827265023814","41:6691735160918875","41:6182584898443403","41:6429866073729613","41:6191644367630126","41:5787673641333137","41:6409746815770336","41:6802725269762336","41:6175662225865669","41:9922801737761872","41:4303553109659364","41:5738726456215949","8046:25901636936149398","8046:9617636958278445","8046:9674011899307252","8046:4509925649126133","8046:8215023748521255","8046:9038340509597376","8046:8567030433315286","8046:7556324314478227","8046:7623124334409266","8046:3899949996704197","8046:6942862125819213","8046:7120965447941062","8046:4916827265023814","8046:6691735160918875","8046:6182584898443403","8046:6429866073729613","8046:6191644367630126","8046:5787673641333137","8046:6409746815770336","8046:6802725269762336","8046:6175662225865669","8046:9922801737761872","8046:4303553109659364","8046:5738726456215949"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 25 Aug 2024 11:47:07 GMT
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7407042303637214871", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1380, tbw=7545, tp=-1, tpl=-1, uplat=21, ullat=0
pragma: no-cache
x-fb-debug: vDgE7EoeUhlyoxGkVg7RGk41P7sJtKJx4b+wdcG278eEdCtPvpnjlVAGOFwPo9pfLIkhrBxA9bgs2qeFH3u6+A==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7407042303637214871"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cfix.html
cdn.brand-display.com/tr/tag/ Frame 4C98 0
0 191ms
65ms Document
text/html 18.173.219.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/tr/tag/cfix.html?key=f9db2a063535de85af8f40b24da323d2205cf281
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx101882/e01fbcef397180f9c94045148f4092039aefb0cc.js?s=e01fbcef397180f9c94045148f4092039aefb0cc&&ord=%%ORDER_ID%%&_t=1714219587368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-34.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 916
cache-control: no-cache, must-revalidate, proxy-revalidate, public, max-age=0
content-encoding: gzip
content-type: text/html
date: Sun, 25 Aug 2024 11:31:52 GMT
etag: W/"073b35c69744014f5d2406710e188e97"
last-modified: Mon, 18 Mar 2019 15:45:52 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 df10d763492b2272b777b93e70e1f4a4.cloudfront.net (CloudFront)
x-amz-cf-id: 8m5wkJlQnirOAtOUp3bc5LOqFusLbS8nMbPpkhRkJlnvIRQIRH0ouA==
x-amz-cf-pop: JFK52-P1
x-amz-version-id: wdA6oWpnBvGweZ2olIlUbqk0DcpmZdej
x-cache: Hit from cloudfront

GET
H2 200 conversion
tr.brand-display.com/tracking/api/ 0
476 B 291ms
92ms Image
image/gif 44.240.118.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.brand-display.com/tracking/api/conversion?_t=1724586427953&advertiserId=knx101882&id=f9db2a063535de85af8f40b24da323d2205cf281&value=0&order_id=&currency=USD&_t=1724586426826&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL_e01fbcef397180f9c94045148f4092039aefb0cc&referer=&aurl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&areferer=&required=1&extra=%7B%22id%22%3A%22all%22%7D&d=1&r=0&bf=1d9b9edf8407834a17ab7c63c52c3173&itp=1
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.118.251 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-118-251.us-west-2.compute.amazonaws.com
Software: nginx/1.27.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy!'
date: Sun, 25 Aug 2024 11:47:08 GMT
cache-control: max-age=3600
user-region: US
server: nginx/1.27.0
content-length: 0
content-type: image/gif

GET
H2 200 cfix.html
cdn.brand-display.com/tr/tag/ Frame 7993 0
0 72ms
65ms Document
text/html 18.173.219.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/tr/tag/cfix.html?key=f9db2a063535de85af8f40b24da323d2205cf281
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx101882/e01fbcef397180f9c94045148f4092039aefb0cc.js?s=e01fbcef397180f9c94045148f4092039aefb0cc&&ord=%%ORDER_ID%%&_t=1724586426826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-34.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 916
cache-control: no-cache, must-revalidate, proxy-revalidate, public, max-age=0
content-encoding: gzip
content-type: text/html
date: Sun, 25 Aug 2024 11:31:52 GMT
etag: W/"073b35c69744014f5d2406710e188e97"
last-modified: Mon, 18 Mar 2019 15:45:52 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 df10d763492b2272b777b93e70e1f4a4.cloudfront.net (CloudFront)
x-amz-cf-id: xE2cHIL3xcJCj8Hx1duID-66MpUZtdLPVsutk5xogp4RLV3qhf5f0A==
x-amz-cf-pop: JFK52-P1
x-amz-version-id: wdA6oWpnBvGweZ2olIlUbqk0DcpmZdej
x-cache: Hit from cloudfront

GET
H2 200 conversion
tr.brand-display.com/tracking/api/ 0
476 B 100ms
90ms Image
image/gif 44.240.118.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.brand-display.com/tracking/api/conversion?_t=1724586428143&advertiserId=knx101882&id=f9db2a063535de85af8f40b24da323d2205cf281&value=0&order_id=&currency=USD&_t=1724586426826&url=https%3A%2F%2Fv2.ereg.ets.org%2Fereg%2Fpublic%2Fjump%3F_p%3DTEL_e01fbcef397180f9c94045148f4092039aefb0cc&referer=&aurl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&areferer=&required=1&extra=%7B%22id%22%3A%22all%22%7D&d=1&r=0&bf=1d9b9edf8407834a17ab7c63c52c3173&itp=1
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.118.251 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-118-251.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy!'
date: Sun, 25 Aug 2024 11:47:08 GMT
cache-control: max-age=3600
user-region: US
server: nginx/1.27.1
content-length: 0
content-type: image/gif

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 68ms
67ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=851045928968929&ev=ViewContent&dl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&rl=&if=false&ts=1724586428165&cd[content_type]=product&cd[content_ids]=%5Bv1%5D&cd[content_name]=%5Bv3%5D&cd[value]=%5Bv6%5D&cd[currency]=%5Bv7%5D&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1724586427243.29086994111767514&ler=empty&cdl=API_unavailable&it=1724586426938&coo=false&tm=1&rqm=GET

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=4354, tp=9, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 11:47:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
200 B 93ms
92ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=851045928968929&ev=ViewContent&dl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&rl=&if=false&ts=1724586428165&cd[content_type]=product&cd[content_ids]=%5Bv1%5D&cd[content_name]=%5Bv3%5D&cd[value]=%5Bv6%5D&cd[currency]=%5Bv7%5D&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1724586427243.29086994111767514&ler=empty&cdl=API_unavailable&it=1724586426938&coo=false&tm=1&rqm=FGET

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xbe6a429defb4b27b","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["14:3510962719026232","14:3844434358933335","14:7534802659939193","14:3850399185025798","7834:3510962719026232","7834:3844434358933335","7834:7534802659939193","7834:3850399185025798","564:3510962719026232","564:3844434358933335","564:7534802659939193","564:3850399185025798","10196:3510962719026232","10196:3844434358933335","10196:7534802659939193","10196:3850399185025798","10853:3510962719026232","10853:3844434358933335","10853:7534802659939193","10853:3850399185025798","31:3510962719026232","31:3844434358933335","31:7534802659939193","31:3850399185025798","8053:3510962719026232","8053:3844434358933335","8053:7534802659939193","8053:3850399185025798","617:3510962719026232","617:3844434358933335","617:7534802659939193","617:3850399185025798"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 25 Aug 2024 11:47:08 GMT
x-fb-server-load: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7407042307643758027", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=4978, tp=16, tpl=0, uplat=24, ullat=0
pragma: no-cache
x-fb-debug: oT6u8RMnDdvhPRYajudAADRQldc0nkDiYOa7zD40YVAyL5ebdE0XxO0wZ+DR6R/LtHH1VOfJzHV6yVYCdJSwaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7407042307643758027"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?pid=50120&conversionId=13752673&fmt=gif
https://px.ads.linkedin.com/collect/?pid=50120&conversionId=13752673&fmt=gif&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Fpid%3D50120%26conversionId%3D13752673%26fmt%3Dgif%26cookiesTest%3Dtrue%26liSync%3Dtrue
https://px.ads.linkedin.com/collect/?pid=50120&conversionId=13752673&fmt=gif&cookiesTest=true&liSync=true

43 B
470 B

103ms
102ms

Image
image/gif

150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect/?pid=50120&conversionId=13752673&fmt=gif&cookiesTest=true&liSync=true
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:09 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A01793C06EDC419AB045F8D858E7034E Ref B: DFW30EDGE1820 Ref C: 2024-08-25T11:47:09Z
linkedin-action: 1
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
content-type: image/gif
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 65
x-li-uuid: AAYggJGGN2zv4r5e8URT8g==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 11:47:08 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYggJGEkPjmOOJlDdhbHw==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D9930FE9152D42108B3FDFBADEAF47F3 Ref B: DFW311000108009 Ref C: 2024-08-25T11:47:09Z
x-frame-options: sameorigin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect/?pid=50120&conversionId=13752673&fmt=gif&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 69ms
68ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=851045928968929&ev=ViewContent&dl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&rl=&if=false&ts=1724586428168&cd[content_type]=product&cd[content_ids]=%5Bv1%5D&cd[content_name]=%5Bv3%5D&cd[value]=%5Bv6%5D&cd[currency]=%5Bv7%5D&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1724586427243.29086994111767514&ler=empty&cdl=API_unavailable&it=1724586426938&coo=false&tm=1&rqm=GET

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=4818, tp=14, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 11:47:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 95ms
94ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=851045928968929&ev=ViewContent&dl=https%3A%2F%2Fsignin.tofeliq-jour.online%2F&rl=&if=false&ts=1724586428168&cd[content_type]=product&cd[content_ids]=%5Bv1%5D&cd[content_name]=%5Bv3%5D&cd[value]=%5Bv6%5D&cd[currency]=%5Bv7%5D&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1724586427243.29086994111767514&ler=empty&cdl=API_unavailable&it=1724586426938&coo=false&tm=1&rqm=FGET

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xbe6a429defb4b27b","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["14:3510962719026232","14:3844434358933335","14:7534802659939193","14:3850399185025798","7834:3510962719026232","7834:3844434358933335","7834:7534802659939193","7834:3850399185025798","564:3510962719026232","564:3844434358933335","564:7534802659939193","564:3850399185025798","10196:3510962719026232","10196:3844434358933335","10196:7534802659939193","10196:3850399185025798","10853:3510962719026232","10853:3844434358933335","10853:7534802659939193","10853:3850399185025798","31:3510962719026232","31:3844434358933335","31:7534802659939193","31:3850399185025798","8053:3510962719026232","8053:3844434358933335","8053:7534802659939193","8053:3850399185025798","617:3510962719026232","617:3844434358933335","617:7534802659939193","617:3850399185025798"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 25 Aug 2024 11:47:08 GMT
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7407042308124364325", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=9266, tp=20, tpl=0, uplat=25, ullat=0
pragma: no-cache
x-fb-debug: nhx2JNsJzfNV6s0vPHHdr1Q/EnJR6UahdZGPSCPRcrKs/ppIhj7T/2UQdAf8msApGiH3vq3VzDPF50OX5DI0LA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7407042308124364325"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
dmp.brand-display.com/adx/cm/
Redirect Chain

https://tr.brand-display.com/tracking/api/r?r0=1&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dknorex%26google_hm%3D%25%25KNXQ_B64_ENC%25%25%26google_cm&bf=1d9b9edf8407834a17ab7c63...
https://cm.g.doubleclick.net/pixel?google_nid=knorex&google_hm=ZDIyMzRlODJlNjRjZjc3NWVkYjFhZmRl&google_cm&kcid=5213341645326750937705929370055602536
https://dmp.brand-display.com/adx/cm/pixel?google_gid=CAESELNhvHq5-0vl-4g0ogQSOc4&kcid=5213341645326750937705929370055602536&google_cver=1

0
16 B

146ms
146ms

Image
image/gif

34.160.19.107
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/adx/cm/pixel?google_gid=CAESELNhvHq5-0vl-4g0ogQSOc4&kcid=5213341645326750937705929370055602536&google_cver=1
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H3
Server: 34.160.19.107 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 107.19.160.34.bc.googleusercontent.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:13 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dmp.brand-display.com/adx/cm/pixel?google_gid=CAESELNhvHq5-0vl-4g0ogQSOc4&kcid=5213341645326750937705929370055602536&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
dmp.brand-display.com/cm2/api/
Redirect Chain

https://tags.bluekai.com/site/46117?id=1d9b9edf8407834a17ab7c63c52c3173&limit=1&redir=https%3A%2F%2Fdmp.brand-display.com%2Fcm2%2Fapi%2Fpixel%3Fpartner%3D0004%26pid%3D%24_BK_UUID%26bf%3D1d9b9edf840...
https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=1d9b9edf8407834a17ab7c63c52c3173

0
153 B

631ms
72ms

Image
image/gif

34.160.19.107
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=1d9b9edf8407834a17ab7c63c52c3173
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Server: 34.160.19.107 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 107.19.160.34.bc.googleusercontent.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:09 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=1d9b9edf8407834a17ab7c63c52c3173
date: Sun, 25 Aug 2024 11:47:09 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=539237773&val=1d9b9edf8407834a17ab7c63c52c3173
https://us-u.openx.net/w/1.0/sd?cc=1&id=539237773&val=1d9b9edf8407834a17ab7c63c52c3173

43 B
171 B

56ms
53ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=539237773&val=1d9b9edf8407834a17ab7c63c52c3173
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:08 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=539237773&val=1d9b9edf8407834a17ab7c63c52c3173
date: Sun, 25 Aug 2024 11:47:08 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=316&user_id=1d9b9edf8407834a17ab7c63c52c3173&expires=30
https://ce.lijit.com/merge?pid=26&3pid=cf87b002-abc4-46a3-9648-6d355c9e2199&gdpr=&gdpr_consent=&us_privacy=
https://ce.lijit.com/merge?pid=26&3pid=cf87b002-abc4-46a3-9648-6d355c9e2199&gdpr=&gdpr_consent=&us_privacy=&dnr=1

43 B
513 B

66ms
65ms

Image
image/gif

54.92.162.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=cf87b002-abc4-46a3-9648-6d355c9e2199&gdpr=&gdpr_consent=&us_privacy=&dnr=1
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Server: 54.92.162.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-162-110.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:09 GMT
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:09 GMT
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ce.lijit.com/merge?pid=26&3pid=cf87b002-abc4-46a3-9648-6d355c9e2199&gdpr=&gdpr_consent=&us_privacy=&dnr=1
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

/
sync.taboola.com/sg/knorex-network/1/rtb-h/
Redirect Chain

https://dmp.brand-display.com/cm/api/taboola?_t=1724586428674&bf=1d9b9edf8407834a17ab7c63c52c3173
https://sync.taboola.com/sg/knorex-network/1/rtb-h/?taboola_hm=d2234e82-e64c-f775-edb1afde

0
99 B

249ms
78ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/knorex-network/1/rtb-h/?taboola_hm=d2234e82-e64c-f775-edb1afde
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 40894

Redirect headers

date: Sun, 25 Aug 2024 11:47:09 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://sync.taboola.com/sg/knorex-network/1/rtb-h/?taboola_hm=d2234e82-e64c-f775-edb1afde
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113

GET
H2

200

setuid
ib.adnxs.com/
Redirect Chain

https://dmp.brand-display.com/cm/api/appnexus?_t=1724586428674&bf=1d9b9edf8407834a17ab7c63c52c3173
https://ib.adnxs.com/setuid?entity=442&code=d2234e82-e64c-f775-edb1afde

43 B
1 KB

110ms
107ms

Image
image/gif

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=442&code=d2234e82-e64c-f775-edb1afde

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:09 GMT
an-x-request-uuid: 07a06573-372d-48c3-b530-c16ebcce6276
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 2.56.190.226; 2.56.190.226; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Sun, 25 Aug 2024 11:47:09 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://ib.adnxs.com/setuid?entity=442&code=d2234e82-e64c-f775-edb1afde
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://dmp.brand-display.com/cm/api/liveramp?_t={CACHEBUSTER}&bf=1d9b9edf8407834a17ab7c63c52c3173
https://idsync.rlcdn.com/708804.gif?partner_uid=d2234e82-e64c-f775-edb1afde
https://pippio.com/api/sync?pid=5324&it=1&iv=a960feb53eaeafdce1ac769099d59955a0e14bb2fee663c06237df825ee54add791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a960feb53eaeafdce1ac769099d59955a0e14bb2fee663c06237df825ee54add791426b5417dce21&rand=00234214

0
159 B

106ms
106ms

Image
text/plain

150.171.22.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a960feb53eaeafdce1ac769099d59955a0e14bb2fee663c06237df825ee54add791426b5417dce21&rand=00234214
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Server: 150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:09 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F03F237CE2CD4893877D40C033FFC3B3 Ref B: DFW30EDGE1820 Ref C: 2024-08-25T11:47:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYggJGOSlR5IsxShvoo0w==

Redirect headers

date: Sun, 25 Aug 2024 11:47:10 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=a960feb53eaeafdce1ac769099d59955a0e14bb2fee663c06237df825ee54add791426b5417dce21&rand=00234214
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/
Redirect Chain

https://dmp.brand-display.com/cm/api/tapad?_t=1724586428674&bf=1d9b9edf8407834a17ab7c63c52c3173
https://pixel.tapad.com/idsync/ex/receive?partner_id=3021&partner_device_id=d2234e82-e64c-f775-edb1afde
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3021&partner_device_id=d2234e82-e64c-f775-edb1afde
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d21d92f3-f372-409f-b476-8fcb6deb46a4%252C%252C&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d21d92f3-f372-409f-b476-8fcb6deb46a4%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2588fe98-daaf-471b-bca1-8f0c99a740b1&ttd_puid=d21d92f3-f372-409f-b476-8fcb6deb46a4%2C%2C

95 B
124 B

71ms
70ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2588fe98-daaf-471b-bca1-8f0c99a740b1&ttd_puid=d21d92f3-f372-409f-b476-8fcb6deb46a4%2C%2C

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2588fe98-daaf-471b-bca1-8f0c99a740b1&ttd_puid=d21d92f3-f372-409f-b476-8fcb6deb46a4%2C%2C
date: Sun, 25 Aug 2024 11:47:10 GMT
server: Kestrel
content-length: 359

GET
H2 200 roqad
dmp.brand-display.com/cm/api/ 0
42 B 1181ms
69ms Image
image/gif 34.160.19.107
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/roqad?_t=1724586428674&bf=1d9b9edf8407834a17ab7c63c52c3173
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.19.107 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 107.19.160.34.bc.googleusercontent.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:09 GMT
via: 1.1 google
server: nginx/1.24.0
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 smaato
dmp.brand-display.com/cm/api/ 0
139 B 1177ms
66ms Image
image/gif 34.160.19.107
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/smaato?bf=1d9b9edf8407834a17ab7c63c52c3173
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.19.107 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 107.19.160.34.bc.googleusercontent.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:09 GMT
via: 1.1 google
server: nginx/1.24.0
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_callback_url=%2F%2Fdsum-sec.casalemedia.com%2Frum&cm_dsp_id=191&bf=1d9b9edf8407834a17ab7c63c52c3173
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d2234e82-e64c-f775-edb1afde

43 B
768 B

156ms
82ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d2234e82-e64c-f775-edb1afde
Requested by: Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 11:47:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpdLmMhgGuRg7F32QJkCbNiy7Vvm2ahBbor5n30Nh%2Bl8Vi%2BahBIWGexk2vdC6NdSv7XCmx9VMKnC8ypamD8iCFgIR0QR3enndROtLTy6YH2STIOiWGFNb28pJso%2BecAm0bQAb96OjLwNlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8b8b5883a9f035a0-DFW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Sun, 25 Aug 2024 11:47:09 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d2234e82-e64c-f775-edb1afde
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146

GET
H2

200

rtset
bh.contextweb.com/bh/
Redirect Chain

https://dmp.brand-display.com/cm/api/pulsepoint?_t=1724586428674&bf=1d9b9edf8407834a17ab7c63c52c3173
https://bh.contextweb.com/bh/rtset?do=add&pid=562385&ev=d2234e82-e64c-f775-edb1afde

49 B
1 KB

242ms
78ms

Image
image/gif

198.148.27.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=562385&ev=d2234e82-e64c-f775-edb1afde

Requested by

Host: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/

Protocol

Server

198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7d978d4789-j57bz
expires: -1

Redirect headers

date: Sun, 25 Aug 2024 11:47:09 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://bh.contextweb.com/bh/rtset?do=add&pid=562385&ev=d2234e82-e64c-f775-edb1afde
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
290 B 78ms
76ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://signin.tofeliq-jour.online
Date: Sun, 25 Aug 2024 11:47:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200
OK pstats.html
a.rfihub.com/ Frame 07D5 0
0 68ms
67ms Document
text/html 199.38.167.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=45053&ca=20842913&ri=318e015431833d7bfd00f3e02bf8bad0&stats=undefined&ra=37457584809774636
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash

Request headers

Referer: https://signin.tofeliq-jour.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Sun, 25 Aug 2024 11:47:10 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/ 294 KB
64 KB 78ms
76ms Script
text/javascript 142.251.40.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&libraries=places&channel=ereg_toefl&key=AIzaSyA9YhcxckPxdLGjaiKpGOcbk-wsFptEdXY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.138 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f10.1e100.net

Software

sffe /

Resource Hash

22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 20:29:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65163
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Aug 2025 20:29:47 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/ 180 KB
55 KB 71ms
71ms Script
text/javascript 142.251.40.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&libraries=places&channel=ereg_toefl&key=AIzaSyA9YhcxckPxdLGjaiKpGOcbk-wsFptEdXY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.138 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f10.1e100.net

Software

sffe /

Resource Hash

fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 18:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 18:12:45 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
290 B 74ms
72ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: idaas-signin-sdk.ets.org
URL: https://idaas-signin-sdk.ets.org/widget/v1/custom-element-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://signin.tofeliq-jour.online
Date: Sun, 25 Aug 2024 11:47:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET

c.gif
c.bing.com/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A236A3B41BAB40D0B0818B147EBA1C7A&RedC=c.clarity.ms&MXFR=0E343A5E30DC6D8923092EB834DC63DB

0
0

GET
H3 404 favicon.ico
signin.tofeliq-jour.online/ereg/img/icon/ 2 KB
953 B 148ms
147ms Other
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.tofeliq-jour.online/ereg/img/icon/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:13 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET favicon-32x32.png
signin.tofeliq-jour.online/ereg/img/icon/ 0
0

GET
H3 404 favicon-16x16.png
signin.tofeliq-jour.online/ereg/img/icon/ 2 KB
930 B 149ms
148ms Other
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.tofeliq-jour.online/ereg/img/icon/favicon-16x16.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:14 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H3 404 favicon-96x96.png
signin.tofeliq-jour.online/ereg/img/icon/ 2 KB
930 B 148ms
147ms Other
text/html 194.164.74.181
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.tofeliq-jour.online/ereg/img/icon/favicon-96x96.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.164.74.181 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer: https://signin.tofeliq-jour.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 11:47:14 GMT
content-encoding: br
last-modified: Wed, 11 Jan 2023 12:29:40 GMT
server: LiteSpeed
etag: "999-63beabb4-e99bb01bf133deca;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET android-icon-192x192.png
signin.tofeliq-jour.online/ereg/img/icon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.bing.com
URL: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A236A3B41BAB40D0B0818B147EBA1C7A&RedC=c.clarity.ms&MXFR=0E343A5E30DC6D8923092EB834DC63DB

Domain: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/ereg/img/icon/favicon-32x32.png

Domain: signin.tofeliq-jour.online
URL: https://signin.tofeliq-jour.online/ereg/img/icon/android-icon-192x192.png

Verdicts & Comments Add Verdict or Comment

297 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 23:46:18	Name: _li_ss Value: CgsKCQj_____BxDmGA
www.clarity.ms/	1970-01-21 07:48:42	Name: CLID Value: 35f850ab64bb43148dba0dc8fef278dd.20240825.20250825
.tofeliq-jour.online/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D56_sn_2Q4SLNI84A76BGDOOUCO5GTCMCG4851L
.tofeliq-jour.online/	1969-12-31 23:59:59	Name: rxVisitor Value: 1724586425690H93D6ISJQR100OS8I39PB8V12IPPGRMS
.tofeliq-jour.online/	1969-12-31 23:59:59	Name: dtSa Value: -
.tofeliq-jour.online/	1970-01-21 07:48:42	Name: _clck Value: 17i10y0%7C2%7Cfom%7C0%7C1698
.adnxs.com/	1970-01-21 01:12:42	Name: XANDR_PANID Value: 3z9ROyw8rCwsV4gfO_8NtOyq64_DQ7ZEqEy9wRAxwOEwFqWqTGqDkeZzopP05vfEbwYHqszKTS2VkG990I1CcTNonI4MCaPT5RK7f7KgT1o.
.adnxs.com/	1970-01-21 08:39:06	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 01:12:42	Name: uuid2 Value: 4370219631768290234
.rezync.com/	1970-01-21 08:24:42	Name: zync-uuid Value: fe440bc8-ee24-4194-8e32-e63fd296b19a:1724586426.2002556
.tofeliq-jour.online/	1970-01-21 08:24:42	Name: _tt_enable_cookie Value: 1
.tofeliq-jour.online/	1970-01-21 08:24:42	Name: _ttp Value: qNDpzaS8mWTHyYLbF62C3C_L5ZG
.tofeliq-jour.online/	1970-01-20 23:03:10	Name: _bts Value: dc970626-a939-4ba3-d9bb-4b802cd20b65
.tofeliq-jour.online/	1970-01-20 23:04:32	Name: _clsk Value: 1dabaka%7C1724586426592%7C1%7C1%7Ct.clarity.ms%2Fcollect
.linkedin.com/	1970-01-21 07:48:42	Name: bcookie Value: "v=2&13cacd91-71f3-4f3e-8f9e-73eed1c18622"
.linkedin.com/	1970-01-20 23:04:32	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3325:u=1:x=1:i=1724586426:t=1724672826:v=2:sig=AQFJ0r5GtRKdTF1Tf1AHmUKo7DOZP_M0"
.tofeliq-jour.online/	1970-01-21 08:39:06	Name: _mkto_trk Value: id:709-ZCO-379&token:_mch-tofeliq-jour.online-1724586427030-68211
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjSzMDMytTAwNDUysjAyNrMwEeIz1I2P8jY083OtMHD3LwAAQioOASQAAAA
.rfihub.com/	1970-01-21 08:24:42	Name: rud Value: H4sIAAAAAAAA_-MSsjSzMDMytTAwNDUysjAyNrMwEeIz1I2P8jY083OtMHD3LwAAQioOASQAAAA
.tofeliq-jour.online/	1970-01-21 01:12:42	Name: _fbp Value: fb.1.1724586427243.29086994111767514
.tofeliq-jour.online/	1970-01-21 08:31:54	Name: kndctr_0FC81D17618CDEDF0A495CB4_AdobeOrg_identity Value: CiY0MDQyODU3NjQ4NTAyNjIyMTQ5MzIyMzkwNDE3OTYyOTIwNDA3MlISCPSF8sqYMhABGAEqA09SMjAA8AH0hfLKmDI=
.casalemedia.com/	1970-01-21 07:48:42	Name: CMID Value: ZssZu8AoIkUAAGutBYQWoQAA
.casalemedia.com/	1970-01-21 01:12:42	Name: CMPS Value: 2020
.casalemedia.com/	1970-01-21 01:12:42	Name: CMPRO Value: 2020
.tofeliq-jour.online/	1970-01-20 23:03:08	Name: kndctr_0FC81D17618CDEDF0A495CB4_AdobeOrg_cluster Value: or2
.pubmatic.com/	1970-01-21 01:12:42	Name: KRTBCOOKIE_18 Value: 22947-968625801522823684&KRTB&23628-968625801522823684
.pubmatic.com/	1970-01-20 23:46:18	Name: PugT Value: 1724586427
.tofeliq-jour.online/	1970-01-21 07:48:42	Name: _bti Value: %7B%22app_id%22%3A%22toefl%22%2C%22bsin%22%3A%22ctpsbLur2VWqU6KVZdo077Y4tlc3HIFrqp5yfaorV7K5VTP4iRWqqqKB23EqMCvxe%2BBp7AA4d%2BIzR78zWJ%2BGIA%3D%3D%22%2C%22is_identified%22%3Afalse%7D
.media.net/	1970-01-21 07:47:16	Name: data-rk Value: 968625801522823684~~3
.doubleclick.net/	1970-01-21 08:39:06	Name: IDE Value: AHWqTUkeii3fIOV1v9zva6KiKXFVS8tVbcYOqmGLGnxcV4e9tGcH0wgQQ750PYPTPyU
.media.net/	1970-01-21 07:48:42	Name: visitor-id Value: 3675880277331446000V10
.dpm.demdex.net/	1970-01-21 03:22:18	Name: dpm Value: 27178289761541331162459467910739207925
.demdex.net/	1970-01-21 03:22:18	Name: demdex Value: 27178289761541331162459467910739207925
.bidswitch.net/	1970-01-21 07:48:42	Name: tuuid Value: cf87b002-abc4-46a3-9648-6d355c9e2199
.bidswitch.net/	1970-01-21 07:48:42	Name: c Value: 1724586427
.bidswitch.net/	1970-01-21 07:48:42	Name: tuuid_lu Value: 1724586427
.liadm.com/	1970-01-21 08:39:06	Name: lidid Value: 490add18-dad0-474d-83a3-dc3d0fee7359
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBMQ5AMBQG4MXkDK5QaX-vr61NqIhBgskkynMEdif3fXlh2iaucXpwje7VQ5r3bukjfDzS9mXuFiKdTq9EQIpMIOWlghKu7guBkwlHbRzIeiZwCa1hLf91oxw2WAAAAA
.rfihub.com/	1970-01-21 08:24:42	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129SszSvEyLzfwSAqMdwlyczWycE1MigziNTQ3MjG1MDMxMjc3NJzFiMQ3MDDbhMbfhcY_hcZ_hcb_hcafxITKX4TGX4XG34Quz4LKv4XMNzI12cSK5l5uNPuFzdNSTUwMkpItdFNTjUx0TQwtTXQtUo2NdFPNjNNSjCzNkgwtE63gmsz0jAwMjExNzWYJI5lkaW62CJVv_kgY1SYAL79PIXcBAAA
live.rezync.com/	1970-01-21 08:24:42	Name: sd-session-id Value: .eJwNykkOgzAMAMC_-EyqxHFcJ59BLEaKWtIKw6WIv5fjSHNC_9VtHZq2Hcq-HdrB9K63DMoJVn-rvqBAZmFM4kNCFIwsBFcHpmb10_o632VRIj9O4lSRHIVMTjSiU47LjJnHkIcSnkhJmJAf6D2mxHD9AZd_JXM.ZssZvA.-yBoOROQXoiJRSKZqQrIHTQI8Ho
.brand-display.com/	1970-01-20 23:03:08	Name: _knxcv_ Value: f9db2a063535de85af8f40b24da323d2205cf281_1724586428
.brand-display.com/	1970-01-20 23:03:08	Name: _knxp_ Value: 45381d01
.linkedin.com/	1970-01-21 01:12:42	Name: li_sugr Value: 1e0ebc32-2e85-4427-8df4-acbf81571148
.linkedin.com/	1970-01-20 23:46:18	Name: UserMatchHistory Value: AQJ10aRazYhqGgAAAZGJXIeqfwLFC_4zCd-BS9zGVukaftgen5YvgVnx-wdG39D31hlHAroKEo9E4Q
.linkedin.com/	1970-01-20 23:46:18	Name: AnalyticsSyncHistory Value: AQLbS7xyvsZIwgAAAZGJXIeqVPCHBM7pDldP7p6Spve6HDmxfF6olBgLTuY6qV0c8nHEnOwbjlyOHAgdFSkTog
signin.tofeliq-jour.online/	1970-01-20 23:46:18	Name: _knxcm_ Value: googleT1724586428.0004T1724586428.0005T1724586428.0006T1724586428.0008T1724586428.0010T1724586428.0011T1724586428.0013T1724586428.0015T1724586428.0016T1724586428.0011T1724586428.0017T1724586428
.eyeota.net/	1970-01-21 07:48:42	Name: mako_uid Value: 191895c88e1-a8e0000010a4b24
.openx.net/	1970-01-21 07:48:42	Name: i Value: 89876de2-adcc-42df-9e40-7d81924c57bb\|1724586428
.eyeota.net/	1970-01-20 23:03:07	Name: SERVERID Value: 19236~DM
.bluekai.com/	1970-01-21 03:28:04	Name: bku Value: Jqx99n6j0tRYeCAV
.bluekai.com/	1970-01-21 03:28:04	Name: bkpa Value: KJ0WpLam90Wx9BYFZ58Lk8Ao61wsS9iJX5ppOCQSJNA3RE7GldLJdLsfceggCS6hfkPkBUnn+0GwpTFph1ZTkathPv8R0eQbf5o6grR63rCRFIqLO29qR9u16FG8MduDa2sMfI7lUnTqRYyB9Vw3YCifd+x5vwR68g1mGn9LYywSgQ/D9ckfd2pr2TX9Sw1evwhnt3jh0a5FsqNNdez9I6zXd9==
.lijit.com/	1970-01-21 07:48:42	Name: ljt_reader Value: JOGDAQZHQLs-0JSGQQ6I9GJU
.lijit.com/	1970-01-21 07:48:42	Name: _ljtrtb_26 Value: cf87b002-abc4-46a3-9648-6d355c9e2199
.www.linkedin.com/	1970-01-21 07:48:42	Name: bscookie Value: "v=1&202408251147090188522f-da61-4547-857b-ce4882249785AQHjD9fpE_uBlOsBnqnUik-waQDeH6dg"
.adnxs.com/	1970-01-21 01:12:42	Name: anj Value: dTM7k!M4.FCxrEQF']wIg2In6kt:uU!tL<Ae'Q`=Z<dy^=mP`H6qX4bkLk#f<5t+G/`!Rly^ok5)uCz3jJaSD168<l]rgl!_6-zQEVk`!/JyDBUAf
.rlcdn.com/	1970-01-21 07:48:42	Name: rlas3 Value: eRm2rtcFkZ7cuzbk76BA1+0maD2vFyfBDKjBnBE9hB8=
.rlcdn.com/	1970-01-21 00:29:30	Name: pxrc Value: CL2zrLYGEgUI6EcQAA==
.tapad.com/	1970-01-21 00:29:30	Name: TapAd_TS Value: 1724586429977
.tapad.com/	1970-01-21 00:29:30	Name: TapAd_DID Value: d21d92f3-f372-409f-b476-8fcb6deb46a4
.pippio.com/	1970-01-21 07:48:42	Name: did Value: pL6nLcWeFu4C-snw
.pippio.com/	1970-01-21 07:48:42	Name: didts Value: 1724586430
.pippio.com/	1970-01-21 00:29:30	Name: nnls Value:
.pippio.com/	1970-01-21 00:29:30	Name: pxrc Value: CL6zrLYGEgYIgr0rEAA=
.contextweb.com/	1970-01-21 07:41:30	Name: V Value: W0DusnpPOPsR
.contextweb.com/	1970-01-21 07:41:30	Name: VP Value: part_W0DusnpPOPsR
.contextweb.com/	1970-01-21 07:48:42	Name: pb_rtb_ev Value: 3-1t9i\|8eq.0.d2234e82-e64c-f775-edb1afde
.contextweb.com/	1970-01-21 07:48:42	Name: pb_rtb_ev_part Value: 3-1t9i\|8eq.0.d2234e82-e64c-f775-edb1afde
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 99900d040bf33a48
.adsrvr.org/	1970-01-21 07:48:42	Name: TDID Value: 2588fe98-daaf-471b-bca1-8f0c99a740b1
.adsrvr.org/	1970-01-21 07:48:42	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiM9Mr8tcGiPRAFGAUgASgCMgsIrrX8qMzBoj0QBTgB
.tapad.com/	1970-01-21 00:29:30	Name: TapAd_3WAY_SYNCS Value: 1!5723
.brand-display.com/	1970-01-21 08:39:06	Name: _knxq_ Value: d2234e82-e64c-f775-edb1afde.1724586428.2.1724586433.1724586428
.tofeliq-jour.online/	1969-12-31 23:59:59	Name: rxvt Value: 1724588233901\|1724586425692
.tofeliq-jour.online/	1969-12-31 23:59:59	Name: dtPC Value: -56$186425683_529h-vVCUBTPGHANKFEKAPOMAHJOBEKQNRFJPF-0e0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: T
.clarity.ms/	1970-01-21 08:24:42	Name: MUID Value: 0E343A5E30DC6D8923092EB834DC63DB

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://signin.tofeliq-jour.online/ereg/framework/js/lib/jquery/jquery-3.3.1.min-a09e13ee94d51c524b7e2a728c7d4039.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/framework/js/lib/jquery/jquery.validate.min-93c1dd8416ac2af1850652d5b620a142.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/framework/js/lib/bootstrap/bootstrap.min-5869c96cc8f19086aee625d670d741f9.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/framework/js/lib/store.min-c869dd492813da656089d7a02d2c29a0.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/img/svg/icons/information-orange.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/img/svg/icons/caret-circle-up.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/img/svg/icons/caret-circle-down.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/img/svg/illustrations/login.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/assets/images/ets-logo-sm.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/img/svg/icons/caret-down.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/css/fonts/font-awesome//fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/css/fonts/font-awesome//fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/css/fonts/font-awesome//fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://signin.tofeliq-jour.online/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://signin.tofeliq-jour.online/ereg/img/svg/icons/caret-down.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/img/icon/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/img/icon/favicon-16x16.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/img/icon/favicon-96x96.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signin.tofeliq-jour.online/ereg/img/icon/android-icon-192x192.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20842913p.rfihub.com
709-zco-379.mktoresp.com
a.rfihub.com
acdn.adnxs.com
analytics.tiktok.com
assets.adobedtm.com
bat.bing.com
bc.ad.daum.net
bh.contextweb.com
c.bing.com
c1.rfihub.net
cdn.boomtrain.com
cdn.brand-display.com
cdn.segment.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
dmp.brand-display.com
dsum-sec.casalemedia.com
events.api.boomtrain.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idaas-signin-sdk.ets.org
idsync.rlcdn.com
live.rezync.com
maps.googleapis.com
match.adsrvr.org
munchkin.marketo.net
people.api.boomtrain.com
pippio.com
pixel.tapad.com
px.ads.linkedin.com
secure.adnxs.com
signin.tofeliq-jour.online
smetrics.ets.org
snap.licdn.com
sync.taboola.com
t.clarity.ms
t1.daumcdn.net
tags.bluekai.com
td.doubleclick.net
tr.brand-display.com
us-u.openx.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
c.bing.com
signin.tofeliq-jour.online
104.18.36.155
107.178.254.65
108.138.106.60
108.138.128.75
13.107.246.40
13.107.42.14
13.226.38.199
141.226.224.48
142.250.176.206
142.250.72.104
142.250.80.34
142.250.81.226
142.251.40.138
15.197.193.217
150.171.22.12
150.171.29.10
151.101.65.108
157.240.241.1
157.240.241.35
18.173.132.108
18.173.219.102
18.173.219.34
192.28.144.124
194.164.74.181
198.148.27.131
199.38.167.130
20.114.189.70
211.249.221.187
23.197.253.128
23.200.3.19
23.201.174.204
23.204.6.193
23.44.111.19
23.44.201.247
23.51.57.57
34.111.113.62
34.160.19.107
35.171.12.219
35.211.178.172
35.244.154.8
35.244.159.8
44.240.118.251
52.201.14.138
52.6.57.171
54.197.140.34
54.92.162.110
63.140.37.206
68.67.181.211
03321f63f48345121dcb4e77acfa15a95e3e60abc33018db6a3dbafd47003ef1
06ce677157edeedce05ddac4cdb623c8674fce603ddc9a6e6cc34b496b6e1898
07fa55d6be450cf11df50dbabd1160f3661bbe0e8e4e7e73b67d4e74a0d3add3
0b5fd920552054bc1c533c2618928757fecedd2fb2a8b6db9dd54963190adec7
0dcdc9c535c6384117dc5b8124a1b6bf3eabcdd1bc519e251c10863bc64daf5a
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
167388a9bc2d9e6533ae2665a52f50b9446da3bf6dbc4c079aed485f319b35e2
17e9647ba0500f0df9056f07b8c3ce10470d9fb57522b8434b8bfaeaa2eef5b8
18d2c00cf33ae823f8505681ba26e6629c5c68623bd15378bf35530c0c049de8
19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d
1aa445405524747b8444552f50d91ee385d2721114f544cf2dea45b59ed3b239
1b0ce0dd90e808eb95866b3179d722f148d2a4e865faa7d2c6e5f84cffe78ff4
1bce8be7db8e2ffb5f62d08f0b8cc8e056659fee06685b3a7fa677d7cea96ecc
22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69
253d4883e798e5c798b2780bff88f031fa2dbda201fbf00b40959a6d7637aa6c
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4
2a282da4afc3033b4b497a18840a93a1eaef11639f7a7648b78c9e24008334e8
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
372fbf94fbbd119e51fd01ab8b8e327b1800dd5472367704f162bc0f3c9a61b7
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46187eb85409f20571c72a97a01fcc3de8d999466e2a85b56cf7c4032b58d16e
4b027670334f092a6046950b2d029a4402fa119344923513de8656b813f67baa
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
54fd199553d287d6251b8c37f1fc31c41df8750ce92038127ac287537ad1f8c3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a1d2beb838b478f10f463a7b9e6cdb3547c7aaa745acee67c8238fcaadba1a1
5b23409d9bd042792d060a61a128ace0c26d3f00498d540f361f743847c185d8
5f5c4d24a9794ee295fc944cd0d4f9110690ae29ce2a56446521d1e2c7267a9d
5fe9fe26cf57bb689e83eb4c5db439056cadfbe58613a366aeaa6135e3402573
656a52042984252a9e00e85bd93372763e997d81eb578f6274e332aae1a63a65
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6946da14dfa0459d6d23d7ffc71766404725eafd265b02316faeb6d7b7444779
75b50911650cfe34e0456becc9126be07f0e075accd663a74e5b46afba470bd3
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
80141ca7ea9bffcfd1620fb0fe2fddba6f8c75a897a9e69fbfd53d1aca3f2f5b
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
86d73e4c052e886cd6998c9422257f8c5d7e3e1b7b8f949cd6489cb15e37ae15
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
988cfc16fb729b5606cb7b6c7a946ff5d0c2aac93ecabad1455a15e0a13f9449
a1f80ad7ddeaf7cae12ca92666f090bfa4754e1249557ec413814791e13b7fef
a27900f2a64161d5b934a683cb3122ee8a1c145edd26a28a80acd5ab2e20191d
a5b748e3b742899ee89e4e8e4d78f195b985293fdf8a64dde2a3160e9f8aad72
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
a8d5271df489784ecd6028685f0e3102a8b729bd9218f7290e94061a5c54f61e
a9fe7247c10ea0b68c018c8458ffb523f2369ec181b6d0d0b7e8196d6900f1b0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
abff8222644f1450fd6c60970a5fb6dfeb5f645567534d8f635f892b0be1e46c
ac320fbc6134354ac02ac8d87ba7cee7b724672c02bb64ca231b7181e83fa1d8
acc5d865eccfcfdb1f6b31cb2b519ea0b4cfd0f27b3767ec3068e3875982a90e
acdfa728080697176bd5d0b57ad43ab599b5fb5ea565b9c76fcaeeb709c8c647
ae962bc1fc3fe5b06c8784e00055047fe00593725f8d3e517b50af0c5c63ba30
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1884859fda13a19a3333fb2875d0cfafa05aa4957d3e330dcff175614a6efee
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08
b8a9dd1279ec2f01ea2221d849538b052c9463467b2422f3a39bdebbb35a22aa
b95419c494572cd075c7ceeb77b62323ed96db47234f05993d8213e86f74a8f4
c003958ef35839ed78e2df83c558ec9fe60fc63518ddfe2723992928077cf715
c08c580d853578ddc4e07510e44f439f4a238f068cba317a32fb7f220ac11846
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccec9e02b25680da11f5c2dae0bcad75e83038ca0eb9ecd34f6ac809f71f5b8c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
d20fef5c39a29496573f320ec20c08d6f3fe386635f87de035e89d24fdd40556
d47eddc81f18e4cd29c14867b1ea549c97c1278a2ad9135e5a4a31e17aa16ae0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e269f92c2ce01cf51e6dbfe707da5626e923f7a3cb0c008204ffef429ef2e6c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e6a65dcc4d0e208cde76caf63ee77162e812acd25ce9bc07893762d1cc4d02f4
e83a6f533eacd2089bd3e2d68e5a847b4cd65c7a2fe6fb5dd7c8d569fa0e07b3
eea13fcd5aa8855c0f3a551d344ebb1ce427e0ae92f1c61f04f161bce08d8fdb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5a314d9cfbda4973bf86837324770f0cf1b39c0d65a5767ae6615f9946a11ee
f714ea8224822fa894dbfdc7ae5af50c20cee7b752c33b04a8cfb89e45c972d2
f7fe7f9c281f95a487cffe719d46fbe378a0276646e65e2d369a8f149d70dbb9
f8c7a3a77df07fa08bc893a7cce418c878801e9b6b37f866cc7f69c1823bf44a
fa383f0cfb6972f69a0c59134294ead2d24c3891bf66f5bbbe4860235e542c0f
fa78e4e9d88b73c703befb00481a6ca3b7d2cbf3473670b087cff993928fbb88
fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506
fc33a06f54a4bf19cbe2bde23159467016bd3f947ec6f3e7d656fe0937fc4643
ff2e395df532dae6700662141e954054cd5d7c07cfd79cad11573b66e5e6389b

signin.tofeliq-jour.online Open in urlscan Pro 194.164.74.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

172 Requests

90 %HTTPS

0 %IPv6

37 Domains

50 Subdomains

41 IPs

4 Countries

2582 kBTransfer

9490 kBSize

76 Cookies

14 Outgoing links

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

signin.tofeliq-jour.online Open in urlscan Pro
194.164.74.181 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

90 %
HTTPS

0 %
IPv6

37
Domains

50
Subdomains

41
IPs

4
Countries

2582 kB
Transfer

9490 kB
Size

76
Cookies

172 HTTP transactions
0 data transactions