2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io Open in urlscan Pro
2a0b:21c0:b002:2:5000:edff:fe0d:98de Public Scan

Go To Rescan
Add Verdict Report

URL:
https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html
Submission: On December 03 via api (December 3rd 2024, 1:13:29 am UTC) from US — Scanned from FR

Summary HTTP 76 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 18 domains to perform 76 HTTP transactions. The main IP is 2a0b:21c0:b002:2:5000:edff:fe0d:98de, located in Amsterdam, Netherlands and belongs to ZEN-ECN, US. The main domain is 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io.
TLS certificate: Issued by E6 on October 16th 2024. Valid for: 3 months.

This is the only time 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2a0b:21c0:b00... 2a0b:21c0:b002:2:5000:edff:fe0d:98de	21859 (ZEN-ECN) (ZEN-ECN)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
6	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
5	2.18.64.15 2.18.64.15	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2600:9000:223... 2600:9000:223c:ee00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	91.228.74.244 91.228.74.244	16509 (AMAZON-02) (AMAZON-02)
3 6	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
3	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
76	25

29 2a0b:21c0:b002:2:5000:edff:fe0d:98de (Amsterdam, Netherlands)

ASN21859 (ZEN-ECN, US)

2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f136.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ee00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)

pixel-ssn.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.166 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

10304459.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6785438.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	icp0.io 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io	6 KB
10	doubleclick.net 3 redirects 10304459.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 145 6785438.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	2 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	820 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	91 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	138 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1536 pixel.quantserve.com — Cisco Umbrella Rank: 1059 pixel-ssn.quantserve.com — Cisco Umbrella Rank: 51440	11 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	215 B
2	bing.net bat.bing.net — Cisco Umbrella Rank: 8327	464 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	74 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 359	15 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108
1	google.fr www.google.fr — Cisco Umbrella Rank: 24137	63 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1552	1 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 991	722 B
1	t.co t.co — Cisco Umbrella Rank: 904	630 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1016	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	811 B
0	freshmarketer.com Failed cdn.freshmarketer.com Failed
76	18

	Domain	Requested by
29	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
9	www.googletagmanager.com	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io www.googletagmanager.com www.google-analytics.com
5	analytics.tiktok.com	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io analytics.tiktok.com
5	www.google-analytics.com	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io www.google-analytics.com
4	10304459.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	ad.doubleclick.net	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
2	6785438.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.facebook.com	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
2	bat.bing.net	bat.bing.com 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
2	connect.facebook.net	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io connect.facebook.net
2	bat.bing.com	www.googletagmanager.com bat.bing.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.fr	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pixel-ssn.quantserve.com	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
1	pixel.quantserve.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	analytics.twitter.com	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
1	t.co	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
1	secure.quantserve.com	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
1	static.ads-twitter.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	fonts.googleapis.com	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
0	cdn.freshmarketer.com Failed	2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
76	25

This site contains no links.

Subject Issuer	Validity	Valid
boundary.dfinity.network E6	`2024-10-16` - `2025-01-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
quantserve.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-11` - `2024-12-10`	3 months	crt.sh
t.co E6	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-19` - `2025-08-18`	a year	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.fr WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html
Frame ID: E87E2F8819B91416C339719F0649A2A7
Requests: 72 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Frame ID: E183173BEE418BFA4716A3DCB4C87FFF
Requests: 1 HTTP requests in this frame

Frame: https://10304459.fls.doubleclick.net/activityi;dc_pre=CPm84fm1iooDFXOW_QcdMqc2yQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=3116728413290;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1841359384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html
Frame ID: ADDC2E4D8FDD59106B330EECC077CB51
Requests: 1 HTTP requests in this frame

Frame: https://6785438.fls.doubleclick.net/activityi;dc_pre=CPGr5Pm1iooDFe6c_QcdDk8bZg;src=6785438;type=mwebe0;cat=opens0;ord=1352712560128;npa=1;auiddc=744530874.1733188405;ps=1;pcor=390145157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html
Frame ID: D7D6718A3CCEAE05F3843EF7F363A8B9
Requests: 1 HTTP requests in this frame

Frame: https://10304459.fls.doubleclick.net/activityi;dc_pre=CO679_m1iooDFfmP_QcdKZUiuQ;src=10304459;type=mwebs0;cat=tmi_m00;ord=6595459487769;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1523926541;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html
Frame ID: C44BB0BD57FC52B40247B5CE88218C72
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MWEB Homepage

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

76
Requests

96 %
HTTPS

46 %
IPv6

18
Domains

25
Subdomains

25
IPs

6
Countries

1174 kB
Transfer

3741 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://pixel.quantserve.com/pixel;r=379145815;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733188404977;tzo=-60;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2Fmweb-blue-bg%252Ejpg;ses=7935bb5a-9497-4b22-acf3-dc7b1e384020;d=icp0.io;uht=2;fpan=1;fpa=P0-2072716474-1733188404980;pbc=;gdpr=0;mdl= HTTP 302
https://pixel-ssn.quantserve.com/pixel;r=379145815;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733188404977;tzo=-60;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2Fmweb-blue-bg%252Ejpg;ses=7935bb5a-9497-4b22-acf3-dc7b1e384020;d=icp0.io;uht=2;fpan=1;fpa=P0-2072716474-1733188404980;pbc=;gdpr=0;mdl=;dip=5f239712-302a-4f6b-8187-80989d2c5b72

Request Chain 56

https://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m000;ord=3116728413290;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1841359384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html HTTP 302
https://10304459.fls.doubleclick.net/activityi;dc_pre=CPm84fm1iooDFXOW_QcdMqc2yQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=3116728413290;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1841359384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html

Request Chain 60

https://6785438.fls.doubleclick.net/activityi;src=6785438;type=mwebe0;cat=opens0;ord=1352712560128;npa=1;auiddc=744530874.1733188405;ps=1;pcor=390145157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html HTTP 302
https://6785438.fls.doubleclick.net/activityi;dc_pre=CPGr5Pm1iooDFe6c_QcdDk8bZg;src=6785438;type=mwebe0;cat=opens0;ord=1352712560128;npa=1;auiddc=744530874.1733188405;ps=1;pcor=390145157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html

Request Chain 72

https://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m00;ord=6595459487769;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1523926541;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html HTTP 302
https://10304459.fls.doubleclick.net/activityi;dc_pre=CO679_m1iooDFfmP_QcdKZUiuQ;src=10304459;type=mwebs0;cat=tmi_m00;ord=6595459487769;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1523926541;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ui-icons_555555_256x240.png.html Show response
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ 9 KB
5 KB 332ms
281ms Document
text/html 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

a37f2f8b4b906ca126b42f2d5c3a9c7091bc6868cbd9da8a2f2c829a6e0cc467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
content-encoding: gzip
content-length: 2813
content-type: text/html
date: Tue, 03 Dec 2024 01:13:23 GMT
ic-certificate: certificate=:2dn3o2R0cmVlgwGDAYMBggRYIKZa+jjiJCKIY6ieu3PP5Vz5wLXmyPh1bDmIzXg5dl6LgwJIY2FuaXN0ZXKDAYIEWCCgfK3xmTfXbEgBeu+hLPpfXLqyWjOjDvFr8XgrkiF3XoMBgwGDAYIEWCCcuCEd6IDdYMc0PLL65ccmumJIbApuugzHSWHPfKNJjoMBggRYIOBk1RIP9dEthvK/XgZQI8pME7Ex0srw8YrYVKo8bruqgwGDAYIEWCDbM7LGf79MPvQRGQ8iEvGId04BkajGuIkbt0YVk9b0yIMBgwGDAYIEWCDCCPEfQN78MwahIXIYxHXTJzIymRyndWMLsTl6V8IAEIMBggRYICz0vP0/UL0eFaeeapBO3bKaWxTU97rG8Mkbo+LeN22JgwGCBFggqLzklFtQCJrvthgBMngZZ4VloL+1pnOjC2gcv0qWsOKDAYMCSgAAAAAAcCxiAQGDAYMBgwJOY2VydGlmaWVkX2RhdGGCA1ggmIEC2I/ZNbz5pwcLi1kTAOPgIHPZvBypRm+OIOQLvrmCBFgg+k3LTMt6nrDVkoFLyoQGbHVQYSJQwGFCByw2mT6lQvaCBFgghRIZEuCkjWKLmBvxtxGAx07lW7hQvAmgDwtWjYnPX4qCBFggwLq47GxHYj0idNguloe/MQncyBVMf1XTvOTamme78EuCBFggMTVdXx/gRt77jMF7hYBF0JXGMpgm70SBluqgBfjJWDiCBFggJe7CLk11qDQkYoYYVd2hCwuz0B1QBHVCJTzwIcnD+aGCBFggTFRjFO4llwDPNTngquRJiOd9Gb6Od9NsN8PlHT5HU9+CBFggnu02UA8ildxzpDVopzdP4sqQLzWwpBSz8T36zbnWuNuCBFgg1muQLcC6KmWkMLNnAQlfw8wjSM0WwuQMHUH8PrGv5+mCBFggq1tsg6Lyf7V4arofDnM1+Z5OAtahL+nX6i5bJv6AABaDAYIEWCAOoqhNHhx9C+4QHJ7JdeIWdoR16ndLGqz0zBwoMuH7WoMCRHRpbWWCA0n7uZrptbXhhhhpc2lnbmF0dXJlWDC2A1JrGIWhlmhPHdp/VvZGpsH4XH0nK7I5AnZwaM12+sfSnMuO/YM4FwPc6hDTdRBqZGVsZWdhdGlvbqJpc3VibmV0X2lkWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AmtjZXJ0aWZpY2F0ZVkCfdnZ96JkdHJlZYMBggRYIBrbhA7mYy7wMO66lX126DSsuF+Ngjm01UGAz2sUViFngwGDAYIEWCB1nwSr5NEEZzGzQRYB/oIBGHXwG82RImx20Mb4lDWxg4MCRnN1Ym5ldIMBgwGDAYIEWCA6DNT3kKu1QgxjepJySMeoMhLjqlOvjjW4B0ihByZGD4MBggRYIEZqcChs+azpgBylPiKvbuBZoJT9YEmGBtSEtoVAWDB9gwGCBFggPKLFVJCdOfm7gxBgwjXXo6/tTocHi9j5w2KgLNZb9HyDAYMCWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AoMBgwJPY2FuaXN0ZXJfcmFuZ2VzggNYG9nZ94GCSgAAAAAAcAAAAQFKAAAAAAB///8BAYMCSnB1YmxpY19rZXmCA1iFMIGCMB0GDSsGAQQBgtx8BQMBAgEGDCsGAQQBgtx8BQMCAQNhAJVfUvc8LexZpjeylOULk0211t4p5zu8+E59hqSsQbrXtTn5gXreiRaWHZ3Wv5JXAQ1YVxVuj+aq/Pb9BoeV5wvTOZs0ETAMnMyOug0GjBDkz7b04n0ZWx6teF1hjrOTuYIEWCBMuWZ8ICOS8cNBrUdjkIDhpwYyp2HSspVRssQmTfercYIEWCBpYe8TfCruCwRnCC7208EsA+kwE7YCpMtiFCcOSEhj8YIEWCAAp8nYgLDLSZmLK6EPoYiBh2aldjVUP8E0OPG5c5IR04MCRHRpbWWCA0nC4ZvurPHghRhpc2lnbmF0dXJlWDCGFC6oHYPSDb89Mm7pRGfRetyO/3HhB/FRWObetB5DOjJV2kzgVd0Ave1o0ZHgHGA=:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYIEWCCD6Rn25Ps7zsUIIaqc4Smqta1kae8850xCmFGnOQDPiYMBggRYIAGb767MZpjqChWdFSyndmWdysbz92RwGBmWvgIYZ7DegwGCBFggzJgiZ2orND8/DSB2EpAbSZAFmd5Luke+BOk8h6UG17WDAYIEWCBtnjr5kPWCawJtICEUtqfkpmCF/itOKK/eZoHD8p8JrYMBggRYIHRYnfb6BKjB3Hxck1J2RCInMVOjUyppLphmR+g+CR/TgwGCBFgg5/F6JeB+/l7aYUOKafrs4W9u7yeJDv3C7mkP5z6d8xaDAYMBggRYIAlZg+WfYEh1kBwKduoE3Y2muJT63L5Oc563e5J39ulGgwGCBFggQUPsnM6OThsEXSwWr8UTP8Q0rzjDgzQVvyhtKBwowl2DAYMBgwGCBFggz9MIdanfdSwKPDr3g9u0jvZ9mb7jwuLqclsiOpKHGpKDAYMCWCYvbXdlYi91aS1pY29uc181NTU1NTVfMjU2eDI0MC5wbmcuaHRtbIIDWCCjfy+LS5BsoSa0Ly1cOpxwkbxoaMvZ2oovLIKabgzEZ4IEWCDxORMEwtFEQ+Z/PZsdqe+h3PwmTqG2rfabs8v81/5NR4IEWCDlGLiCC0zMh3sBxEJgaxhjT3MmLCH7uZYAYef1V7XploIEWCCvEIBzSItUmzpu8zW0AuTXp+PMNft0r5BjKkZikPnXG4IEWCBecsd8JBziSxArEaxMhz9TfSabk+7A+jkkZqoMdw6w+w==:
strict-transport-security: max-age=31536000; includeSubDomains
vary: origin, access-control-request-method, access-control-request-headers
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
x-request-id: 01938a14-41d0-79e0-9e0c-6b20f1a429fb

GET
H2 500 all.min.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/FontAwesome/v5.14/css/ 0
0 55ms
50ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/FontAwesome/v5.14/css/all.min.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-42f5-74f3-989d-1753f3cbff0c
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 bootstrap.min.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 0
0 81ms
77ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/bootstrap.min.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-42f5-74f3-989d-174b77cb7e16
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 bootstrap-slider.min.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 0
0 82ms
77ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/bootstrap-slider.min.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-42f5-74f3-989d-1794d6581eca
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:24 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 jquery-ui.min.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 0
0 267ms
263ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/jquery-ui.min.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-42f5-74f3-989d-17a2281bc2ff
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 200 icon
fonts.googleapis.com/ 569 B
811 B 160ms
56ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 01:13:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 01:13:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 500 styles.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 0
0 51ms
47ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/styles.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-42f5-74f3-989d-17711687702d
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 mweb-custom.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 0
0 59ms
56ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-custom.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-42f5-74f3-989d-17bf73c5d6f3
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 rebrand-june-2020.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 0
0 290ms
286ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/rebrand-june-2020.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-42f5-74f3-989d-1782af0f4307
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 main.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 0
0 51ms
48ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/main.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-42f5-74f3-989d-176fb433a1a0
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 order-summary.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 0
0 128ms
124ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/order-summary.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-42f5-74f3-989d-17ddf316a027
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 login-register.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 0
0 294ms
290ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/login-register.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-42f5-74f3-989d-17cbb9f9cad5
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 customer-info.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 0
0 630ms
627ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/customer-info.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-95ba740376d6
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 order-confirmation.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 0
0 319ms
316ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/order-confirmation.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-95c4f53b9366
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 dashboard.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 0
0 177ms
174ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/dashboard.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430f-72c0-8bf2-faab17a4e81a
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 sales-order-tracking.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/ 0
0 156ms
153ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/sales-order-tracking.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-965fa7482810
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 flags.css
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/ 0
0 73ms
70ms Stylesheet
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/flags.css

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-966c2151b073
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 mweb-loader-2020.gif
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/media/images/ 51 B
51 B 153ms
150ms Image
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/media/images/mweb-loader-2020.gif

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

2c07efd1f26aa5c9fb83bdd0fdd03093570c5456ce4d51d01205bf068160bd27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-95d19d1fd93a
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:24 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 jquery.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 0
0 152ms
150ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery.min.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-95e184c9b45c
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 popper.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 0
0 150ms
148ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/popper.min.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430f-72c0-8bf2-fa757523a5bd
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 bootstrap.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 0
0 91ms
90ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/bootstrap.min.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430f-72c0-8bf2-fa8e585f27b7
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:24 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 jquery-ui.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 0
0 56ms
55ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery-ui.min.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-95f2d6d3c45b
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:24 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 stickyfill.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/vendor/ 0
0 89ms
87ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/vendor/stickyfill.min.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-9648de459a38
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 jquery.ui.touch-punch.min.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 0
0 86ms
85ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery.ui.touch-punch.min.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-96052dd91ca1
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 mweb_pollyfills.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/ 0
0 270ms
269ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/mweb_pollyfills.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-95adbba85f9d
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 164ms
63ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-51279388-1

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adf0c2d3989165029783355292fce29f08bc1715d772f03e7d92a04ddd78983a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 01:13:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77335
x-xss-protection: 0
server: Google Tag Manager

GET
H2 500 runtime-es2015.0692c2471bd6c4971612.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/ 0
0 70ms
68ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/runtime-es2015.0692c2471bd6c4971612.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-96155844afe8
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 polyfills-es2015.77fe35c7126b5bfe4482.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/ 0
0 106ms
104ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/polyfills-es2015.77fe35c7126b5bfe4482.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430f-72c0-8bf2-fa9ddfed0784
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 styles-es2015.5cfc0694cc2b754e769c.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/ 0
0 83ms
82ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/styles-es2015.5cfc0694cc2b754e769c.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-96293b93d1e9
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 500 main-es2015.40e7d0dc7ea88a1ab3a7.js
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/ 0
0 291ms
289ms Script
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/main-es2015.40e7d0dc7ea88a1ab3a7.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-430e-7f60-b519-963277a4ccd4
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:23 GMT
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 617 KB
152 KB 98ms
97ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

566135ca464dbdf20a62496982f4decc6e273e8f39b5b2d314440935273c95d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 03 Dec 2024 01:13:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 155264
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
22ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: gzip
age: 175
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 03:10:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:10:29 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 192 KB
70 KB 31ms
31ms Script
application/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W5WQJV9&t=gtag_UA_51279388_1&cid=1511190010.1733188405

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91f1de1ae6a0ab63661f1514da44522b4f291c0f51b305ed3f2d6750f1f14fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1073:0"}],}
expires: Tue, 03 Dec 2024 01:13:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1073:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 70695
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
406 B 39ms
38ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1325995266&t=pageview&_s=1&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&ul=fr-fr&de=UTF-8&dt=MWEB%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAACAAI~&jid=1727052109&gjid=1690063903&cid=1511190010.1733188405&tid=UA-51279388-1&_gid=340889051.1733188405&_r=1&gtm=457e4bk0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&npa=1&z=718936249

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 151ms
55ms Ping
text/plain 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&scrsrc=www.googletagmanager.com&frm=0&rnd=2133793483.1733188405&auid=744530874.1733188405&npa=1&gtm=45He4bk0v6583067za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733188404763&tfd=1163&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 400 KB
130 KB 72ms
68ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

06250128c054abb1f530f8e76b03712b8e516b4635a0c5bd892ad9f4a099f2d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 01:13:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132672
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
26 B 55ms
54ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1325995266&t=pageview&_s=1&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&ul=fr-fr&de=UTF-8&dt=MWEB%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAACAAI~&jid=847369986&gjid=1306843329&cid=1511190010.1733188405&tid=UA-51279388-1&_gid=340889051.1733188405&_r=1&_slc=1&gtm=45He4bk0n71588RWDv6583067za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=1912821300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 76ms
24ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15926
date: Tue, 03 Dec 2024 01:13:24 GMT
x-tw-cdn: FT
last-modified: Tue, 29 Oct 2024 00:10:26 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000084-IAD, cache-fra-etou8220112-FRA
x-amz-server-side-encryption: AES256

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 228 KB
82 KB 84ms
83ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-6785438&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

b0cafc12924cf219f1e393c3051ba629dd8331fd86561c83d85c290ccd81d576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 03 Dec 2024 01:13:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83686
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 228 KB
82 KB 68ms
68ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10304459&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

86056cda6990ce0e9d166d8359a07f09fb3ecb5a6f699e829772c1cf1128e72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 03 Dec 2024 01:13:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83681
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 85ms
34ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A7E8631E08C4443A9101A7A04D8EEE6 Ref B: PRAEDGE1407 Ref C: 2024-12-03T01:13:24Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Tue, 03 Dec 2024 01:13:23 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET 1405338.js
cdn.freshmarketer.com/454157/ 0
0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 87ms
26ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "mLYq618hJoRcW1Crupr2OQ=="
expires: Tue, 10 Dec 2024 01:13:24 GMT
accept-ranges: bytes
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 178ms
118ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C82FSI868TKSFI88NQE0&lib=ttq
Requested by: Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fda5fee1c65ff055396a945bc28e3a840d03de21926fbd0305083788551e6a0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: gzip
expires: Tue, 03 Dec 2024 01:13:24 GMT
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=93
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 8d9b28d1
x-tt-trace-host: 0181511fb3568f58a108d60866ca68f1a252037409315de24f6c52f192c4c7c9ec8f0db1ffb97d00a333231a4bb5064341021b99c5d91f9d0fb2b0fc1069e25d0956f0432cd0ae76866180ae04a07711ba83da340e8c59dfda05a1ab45d12dcf1a
x-origin-response-time: 93,2.20.179.90
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24120301132467B99A4D027B3699BC37-07BC548961DE317F-00
content-length: 1815
x-tt-logid: 2024120301132467B99A4D027B3699BC37
server: nginx

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 59ms
30ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-3kDT2PsC' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3kDT2PsC' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4428, tp=9, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: qTT0UFnQCCxi7it/3O3NSMxhSMYw7Iap9uA9dtIhrSU4hPNHqG040Y+IpHSzIx4TdHeKorLr09TIW8yhRv3IBQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
38 B 54ms
54ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1325995266&t=pageview&_s=1&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&ul=fr-fr&de=UTF-8&dt=MWEB%20Homepage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAAUADQAAAACAAI~&jid=479848326&gjid=1777527477&cid=1511190010.1733188405&tid=UA-51279388-5&_gid=340889051.1733188405&_r=1&_slc=1&gtm=45He4bk0n71588RWDv6583067za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=75756824

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

4938bb39e07470f2bf908e6c693dd5b44bea2677aa8afff74de7898f68b3c336

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame E183 0
0 146ms
47ms Document
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 01:13:06 GMT
expires: Wed, 03 Dec 2025 01:13:06 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
101 KB 89ms
88ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5L6YQ6FMF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

bca57eac96bbfc696154a43edf4e253578b78e564c507062ac99033bd0286c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 01:13:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103598
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 adsct
t.co/1/i/ 43 B
630 B 261ms
224ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&dv=Europe%2FParis%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2632%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=bb72fec4-c796-4329-9331-b0a3c9f81cda&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=e86b384e-eb59-43e1-bbc4-34600222547d&tw_document_href=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&tw_iframe_status=0&txn_id=nxho2&type=javascript&version=2.3.31

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 359edd16c5f6fdc3
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 31851874c9c8059720fe3f7bcff549accba481bbca58b6e3bbbde16d2866e61c
cf-cache-status: DYNAMIC
cf-ray: 8ebfb1aabc162a59-CDG
x-response-time: 184
content-length: 43
date: Tue, 03 Dec 2024 01:13:25 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_f

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
722 B 189ms
143ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FParis%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2632%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=bb72fec4-c796-4329-9331-b0a3c9f81cda&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=e86b384e-eb59-43e1-bbc4-34600222547d&tw_document_href=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&tw_iframe_status=0&txn_id=nxho2&type=javascript&version=2.3.31

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: b0b213c9c9e37128
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 052372a5942a89338373fd365f38db42a13768ec3b724c211145dc20bc8710c6
x-response-time: 112
content-length: 43
date: Tue, 03 Dec 2024 01:13:24 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_f

GET
H2 200 211046735.js Show response
bat.bing.com/p/action/ 362 B
420 B 33ms
33ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/211046735.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1fc671898ad010ba690b89d83f8c813088990a6018b21818096387fe4a2c8e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 67FBCC29B94D4E4FB34C103E818B626F Ref B: PRAEDGE1407 Ref C: 2024-12-03T01:13:24Z
x-cache: CONFIG_NOCACHE
date: Tue, 03 Dec 2024 01:13:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 1554984301242335 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 123ms
122ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1554984301242335?v=2.9.176&r=stable&domain=2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

b07fd63e356952a7c94b2c096c6e37a7308d969c490417cc58eae4b43ff9ebc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-XTxfNOk4' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 01:13:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-XTxfNOk4' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=77, mss=1232, tbw=70314, tp=66, tpl=0, uplat=86, ullat=0
pragma: public
x-fb-debug: Cm0HUzdTgY2iJt3YWL1HhfzivFOq8WbSv3b6DXv4sr/BtkoAMM11eHDZGwqkX+UYubZPw256KjCKLc1ad57czA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 rules-p-7cjmQwa897H2c.js Show response
rules.quantcount.com/ 2 KB
1 KB 80ms
26ms Script
application/javascript 2600:9000:223c:ee00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-7cjmQwa897H2c.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ee00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df84a0aead96f4b065bd848f00a7678455297d68b17040c99fe4a507d64d4f29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: gzip
etag: W/"14a7994ec743a847ac238aa942388a81"
age: 1647
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: SEPCmkxGheHingtOraQShmq1ZxFNJr-1o5q2QTZbSS8bYvg8Ba-XLQ==
date: Tue, 03 Dec 2024 00:45:58 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 15:31:46 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 0
bat.bing.net/actionp/ 0
119 B 151ms
97ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=211046735&tm=gtm002&Ver=2&mid=6e3fdd6e-381d-4bcd-b918-2dc785cd953a&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 61888F9FF3804AA89B5042598EA0D056 Ref B: PAR02EDGE0910 Ref C: 2024-12-03T01:13:24Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 03 Dec 2024 01:13:24 GMT

GET
H2 204 0
bat.bing.net/action/ 0
345 B 97ms
45ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=211046735&tm=gtm002&Ver=2&mid=6e3fdd6e-381d-4bcd-b918-2dc785cd953a&bo=2&pi=918639831&lg=fr-FR&sw=1600&sh=1200&sc=24&tl=MWEB%20Homepage&p=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&r=&lt=980&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=378756
Requested by: Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 63508B9C0C284B738EF60A3960734E99 Ref B: PAR02EDGE0910 Ref C: 2024-12-03T01:13:24Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 03 Dec 2024 01:13:24 GMT

GET
H2

200

pixel;r=379145815;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html;ns=0;ce=1;qjs=1;qv=6cdb9339-2024110...
pixel-ssn.quantserve.com/
Redirect Chain

https://pixel.quantserve.com/pixel;r=379145815;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html;ns=0;c...
https://pixel-ssn.quantserve.com/pixel;r=379145815;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html;ns...

35 B
355 B

106ms
26ms

Image
image/gif

91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel-ssn.quantserve.com/pixel;r=379145815;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733188404977;tzo=-60;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2Fmweb-blue-bg%252Ejpg;ses=7935bb5a-9497-4b22-acf3-dc7b1e384020;d=icp0.io;uht=2;fpan=1;fpa=P0-2072716474-1733188404980;pbc=;gdpr=0;mdl=;dip=5f239712-302a-4f6b-8187-80989d2c5b72

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Server

91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
date: Tue, 03 Dec 2024 01:13:25 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["XIs9cXuHhiR3L4rY6hRZdQ=="],"pcode":["p-7cjmQwa897H2c"]}],"trigger_data":"1"}]}
content-type: image/gif

Redirect headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
location: https://pixel-ssn.quantserve.com/pixel;r=379145815;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1733188404977;tzo=-60;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2Fmweb-blue-bg%252Ejpg;ses=7935bb5a-9497-4b22-acf3-dc7b1e384020;d=icp0.io;uht=2;fpan=1;fpa=P0-2072716474-1733188404980;pbc=;gdpr=0;mdl=;dip=5f239712-302a-4f6b-8187-80989d2c5b72
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Tue, 03 Dec 2024 01:13:24 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["XIs9cXuHhiR3L4rY6hRZdQ=="],"pcode":["p-7cjmQwa897H2c"]}],"trigger_data":"1"}]}
content-type: image/gif

GET
H2 200 main.MTBlZWM4ZGM2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
95 KB 34ms
32ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C82FSI868TKSFI88NQE0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 61b9d2759cc84695715ac68f96a0b09ddc34ab6c471103c4f608a255ab30ea8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-24112612151347FF8737DE1435291690-6A645D38371BF008-00
content-length: 96546
date: Tue, 03 Dec 2024 01:13:25 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024112612151347FF8737DE1435291690
server: nginx
x-akamai-request-id: 8d9b2959
x-tt-trace-host: 013bfc67beaadb5f2d7dca75163ae15c84bdeac364a4dc409aa237316d103b657140e5acbb00076008d3cfb80aad798196efae608b8a4e2c1304a8572328684528e680713a368c87a799944aec6610bfd290bcdd4fa98fe312fbb517ad5da39264

GET
H2

200

activityi;dc_pre=CPm84fm1iooDFXOW_QcdMqc2yQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=3116728413290;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1841359384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
10304459.fls.doubleclick.net/ Frame ADDC
Redirect Chain

https://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m000;ord=3116728413290;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1841359384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
https://10304459.fls.doubleclick.net/activityi;dc_pre=CPm84fm1iooDFXOW_QcdMqc2yQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=3116728413290;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1841359384;uaa=;...

0
0

65ms
64ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10304459.fls.doubleclick.net/activityi;dc_pre=CPm84fm1iooDFXOW_QcdMqc2yQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=3116728413290;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1841359384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10304459&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 01:13:25 GMT
expires: Tue, 03 Dec 2024 01:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 01:13:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10304459.fls.doubleclick.net/activityi;dc_pre=CPm84fm1iooDFXOW_QcdMqc2yQ;src=10304459;type=mwebs0;cat=tmi_m000;ord=3116728413290;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1841359384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10304459;type=mwebs0;cat=tmi_m000;ord=3116728413290;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1841359384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
ad.doubleclick.net/ 0
23 B 136ms
80ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10304459;type=mwebs0;cat=tmi_m000;ord=3116728413290;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1841359384;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html?

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 03 Dec 2024 01:13:25 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"17128900425653578780"}],"aggregatable_trigger_data":[{"filters":[{"14":["10173440"]}],"key_piece":"0xa9cbb84557e718b8","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x17ef02ffdd1a85f5","not_filters":{"14":["10173440"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"11781727505768396112","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17128900425653578780","filters":[{"14":["10173440"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"17128900425653578780","filters":[{"14":["10173440"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"17128900425653578780","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"17128900425653578780","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10304459"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 58ms
24ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1554984301242335&ev=PageView&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&rl=&if=false&ts=1733188405061&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733188405055.2444313369445894&ler=empty&cdl=API_unavailable&it=1733188404886&coo=false&eid=page_1733188404575.1&rqm=GET

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4505, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 03 Dec 2024 01:13:25 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
199 B 185ms
151ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1554984301242335&ev=PageView&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&rl=&if=false&ts=1733188405061&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733188405055.2444313369445894&ler=empty&cdl=API_unavailable&it=1733188404886&coo=false&eid=page_1733188404575.1&rqm=FGET

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443987518205022934"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0ddc682c5f573a02","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["6665900523491365"]},"debug_reporting":true,"debug_key":"3117699817704797667"}
date: Tue, 03 Dec 2024 01:13:25 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: x6W81PG8lgSzYYqdZb91WdQNA+L+IakI6r1Y87B9ai3J//9n+FguU7o2WtZ1LzNWbqlt+Pts+Xa9r0Nn48cERQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443987518205022934", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=23, mss=1232, tbw=4873, tp=13, tpl=0, uplat=127, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2

200

activityi;dc_pre=CPGr5Pm1iooDFe6c_QcdDk8bZg;src=6785438;type=mwebe0;cat=opens0;ord=1352712560128;npa=1;auiddc=744530874.1733188405;ps=1;pcor=390145157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
6785438.fls.doubleclick.net/ Frame D7D6
Redirect Chain

https://6785438.fls.doubleclick.net/activityi;src=6785438;type=mwebe0;cat=opens0;ord=1352712560128;npa=1;auiddc=744530874.1733188405;ps=1;pcor=390145157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
https://6785438.fls.doubleclick.net/activityi;dc_pre=CPGr5Pm1iooDFe6c_QcdDk8bZg;src=6785438;type=mwebe0;cat=opens0;ord=1352712560128;npa=1;auiddc=744530874.1733188405;ps=1;pcor=390145157;uaa=;uab=;...

0
0

62ms
62ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6785438.fls.doubleclick.net/activityi;dc_pre=CPGr5Pm1iooDFe6c_QcdDk8bZg;src=6785438;type=mwebe0;cat=opens0;ord=1352712560128;npa=1;auiddc=744530874.1733188405;ps=1;pcor=390145157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-6785438&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 410
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 01:13:25 GMT
expires: Tue, 03 Dec 2024 01:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 01:13:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6785438.fls.doubleclick.net/activityi;dc_pre=CPGr5Pm1iooDFe6c_QcdDk8bZg;src=6785438;type=mwebe0;cat=opens0;ord=1352712560128;npa=1;auiddc=744530874.1733188405;ps=1;pcor=390145157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=6785438;type=mwebe0;cat=opens0;ord=1352712560128;npa=1;auiddc=744530874.1733188405;ps=1;pcor=390145157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;f...
ad.doubleclick.net/ 0
23 B 217ms
217ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=6785438;type=mwebe0;cat=opens0;ord=1352712560128;npa=1;auiddc=744530874.1733188405;ps=1;pcor=390145157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190365477z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html?

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 03 Dec 2024 01:13:25 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"12504411271898778241"}],"aggregatable_trigger_data":[{"filters":[{"14":["10202266"]}],"key_piece":"0x3b3834a54d9d756b","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x9cfb6946eb4b0435","not_filters":{"14":["10202266"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"6954921258500723544","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"12504411271898778241","filters":[{"14":["10202266"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"12504411271898778241","filters":[{"14":["10202266"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"12504411271898778241","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"12504411271898778241","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["6785438"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 75ms
27ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H5L6YQ6FMF&gtm=45je4bk0v9125602221za200&_p=1733188404575&_gaz=1&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=fr-fr&sr=1600x1200&cid=1511190010.1733188405&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&dt=MWEB%20Homepage&sid=1733188405&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1539
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5L6YQ6FMF&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:25 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
559 B 83ms
27ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H5L6YQ6FMF&cid=1511190010.1733188405&gtm=45je4bk0v9125602221za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5L6YQ6FMF&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:25 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.fr/ads/ 42 B
63 B 114ms
58ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H5L6YQ6FMF&cid=1511190010.1733188405&gtm=45je4bk0v9125602221za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=299006349

Requested by

Host: 2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 03 Dec 2024 01:13:25 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 79ms
26ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-85DEGRW3JJ&gtm=45je4bk0v876767749z86583067za200zb6583067&_p=1733188404575&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1511190010.1733188405&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733188405&sct=1&seg=0&dl=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html&dt=MWEB%20Homepage&en=page_view&_fv=1&_ss=1&tfd=1564
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:25 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 26ms
26ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id: 00-2411150502336335CB71727E1B0F9A9E-3A4C2EB625C2735C-00
content-length: 39512
date: Tue, 03 Dec 2024 01:13:25 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202411150502336335CB71727E1B0F9A9E
server: nginx
x-akamai-request-id: 8d9b2a05
x-tt-trace-host: 018da2afa453821b4298e998225089b0daa6890aec0793a9687d106e311ed3cfd2e8cad26c7a78d97db85dc248aeb49157eed1a2359186d4810439cc577c4561296e6a18e06372eaf46885cf3f3eeb7c3ce6a88ac3a91f21a709bfb6420463c7bd

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 140ms
138ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Tue, 03 Dec 2024 01:13:25 GMT
server-timing: inner; dur=21, cdn-cache; desc=MISS, edge; dur=6, origin; dur=109
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Tue, 03 Dec 2024 01:13:25 GMT
x-akamai-request-id: 8d9b2a0a
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0181511fb3568f58a108d60866ca68f1a252037409315de24f6c52f192c4c7c9ecfe0b0e68512ccc9cee44a2b94c55d83b3b3ae9bf54beb0888d9d94e2949f251238553669d93557da1618c1d5ed412a74f77f8e0f065a107edcd6d2969b852c89
x-origin-response-time: 109,2.20.179.90
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2412030113256FC0363F67BD2FB8B76E-023AE6C76DC782B3-00
content-length: 0
x-tt-logid: 202412030113256FC0363F67BD2FB8B76E
server: nginx

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
716 B 137ms
136ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBlZWM4ZGM2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Tue, 03 Dec 2024 01:13:25 GMT
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=5, origin; dur=107
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Tue, 03 Dec 2024 01:13:25 GMT
x-akamai-request-id: 8d9b2acd
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0181511fb3568f58a108d60866ca68f1a252037409315de24f6c52f192c4c7c9ecfe0b0e68512ccc9cee44a2b94c55d83b3b3ae9bf54beb0888d9d94e2949f251212e47255d6fa9690f128b5a36e99b8f14106f318dbaf7299697354332acef151
x-origin-response-time: 107,2.20.179.90
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2412030113256FC0363F67BD2FB8B77F-023AE6C76DC782E5-00
content-length: 0
x-tt-logid: 202412030113256FC0363F67BD2FB8B77F
server: nginx

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 287 KB
98 KB 62ms
62ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-850038554&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

eb056bc3bcae89687d156037241cdf717796a0e087a52ec1f0af7b4a99ca4769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 03 Dec 2024 01:13:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100587
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 289 KB
99 KB 66ms
65ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-966096362&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

801a1273d156b0943ad399b084a8f579f02802d8af19d00bbb5ecfb0d11cb714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 03 Dec 2024 01:13:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 01:13:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 03 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101013
x-xss-protection: 0
server: Google Tag Manager

GET 1405338.js
cdn.freshmarketer.com/454157/ 0
0

GET
H3

200

activityi;dc_pre=CO679_m1iooDFfmP_QcdKZUiuQ;src=10304459;type=mwebs0;cat=tmi_m00;ord=6595459487769;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1523926541;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
10304459.fls.doubleclick.net/ Frame C44B
Redirect Chain

https://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m00;ord=6595459487769;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1523926541;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
https://10304459.fls.doubleclick.net/activityi;dc_pre=CO679_m1iooDFfmP_QcdKZUiuQ;src=10304459;type=mwebs0;cat=tmi_m00;ord=6595459487769;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1523926541;uaa=;u...

0
0

65ms
62ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10304459.fls.doubleclick.net/activityi;dc_pre=CO679_m1iooDFfmP_QcdKZUiuQ;src=10304459;type=mwebs0;cat=tmi_m00;ord=6595459487769;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1523926541;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10304459&l=dataLayer&cx=c&gtm=45He4bk0v6583067za200

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 547
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 01:13:25 GMT
expires: Tue, 03 Dec 2024 01:13:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 01:13:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10304459.fls.doubleclick.net/activityi;dc_pre=CO679_m1iooDFfmP_QcdKZUiuQ;src=10304459;type=mwebs0;cat=tmi_m00;ord=6595459487769;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1523926541;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10304459;type=mwebs0;cat=tmi_m00;ord=6595459487769;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1523926541;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noap...
ad.doubleclick.net/ 0
22 B 79ms
79ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10304459;type=mwebs0;cat=tmi_m00;ord=6595459487769;npa=1;auiddc=744530874.1733188405;ps=1;pcor=1523926541;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189925341z86583067za201zb6583067;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101899377~101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2F2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io%2Fmweb%2Fui-icons_555555_256x240.png.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 03 Dec 2024 01:13:25 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"7927327879326548167"}],"aggregatable_trigger_data":[{"filters":[{"14":["10169936"]}],"key_piece":"0xd4757e04498cc76c","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x8e49585161fa5a99","not_filters":{"14":["10169936"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"14995910621377912719","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7927327879326548167","filters":[{"14":["10169936"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"7927327879326548167","filters":[{"14":["10169936"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"7927327879326548167","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"7927327879326548167","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10304459"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 500 favicon.ico
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/ 51 B
141 B 66ms
65ms Other
text/plain 2a0b:21c0:b002:2:5000:edff:fe0d:98de
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL

https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/favicon.ico?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0b:21c0:b002:2:5000:edff:fe0d:98de Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),

Reverse DNS

Software

Resource Hash

2c07efd1f26aa5c9fb83bdd0fdd03093570c5456ce4d51d01205bf068160bd27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/mweb/ui-icons_555555_256x240.png.html

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 01938a14-4929-7e83-89de-4ebc8d95a5fc
x-ic-canister-id: 2xzyn-jqaaa-aaaad-qfrra-cai
access-control-expose-headers: accept-ranges,content-length,content-range,x-request-id,x-ic-canister-id
access-control-allow-origin: *
content-length: 51
date: Tue, 03 Dec 2024 01:13:25 GMT
vary: origin, access-control-request-method, access-control-request-headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.freshmarketer.com
URL: https://cdn.freshmarketer.com/454157/1405338.js

Domain: cdn.freshmarketer.com
URL: https://cdn.freshmarketer.com/454157/1405338.js

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.icp0.io/	1970-01-21 01:27:54	Name: _gid Value: GA1.2.340889051.1733188405
.icp0.io/	1970-01-21 01:26:28	Name: _gat_gtag_UA_51279388_1 Value: 1
.icp0.io/	1970-01-21 03:36:04	Name: _gcl_au Value: 1.1.744530874.1733188405
.2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/	1970-01-21 11:02:28	Name: _ga Value: GA1.3.1511190010.1733188405
.2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/	1970-01-21 01:27:54	Name: _gid Value: GA1.3.340889051.1733188405
.2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/	1970-01-21 01:26:28	Name: _gat_UA-51279388-1 Value: 1
.2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/	1970-01-21 01:26:28	Name: _gat_UA-51279388-5 Value: 1
.tiktok.com/	1970-01-21 03:36:04	Name: _ttp Value: 2pgWsNKn56gswPUztkyjZouf1f1
.quantserve.com/	1970-01-21 10:56:42	Name: mc Value: 674e5b34-f3e6b-f6128-78d27
.icp0.io/	1970-01-21 03:36:04	Name: _fbp Value: fb.1.1733188405055.2444313369445894
.twitter.com/	1970-01-21 11:02:28	Name: guest_id_marketing Value: v1%3A173318840498500805
.twitter.com/	1970-01-21 11:02:28	Name: guest_id_ads Value: v1%3A173318840498500805
.twitter.com/	1970-01-21 11:02:28	Name: personalization_id Value: "v1_I4CDwTHFV4rTM/TcaS1d8A=="
.twitter.com/	1970-01-21 11:02:28	Name: guest_id Value: v1%3A173318840498500805
.t.co/	1970-01-21 11:02:28	Name: muc_ads Value: 32317c19-3628-4812-8ce4-0d788aa51cc0
.t.co/	1970-01-21 01:26:30	Name: __cf_bm Value: S1ETRo5i0NhQPB0OjCFTbGzQ5hlMs_TC6EZ4P4o6aQU-1733188405-1.0.1.1-49g_E9PcLj.R387CuXfqQGkKybd.p4UVUSbkZQiHPjgtkQvIITPl4ITxCk5RdXAwvvjqc6mgBti3S0GtD1buQg
.2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/	1970-01-21 11:02:28	Name: _ga_H5L6YQ6FMF Value: GS1.3.1733188405.1.0.1733188405.60.0.0
.icp0.io/	1970-01-21 11:02:28	Name: _ga Value: GA1.1.1511190010.1733188405
.icp0.io/	1970-01-21 03:36:04	Name: _tt_enable_cookie Value: 1
.icp0.io/	1970-01-21 03:36:04	Name: _ttp Value: G-2A7X-G-LUJpbhna0b-2zg04_2.tt.1
.doubleclick.net/	1970-01-21 02:09:40	Name: ar_debug Value: 1
.icp0.io/	1970-01-21 10:50:57	Name: __qca Value: P0-2072716474-1733188404980
.icp0.io/	1970-01-21 11:02:28	Name: _ga_85DEGRW3JJ Value: GS1.1.1733188405.1.0.1733188405.0.0.0
.doubleclick.net/	1970-01-21 05:45:40	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 10:48:04	Name: IDE Value: AHWqTUkkHGPnn7BzopcYpNpmrdpg5Pf4AQGoJcRSzsTkIpT04Nd82DDJl54_VdoaWkA

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/styles.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/main.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/FontAwesome/v5.14/css/all.min.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-custom.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/runtime-es2015.0692c2471bd6c4971612.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/flags.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery-ui.min.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/bootstrap-slider.min.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/styles-es2015.5cfc0694cc2b754e769c.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery.ui.touch-punch.min.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/polyfills-es2015.77fe35c7126b5bfe4482.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/vendor/stickyfill.min.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/bootstrap.min.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/order-summary.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/media/images/mweb-loader-2020.gif Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/jquery.min.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/sales-order-tracking.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/popper.min.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/dashboard.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/jquery-ui.min.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/rebrand-june-2020.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/js/mweb_pollyfills.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/app/v4.0.93/main-es2015.40e7d0dc7ea88a1ab3a7.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/login-register.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/order-confirmation.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/assets/css/mweb-legacy/customer-info.css Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io/favicon.ico?v=2 Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10304459.fls.doubleclick.net
2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io
6785438.fls.doubleclick.net
ad.doubleclick.net
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
bat.bing.net
cdn.freshmarketer.com
connect.facebook.net
fonts.googleapis.com
pixel-ssn.quantserve.com
pixel.quantserve.com
region1.analytics.google.com
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
cdn.freshmarketer.com
104.244.42.195
142.250.184.195
142.250.185.228
142.250.185.78
142.250.186.102
146.75.120.157
157.240.0.6
157.240.253.35
162.159.140.229
2.18.64.15
2001:4860:4802:32::36
2001:4860:4802:34::36
2001:4860:4802:38::178
216.58.212.136
216.58.212.166
2600:9000:223c:ee00:6:44e3:f8c0:93a1
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:33:1::10
2620:1ec:c11::237
2a00:1450:4001:811::2008
2a00:1450:4001:827::200a
2a00:1450:400c:c0a::9d
2a0b:21c0:b002:2:5000:edff:fe0d:98de
91.228.74.244
06250128c054abb1f530f8e76b03712b8e516b4635a0c5bd892ad9f4a099f2d4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fc671898ad010ba690b89d83f8c813088990a6018b21818096387fe4a2c8e67
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2c07efd1f26aa5c9fb83bdd0fdd03093570c5456ce4d51d01205bf068160bd27
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
4938bb39e07470f2bf908e6c693dd5b44bea2677aa8afff74de7898f68b3c336
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
566135ca464dbdf20a62496982f4decc6e273e8f39b5b2d314440935273c95d7
61b9d2759cc84695715ac68f96a0b09ddc34ab6c471103c4f608a255ab30ea8a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
801a1273d156b0943ad399b084a8f579f02802d8af19d00bbb5ecfb0d11cb714
86056cda6990ce0e9d166d8359a07f09fb3ecb5a6f699e829772c1cf1128e72b
91f1de1ae6a0ab63661f1514da44522b4f291c0f51b305ed3f2d6750f1f14fef
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a37f2f8b4b906ca126b42f2d5c3a9c7091bc6868cbd9da8a2f2c829a6e0cc467
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf0c2d3989165029783355292fce29f08bc1715d772f03e7d92a04ddd78983a
b07fd63e356952a7c94b2c096c6e37a7308d969c490417cc58eae4b43ff9ebc5
b0cafc12924cf219f1e393c3051ba629dd8331fd86561c83d85c290ccd81d576
bca57eac96bbfc696154a43edf4e253578b78e564c507062ac99033bd0286c91
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df84a0aead96f4b065bd848f00a7678455297d68b17040c99fe4a507d64d4f29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb056bc3bcae89687d156037241cdf717796a0e087a52ec1f0af7b4a99ca4769
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
fda5fee1c65ff055396a945bc28e3a840d03de21926fbd0305083788551e6a0a

2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io Open in urlscan Pro 2a0b:21c0:b002:2:5000:edff:fe0d:98de Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

96 %HTTPS

46 %IPv6

18 Domains

25 Subdomains

25 IPs

6 Countries

1174 kBTransfer

3741 kBSize

25 Cookies

0 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

2xzyn-jqaaa-aaaad-qfrra-cai.icp0.io Open in urlscan Pro
2a0b:21c0:b002:2:5000:edff:fe0d:98de Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

96 %
HTTPS

46 %
IPv6

18
Domains

25
Subdomains

25
IPs

6
Countries

1174 kB
Transfer

3741 kB
Size

25
Cookies

76 HTTP transactions
0 data transactions