www.daronsdubiz.com Open in urlscan Pro
2600:9000:2490:6400:5:4d23:6f00:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://daronsdubiz.com/
Effective URL:
https://www.daronsdubiz.com/
Submission: On October 13 via manual (October 13th 2024, 6:53:06 pm UTC) from FR — Scanned from FR

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 31 HTTP transactions. The main IP is 2600:9000:2490:6400:5:4d23:6f00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.daronsdubiz.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 8th 2024. Valid for: a year.

This is the only time www.daronsdubiz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	213.186.33.5 213.186.33.5	16276 (OVH) (OVH)
2	2600:9000:249... 2600:9000:2490:6400:5:4d23:6f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:275... 2600:9000:275b:c200:1c:d937:ae40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223f:3000:17:3a21:7e40:21	16509 (AMAZON-02) (AMAZON-02)
3	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:80d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:26e... 2600:9000:26e8:7400:10:6a77:5f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:1fae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:223... 2600:9000:223f:4e00:f:e793:dc40:21	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:214... 2600:9000:214f:8c00:f:a462:c1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	52.5.20.21 52.5.20.21	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::6812:22d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3030::6815:2d30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	16

1 213.186.33.5 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: redirect.ovh.net

daronsdubiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2490:6400:5:4d23:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.daronsdubiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275b:c200:1c:d937:ae40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3fit27i5nzkqh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:3000:17:3a21:7e40:21 (United States)

ASN16509 (AMAZON-02, US)

d6r6gym8ueyux.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26e8:7400:10:6a77:5f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.provesrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:4e00:f:e793:dc40:21 (United States)

ASN16509 (AMAZON-02, US)

d3syewzhvzylbl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:8c00:f:a462:c1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1yei2z3i6k35z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.5.20.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-20-21.compute-1.amazonaws.com

client-api.provesrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22d6 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

capig.stape.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:2d30 (United States)

ASN13335 (CLOUDFLARENET, US)

capig.alexandreroth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	cloudfront.net d3fit27i5nzkqh.cloudfront.net d6r6gym8ueyux.cloudfront.net d3syewzhvzylbl.cloudfront.net d1yei2z3i6k35z.cloudfront.net	1 MB
5	provesrc.com cdn.provesrc.com — Cisco Umbrella Rank: 116884 client-api.provesrc.com — Cisco Umbrella Rank: 91706	56 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	153 KB
3	daronsdubiz.com 1 redirects daronsdubiz.com www.daronsdubiz.com	73 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9320 prism.app-us1.com — Cisco Umbrella Rank: 9406	8 KB
1	alexandreroth.com capig.alexandreroth.com	676 B
1	stape.tech capig.stape.tech — Cisco Umbrella Rank: 436393	643 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	833 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 9615	315 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	96 KB
31	11

	Domain	Requested by
4	www.facebook.com	www.daronsdubiz.com
4	client-api.provesrc.com	cdn.provesrc.com d6r6gym8ueyux.cloudfront.net
3	d3syewzhvzylbl.cloudfront.net	www.daronsdubiz.com
3	connect.facebook.net	www.daronsdubiz.com connect.facebook.net
3	d6r6gym8ueyux.cloudfront.net	www.daronsdubiz.com
2	d1yei2z3i6k35z.cloudfront.net	www.daronsdubiz.com
2	d3fit27i5nzkqh.cloudfront.net	www.daronsdubiz.com d3fit27i5nzkqh.cloudfront.net
2	www.daronsdubiz.com
1	capig.alexandreroth.com	d6r6gym8ueyux.cloudfront.net
1	capig.stape.tech	d6r6gym8ueyux.cloudfront.net
1	fonts.googleapis.com	cdn.provesrc.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	cdn.provesrc.com	www.daronsdubiz.com
1	diffuser-cdn.app-us1.com	www.daronsdubiz.com
1	www.googletagmanager.com	www.daronsdubiz.com
1	daronsdubiz.com	1 redirects
31	17

This site contains no links.

Subject Issuer	Validity	Valid
daronsdubiz.com Amazon RSA 2048 M03	`2024-08-08` - `2025-09-06`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-22` - `2024-10-20`	3 months	crt.sh
diffuser-cdn.app-us1.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.provesrc.com Amazon RSA 2048 M02	`2024-09-09` - `2025-10-07`	a year	crt.sh
prism.app-us1.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
trackcmp.net WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
capig.stape.tech WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
capig.alexandreroth.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.daronsdubiz.com/
Frame ID: A40039912D2ABCE917C65D8C02C26597
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Darons du Biz

Page URL History Show full URLs

http://daronsdubiz.com/ HTTP 307
https://daronsdubiz.com/ HTTP 307
http://daronsdubiz.com/ HTTP 302
http://www.daronsdubiz.com/ HTTP 307
https://www.daronsdubiz.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

31
Requests

100 %
HTTPS

76 %
IPv6

11
Domains

17
Subdomains

16
IPs

4
Countries

1641 kB
Transfer

3773 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://daronsdubiz.com/ HTTP 307
https://daronsdubiz.com/ HTTP 307
http://daronsdubiz.com/ HTTP 302
http://www.daronsdubiz.com/ HTTP 307
https://www.daronsdubiz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.daronsdubiz.com/
Redirect Chain

http://daronsdubiz.com/
https://daronsdubiz.com/
http://daronsdubiz.com/
http://www.daronsdubiz.com/
https://www.daronsdubiz.com/

70 KB
15 KB

361ms
181ms

Document
text/html

2600:9000:2490:6400:5:4d23:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.daronsdubiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:6400:5:4d23:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

fb7b91d5fb643aa40f596768d7798d7e1efaeabf1ff47ef2ee7ceea06a89c71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Oct 2024 18:52:59 GMT
server: nginx/1.24.0
vary: Accept-Encoding
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-id: bCCCyALaIt2NVm9J8QWydYovpE1hNCSAGJstGJNzJuXX1B7U3XKG6g==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.daronsdubiz.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
96 KB 135ms
52ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1053283562

Requested by

Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9102e19691ad902e363d894b85a3337d8e0f6f8498b2bd484dc7f7df3e3dc36d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 13 Oct 2024 18:53:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 18:53:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 13 Oct 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97820
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/ 486 KB
81 KB 170ms
52ms Stylesheet
text/css 2600:9000:275b:c200:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by: Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:c200:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

cache-control: max-age=31536000,public
content-encoding: gzip
etag: W/"325672b036bab9b57f6873aed5eccc43"
age: 7745730
via: 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: nudYxfEVWRt-OvjGtT39eSVWE8jp4TX_mGaeapFTWIqjcsnSsNLHMA==
date: Tue, 16 Jul 2024 03:17:31 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 12:25:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
vary: Accept-Encoding, Origin

GET
H2 200 runtimeSimplePage.1f5d57551aa31777b361.js Show response
d6r6gym8ueyux.cloudfront.net/ 2 KB
2 KB 289ms
174ms Script
application/x-javascript 2600:9000:223f:3000:17:3a21:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d6r6gym8ueyux.cloudfront.net/runtimeSimplePage.1f5d57551aa31777b361.js
Requested by: Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3000:17:3a21:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: gzip
x-amz-meta-codebuild-content-md5: f236673b03b928e313686143f834e5e1
etag: W/"b36fb59db1b08c77338df8b86396266b"
age: 57699
x-cache: Hit from cloudfront
x-amz-cf-id: 5yIp5JPHGSU5sJM4BkaED1RZorgcgoH4iw-WGFsHvbCa5beJacZOjg==
date: Sun, 13 Oct 2024 02:51:24 GMT
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:f0a5c014-46c7-493d-91cc-39e034bcf266
vary: Accept-Encoding, Origin
content-type: application/x-javascript
last-modified: Fri, 04 Oct 2024 08:40:19 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-meta-codebuild-content-sha256: b772cbc36298225a4a121e2c804f6fcc95368fd66153d99f407dc4870b78bffc
x-amz-server-side-encryption: AES256

GET
H2 200 simplePage.b477a698ffa78fac627d.js Show response
d6r6gym8ueyux.cloudfront.net/ 584 KB
122 KB 172ms
57ms Script
application/x-javascript 2600:9000:223f:3000:17:3a21:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d6r6gym8ueyux.cloudfront.net/simplePage.b477a698ffa78fac627d.js
Requested by: Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3000:17:3a21:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4ea60e8bec831ebc1290ce076c2c60299cec983104dc7b1c63c35155de3bd3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: gzip
x-amz-meta-codebuild-content-md5: b9b64673c326d5bacf1e2ab6559be7b2
etag: W/"7e2eef5ba77a33a9d84870e1eeec5302"
age: 34636
x-cache: Hit from cloudfront
x-amz-cf-id: rz5Qq1nKCwvXP579sXBY54f9Gj4BwUooQqys_J6dSYWoRbJgRY0ItA==
date: Sun, 13 Oct 2024 09:15:45 GMT
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:d539748a-e50a-435f-8f1f-924cea6514bb
vary: Accept-Encoding, Origin
content-type: application/x-javascript
last-modified: Wed, 09 Oct 2024 09:09:28 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-meta-codebuild-content-sha256: 1f933d0fc5aca9a17abd63d380ed1c7fc7d921dabecb7ca01a9de5bf627fb53d
x-amz-server-side-encryption: AES256

GET
H2 200 vendors~simplePage.8c0a7427ff2414852ce6.js Show response
d6r6gym8ueyux.cloudfront.net/ 609 KB
170 KB 290ms
175ms Script
application/x-javascript 2600:9000:223f:3000:17:3a21:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d6r6gym8ueyux.cloudfront.net/vendors~simplePage.8c0a7427ff2414852ce6.js
Requested by: Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3000:17:3a21:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2c50b941874715410f7617821e1ed79c895942b46c4a51fe9bf08cada86d3f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: br
x-amz-meta-codebuild-content-md5: 49a94daa24cf002d0a16a22668150c93
etag: W/"97150975d9bce2541ea34a6e365299c8"
age: 63693
x-cache: Hit from cloudfront
x-amz-cf-id: CNUaoskPObShsyYbxebtL00Yc7Yy6IN_DgyeK5PbXXN5DkdeEzN5DQ==
date: Sun, 13 Oct 2024 01:11:28 GMT
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:aaaad5bd-f40e-4d6f-8bb8-fed3ffbbc364
vary: Accept-Encoding, Origin
content-type: application/x-javascript
last-modified: Fri, 11 Oct 2024 14:08:22 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-meta-codebuild-content-sha256: aab652bea8a720a18ad5b3acd1933860349f1d12e2ad3f58223b1f974d6df430
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 79ms
32ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 18:53:00 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4449, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: ufgRbXyy8jrK7dOnT+mkTR61K0tXYu5acSM2/lDY3/y1W2iEKqJfyYqYXgaGM43KZyqB/p0dMAK7yVNx4jFMvg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 32 KB
8 KB 123ms
61ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"234346615b452270c8ee1158258c83bb"
age: 27
x-cache: Hit from cloudfront
x-amz-cf-id: Z5kdMliAbMQkLnpy__zDBz94k-4yGHEXcYB9BENLkfWFMTB83C94nw==
date: Sun, 13 Oct 2024 18:53:00 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:47:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=300
via: 1.1 a2f1af60340347fb7ac41d41acebdd2c.cloudfront.net (CloudFront)
cf-ray: 8d2187ac4ee07028-CDG
x-amz-cf-pop: CDG55-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 provesrc.js Show response
cdn.provesrc.com/ 228 KB
55 KB 179ms
52ms Script
application/javascript 2600:9000:26e8:7400:10:6a77:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.provesrc.com/provesrc.js
Requested by: Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:7400:10:6a77:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d76489e3717e5da9e2780588fa2e0e54bc4fb9df5dfbfa6fb636fbd62c7ca74a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: "572c64481de82723776ea34041fce678"
age: 42042
via: 1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 55596
x-amz-cf-id: LmSAbyPpaGfPDSgLPUJz54WCDqwR0I0YBgi5Wj-lt9NczrrIXi1DNA==
date: Sun, 13 Oct 2024 14:24:33 GMT
content-type: application/javascript
last-modified: Thu, 22 Aug 2024 11:55:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H3 200 199816195051335 Show response
connect.facebook.net/signals/config/ 298 KB
92 KB 368ms
367ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/199816195051335?v=2.9.170&r=stable&domain=www.daronsdubiz.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

484212c784b9f4a5a77f36d226a6b3feb56526ce0d7fa1acec0aabc6b3a2bcb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 18:53:00 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=74, mss=1232, tbw=67297, tp=63, tpl=0, uplat=334, ullat=0
pragma: public
x-fb-debug: iIo6GtKvOnsU8ZlasnQj+Gtkbwgjeb7yoDcG/nEvRcwLjWS1YgPeNVozX0vW+Jkw+BC3DNlKpYlJVwaB/QZ6Ag==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
498 B 312ms
206ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=802131701&u=https%3A%2F%2Fwww.daronsdubiz.com%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

7284190c18213068623b57f26bab920bab3248940eb13149364b04370e3611cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, private
content-encoding: gzip
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 56
cf-ray: 8d2187adcfc66980-CDG
date: Sun, 13 Oct 2024 18:53:00 GMT
content-type: application/javascript
x-powered-by: PHP/8.1.29
server: cloudflare

GET
H2 200 italic.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/ 56 KB
56 KB 277ms
145ms Font
font/woff2 2600:9000:223f:4e00:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/italic.woff2
Requested by: Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4e00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8399bf816d337f53b8d9e6683eb21d44963a55914bda059e8dd938f671b822ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.daronsdubiz.com
Referer: https://www.daronsdubiz.com/

Response headers

access-control-max-age: 31536000
etag: "7d40af96b289803de14179d630b262e3"
age: 56509
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: j0r_xqgVRpTwLkltw-pP2DIQDem4kQVkzhP_cuLETJ-UhiTXJkD91g==
date: Sun, 13 Oct 2024 07:37:02 GMT
content-type: font/woff2
vary: Accept-Encoding
last-modified: Fri, 14 Apr 2023 06:24:30 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 57108
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/ 55 KB
55 KB 186ms
55ms Font
font/woff2 2600:9000:223f:4e00:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/700.woff2
Requested by: Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4e00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83dd6ed4f17ef7cafa58a15d1ceb20256c208477b7b7dc44055cd43abe88c3d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.daronsdubiz.com
Referer: https://www.daronsdubiz.com/

Response headers

access-control-max-age: 31536000
etag: "dc7f9f814ed82f63e1e23faa04792513"
age: 50402
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: l8t-j6bPyFFVEiaYWfmnthm_E5C_wdK7rSlOHvnc_6DfYBacjGqiig==
date: Sun, 13 Oct 2024 04:52:59 GMT
content-type: font/woff2
vary: Accept-Encoding
last-modified: Fri, 14 Apr 2023 06:24:30 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56168
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 fa-solid-900.woff2
d3fit27i5nzkqh.cloudfront.net/assets/webfonts/ 321 KB
322 KB 174ms
62ms Font
binary/octet-stream 2600:9000:275b:c200:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/assets/webfonts/fa-solid-900.woff2
Requested by: Host: d3fit27i5nzkqh.cloudfront.net
URL: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:c200:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.daronsdubiz.com
Referer: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css

Response headers

cache-control: max-age=31536000,public
etag: "6ebcf9f18ded9c54f71ec1198c32aa52"
age: 3062295
access-control-allow-methods: GET
via: 1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 329204
x-amz-cf-id: EpjVG2A6vS84C0xHYziOyhezD3Rprumsw-63vgtIlz0yETDtx3MadQ==
date: Sun, 08 Sep 2024 08:14:46 GMT
content-type: binary/octet-stream
last-modified: Wed, 18 May 2022 12:25:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7

GET
H2 200 regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/ 54 KB
54 KB 240ms
110ms Font
font/woff2 2600:9000:223f:4e00:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/regular.woff2
Requested by: Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4e00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c55359c2badcb06edc896bccd3618919ec54035299f1f5db5c6cafd5e8933cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.daronsdubiz.com
Referer: https://www.daronsdubiz.com/

Response headers

access-control-max-age: 31536000
etag: "39cdece7149132b8bce63dc6e5d36c9a"
age: 51886
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: WcM3AC_1p6L20PoxHB-CYtaYsE2YOQUYUTLKjHekN72i2yITdzbmkQ==
date: Sun, 13 Oct 2024 04:28:29 GMT
content-type: font/woff2
vary: Accept-Encoding
last-modified: Fri, 14 Apr 2023 06:24:30 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 55160
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 658ee55e412da_LogoDaronsdubiz.png
d1yei2z3i6k35z.cloudfront.net/14587/ 59 KB
59 KB 367ms
221ms Image
image/png 2600:9000:214f:8c00:f:a462:c1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1yei2z3i6k35z.cloudfront.net/14587/658ee55e412da_LogoDaronsdubiz.png
Requested by: Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29872564f460aff4e2150d536d0d3ead9faf773e6c743670811a17c0c90af441

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

x-robots-tag: noindex
etag: "eb94d958ad126b2d7075d73441d3140a"
age: 545620
x-cache: Hit from cloudfront
x-amz-cf-id: NsMjytjU6tlxEvpd8xLBAuLEnbhoIhBWN50SyTr5LMYI3ohcoKZ8lQ==
date: Mon, 07 Oct 2024 11:19:21 GMT
content-type: image/png
vary: Origin
last-modified: Fri, 29 Dec 2023 15:27:27 GMT
cache-control: max-age=31536000
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 60224
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 658ee5a8ef1ed_4.jpg
d1yei2z3i6k35z.cloudfront.net/14587/ 326 KB
326 KB 204ms
59ms Image
image/jpeg 2600:9000:214f:8c00:f:a462:c1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1yei2z3i6k35z.cloudfront.net/14587/658ee5a8ef1ed_4.jpg
Requested by: Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8c00:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04918f7f9c1dce441c956f799800ddbd5ad55e59aa45affc60c3f7dd6f4b769a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

x-robots-tag: noindex
etag: "9d40031d37466d13f2090099d0b8289b"
age: 613546
x-cache: Hit from cloudfront
x-amz-cf-id: mrTaFFhIW0WDS2Xr9ZEjzNyrm-qI-beh_m61f8xWpQZvHNSJ30ISSA==
date: Sun, 06 Oct 2024 16:27:15 GMT
content-type: image/jpeg
vary: Origin
last-modified: Fri, 29 Dec 2023 15:28:42 GMT
cache-control: max-age=31536000
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 333338
x-amz-cf-pop: FRA53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 configuration Show response
client-api.provesrc.com/account/ 588 B
1 KB 308ms
107ms Fetch
application/json 52.5.20.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/account/configuration?url=aHR0cHM6Ly93d3cuZGFyb25zZHViaXouY29tLw==
Requested by: Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.20.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-20-21.compute-1.amazonaws.com
Software: /
Resource Hash: bb2c264be10b46475664e6e48cd4d47b7886b394e53ec21c80190d4d7aec183a

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI1ZDY2N2UyYzE2NTA4ZDIwYjgwY2VkZGUiLCJpYXQiOjE1NjY5OTgwNjB9.O9u2VIVUhfBJQxizY4b3aUgyL21XzDR4wu0cOo4quzk
x-ps-url: aHR0cHM6Ly93d3cuZGFyb25zZHViaXouY29tLw==
Referer: https://www.daronsdubiz.com/
x-ps-version: 4.7.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
x-ps-uid: 4b724494-9623-48cc-8854-8622ebaa29e4
Content-Type: application/json

Response headers

x-ps-first: psuid=dc548de1-8a29-4761-ba09-a5c9f515595f; expires=Tue, 01 Jan 2030 00:00:00 GMT; maxAge=15552000$ps5d667e2c16508d20b80cedde=true|1727740800000; maxAge=86400000; expires=Fri, 01 Nov 2024 00:00:00 GMT
access-control-max-age: 7200
x-request-id: 41638c19-1db9-4ce3-afb3-a108d7f719bf
access-control-expose-headers: x-ps-first
content-encoding: gzip
etag: W/"24c-jRTTaytXsAYsyHtDu7DpiMRECO8"
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-ps-host: ip-172-31-29-194
access-control-allow-origin: https://www.daronsdubiz.com
date: Sun, 13 Oct 2024 18:53:01 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

OPTIONS
H2 200 configuration
client-api.provesrc.com/account/ 0
0 334ms
104ms Preflight 52.5.20.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/account/configuration?url=aHR0cHM6Ly93d3cuZGFyb25zZHViaXouY29tLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.20.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-20-21.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: GET
Origin: https://www.daronsdubiz.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.daronsdubiz.com
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Sun, 13 Oct 2024 18:53:00 GMT
x-ps-host: ip-172-31-33-180
x-request-id: 6eb58c7c-b168-4c48-abb1-a4a3717ffca9

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 317ms
240ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=802131701&prismid=68d63451-cebe-4d09-84b7-b5bb3169e06f&url=https%3A%2F%2Fwww.daronsdubiz.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 13
cf-ray: 8d2187b09ce6784e-CDG
content-length: 0
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
date: Sun, 13 Oct 2024 18:53:01 GMT
content-type: text/javascript;charset=UTF-8
x-powered-by: PHP/8.1.30
server: cloudflare

GET
H3 200 957228188713139 Show response
connect.facebook.net/signals/config/ 26 KB
3 KB 478ms
477ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/957228188713139?v=2.9.170&r=stable&domain=www.daronsdubiz.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C157%2C223%2C224%2C222%2C178%2C137%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

a2adf69c744fed8fd32d63507d11858ab3fdbc702e604f3b02936e3827b875f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 18:53:01 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=120, mss=1232, tbw=163425, tp=147, tpl=0, uplat=444, ullat=0
pragma: public
x-fb-debug: tbHa2A3cM6Om1tBB5anLm9CY+i6vCACwYKXz8M1vKM0W6z0l+ew6ZQlnBL0DRlbWgL0qeU4qGHvabP3qDR6eHA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 css
fonts.googleapis.com/ 2 KB
833 B 121ms
43ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900

Requested by

Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

210c0dec6b8654d40aca7610c693067129122f2dc88d1e5525365f7bb4a8e5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 13 Oct 2024 18:53:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 13 Oct 2024 18:53:01 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 13 Oct 2024 17:48:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

OPTIONS
H2 200 get
client-api.provesrc.com/notifications/ 0
0 104ms
104ms Preflight 52.5.20.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/get
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.20.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-20-21.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: POST
Origin: https://www.daronsdubiz.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.daronsdubiz.com
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Sun, 13 Oct 2024 18:53:01 GMT
x-ps-host: ip-172-31-33-180
x-request-id: 4630f9d1-b4f6-409b-9c9b-cd699e4cdba8

POST
H2 200 get Show response
client-api.provesrc.com/notifications/ 2 B
370 B 114ms
113ms XHR
application/json 52.5.20.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/get
Requested by: Host: d6r6gym8ueyux.cloudfront.net
URL: https://d6r6gym8ueyux.cloudfront.net/vendors~simplePage.8c0a7427ff2414852ce6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.20.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-20-21.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

x-ps-first: psuid=dc548de1-8a29-4761-ba09-a5c9f515595f;ps5d667e2c16508d20b80cedde=true|1727740800000
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI1ZDY2N2UyYzE2NTA4ZDIwYjgwY2VkZGUiLCJpYXQiOjE1NjY5OTgwNjB9.O9u2VIVUhfBJQxizY4b3aUgyL21XzDR4wu0cOo4quzk
x-ps-url: aHR0cHM6Ly93d3cuZGFyb25zZHViaXouY29tLw==
Referer: https://www.daronsdubiz.com/
x-ps-version: 4.7.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
x-ps-uid: 4b724494-9623-48cc-8854-8622ebaa29e4
Content-type: application/json

Response headers

access-control-max-age: 7200
x-request-id: 84a03bd8-39a4-466f-a98f-bb7aeb0e6454
access-control-expose-headers: x-ps-first
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-ps-host: ip-172-31-60-16
access-control-allow-origin: https://www.daronsdubiz.com
content-length: 2
date: Sun, 13 Oct 2024 18:53:01 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

POST
H3 200 4ee4137e30790366c7a18d819dbec3dbc64e0741ba1458ae136635d178b59218 Show response
capig.stape.tech/events/ 0
643 B 94ms
51ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.stape.tech/events/4ee4137e30790366c7a18d819dbec3dbc64e0741ba1458ae136635d178b59218
Requested by: Host: d6r6gym8ueyux.cloudfront.net
URL: https://d6r6gym8ueyux.cloudfront.net/vendors~simplePage.8c0a7427ff2414852ce6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.daronsdubiz.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtIsQuiUKJqPKKiytMx8%2BeBNMc95yBGwkTPbGAageUnIF4heiVAb2xxdmAx3T3snDkHyDDY21orC6%2BIxBoQarlbSm2wZBR7y%2BeNND1qSq2wMW7cCIgscEA0M0lBujmZxSR8H"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8d2187b3ca16bb30-CDG
access-control-allow-origin: https://www.daronsdubiz.com
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 18:53:01 GMT
vary: origin
server: cloudflare

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 109ms
33ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=199816195051335&ev=PageView&dl=https%3A%2F%2Fwww.daronsdubiz.com%2F&rl=&if=false&ts=1728845581346&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728845581343.800162108316033211&eid=ob3_plugin-set_d1d16bb67da608ff3769e8ac2112ff3a153c3dfd4917cc4c2d672265c20273e1&ler=empty&cdl=API_unavailable&it=1728845580267&coo=false&exp=h3&rqm=GET

Requested by

Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1297, tbw=3007, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 18:53:01 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 305ms
229ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=199816195051335&ev=PageView&dl=https%3A%2F%2Fwww.daronsdubiz.com%2F&rl=&if=false&ts=1728845581346&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728845581343.800162108316033211&eid=ob3_plugin-set_d1d16bb67da608ff3769e8ac2112ff3a153c3dfd4917cc4c2d672265c20273e1&ler=empty&cdl=API_unavailable&it=1728845580267&coo=false&exp=h3&rqm=FGET

Requested by

Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425335230321530049"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 18:53:01 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: FPD3iLu7HaYgynczeXiIvVsQQSNtElMjjNwBVl1uEnKUiYQCncEqelyIllt2kG821VObROLqTXVCBd8EDjBTqw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425335230321530049", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=16, mss=1297, tbw=3450, tp=-1, tpl=-1, uplat=195, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 4ee4137e30790366c7a18d819dbec3dbc64e0741ba1458ae136635d178b59218 Show response
capig.alexandreroth.com/events/ 0
676 B 151ms
60ms XHR
text/plain 2606:4700:3030::6815:2d30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.alexandreroth.com/events/4ee4137e30790366c7a18d819dbec3dbc64e0741ba1458ae136635d178b59218
Requested by: Host: d6r6gym8ueyux.cloudfront.net
URL: https://d6r6gym8ueyux.cloudfront.net/vendors~simplePage.8c0a7427ff2414852ce6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2d30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.daronsdubiz.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqJmQdcOInRehI0oT7ctuIeiViLtCHomqcOie3ypHIA5LPFmNrJzoQ2Mmih1HH17%2FGyGN%2FR0G%2FrUw6jC5mVh5egwN7gihu7l700lv0cXbvajO11aY3ANYDlBWt%2FIjCs%2FN0Sql%2BH6%2B6og3VsgjyIINkXTdw2Clg%3D%3D"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8d2187b41cc47011-CDG
access-control-allow-origin: https://www.daronsdubiz.com
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 18:53:01 GMT
vary: origin
server: cloudflare

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 108ms
33ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=957228188713139&ev=PageView&dl=https%3A%2F%2Fwww.daronsdubiz.com%2F&rl=&if=false&ts=1728845581351&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728845581343.800162108316033211&eid=ob3_plugin-set_07c4fdb676cdc550be317801923e5c0acd1928c7b3862b05d942ebcfe9a2402b&ler=empty&cdl=API_unavailable&it=1728845580267&coo=false&exp=h3&rqm=GET

Requested by

Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1297, tbw=3294, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 13 Oct 2024 18:53:01 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
846 B 309ms
234ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=957228188713139&ev=PageView&dl=https%3A%2F%2Fwww.daronsdubiz.com%2F&rl=&if=false&ts=1728845581351&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728845581343.800162108316033211&eid=ob3_plugin-set_07c4fdb676cdc550be317801923e5c0acd1928c7b3862b05d942ebcfe9a2402b&ler=empty&cdl=API_unavailable&it=1728845580267&coo=false&exp=h3&rqm=FGET

Requested by

Host: www.daronsdubiz.com
URL: https://www.daronsdubiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425335230551604634"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Oct 2024 18:53:01 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: m31S6kyNNWyGJ5NenHwgsHIxgNuNXVf+KJ7BZdtaKYAaBUzBwT0Iibw8axw/poe/k4jXRw42mpLe5PAI6TNOag==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425335230551604634", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=16, mss=1297, tbw=6679, tp=-1, tpl=-1, uplat=201, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 66d1faa1caed8_ms-icon-310x310.png
www.daronsdubiz.com/8919865/ 57 KB
57 KB 66ms
66ms Other
image/png 2600:9000:2490:6400:5:4d23:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.daronsdubiz.com/8919865/66d1faa1caed8_ms-icon-310x310.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6400:5:4d23:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1db54dd6aa62c3da9d77d98d0e1de288720919859cc21d520e221c41f57db908

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.daronsdubiz.com/

Response headers

vary: Accept-Encoding
etag: "2ffcbc4d64d8acb81f03511378ca4d09"
age: 21466
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 58424
x-amz-cf-id: AioGpgjjFXSQdOUkdHAWg-SgTN5svN3FIklVfFlaVEql_dDDvHQQYw==
date: Sun, 13 Oct 2024 12:55:16 GMT
content-type: image/png
last-modified: Fri, 30 Aug 2024 17:00:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capig.stape.tech/events/4ee4137e30790366c7a18d819dbec3dbc64e0741ba1458ae136635d178b59218	1970-01-21 02:23:41	Name: cee Value: I6fEDwiYXRsqr%2BPKB0%2BbS%2BMvCOM8T1xeV1yqZjbosiA%3D.%7B%7D
.capig.alexandreroth.com/events/4ee4137e30790366c7a18d819dbec3dbc64e0741ba1458ae136635d178b59218	1970-01-21 02:23:41	Name: cee Value: wy6tu0lejj%2BQJ6660o1ch7hoV8OxBTpEw%2BEtfTadae0%3D.%7B%7D
daronsdubiz.com/	1969-12-31 23:59:59	Name: SERVERID77446 Value: 200177\|ZwwXD\|ZwwXD
www.daronsdubiz.com/	1970-01-21 09:50:05	Name: v Value: 01JA3KM1NFK99HK54AKB04KWSM
.daronsdubiz.com/	1970-01-21 02:23:41	Name: _gcl_au Value: 1.1.1963377704.1728845580
prism.app-us1.com/	1970-01-21 00:57:17	Name: prism_802131701 Value: 68d63451-cebe-4d09-84b7-b5bb3169e06f
.daronsdubiz.com/	1970-01-21 00:57:17	Name: prism_802131701 Value: 68d63451-cebe-4d09-84b7-b5bb3169e06f
.provesrc.com/	1970-01-21 00:14:21	Name: psuid Value: s%3Adc548de1-8a29-4761-ba09-a5c9f515595f.9%2FpR7sXOdNFCGFvD9dep%2FOh0N9BhGHMEiDDn4OHVCwY
.provesrc.com/	1970-01-21 00:15:31	Name: ps5d667e2c16508d20b80cedde Value: true%7C1727740800000
.daronsdubiz.com/	1970-01-21 09:50:05	Name: psuid Value: dc548de1-8a29-4761-ba09-a5c9f515595f
.daronsdubiz.com/	1970-01-21 00:40:19	Name: ps5d667e2c16508d20b80cedde Value: true\|1727740800000
.daronsdubiz.com/	1970-01-21 02:23:41	Name: _fbp Value: fb.1.1728845581343.800162108316033211

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

capig.alexandreroth.com
capig.stape.tech
cdn.provesrc.com
client-api.provesrc.com
connect.facebook.net
d1yei2z3i6k35z.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d3syewzhvzylbl.cloudfront.net
d6r6gym8ueyux.cloudfront.net
daronsdubiz.com
diffuser-cdn.app-us1.com
fonts.googleapis.com
prism.app-us1.com
trackcmp.net
www.daronsdubiz.com
www.facebook.com
www.googletagmanager.com
157.240.251.9
188.114.96.3
213.186.33.5
2600:9000:214f:8c00:f:a462:c1c0:93a1
2600:9000:223f:3000:17:3a21:7e40:21
2600:9000:223f:4e00:f:e793:dc40:21
2600:9000:2490:6400:5:4d23:6f00:93a1
2600:9000:26e8:7400:10:6a77:5f80:93a1
2600:9000:275b:c200:1c:d937:ae40:93a1
2606:4700:3030::6815:2d30
2606:4700:4400::6812:22d6
2606:4700::6811:1fae
2606:4700::6812:80d8
2a00:1450:4001:802::2008
2a00:1450:4001:82f::200a
2a03:2880:f176:84:face:b00c:0:25de
52.5.20.21
04918f7f9c1dce441c956f799800ddbd5ad55e59aa45affc60c3f7dd6f4b769a
1db54dd6aa62c3da9d77d98d0e1de288720919859cc21d520e221c41f57db908
210c0dec6b8654d40aca7610c693067129122f2dc88d1e5525365f7bb4a8e5cf
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
29872564f460aff4e2150d536d0d3ead9faf773e6c743670811a17c0c90af441
406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b
484212c784b9f4a5a77f36d226a6b3feb56526ce0d7fa1acec0aabc6b3a2bcb1
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
6c55359c2badcb06edc896bccd3618919ec54035299f1f5db5c6cafd5e8933cf
7284190c18213068623b57f26bab920bab3248940eb13149364b04370e3611cd
8399bf816d337f53b8d9e6683eb21d44963a55914bda059e8dd938f671b822ae
83dd6ed4f17ef7cafa58a15d1ceb20256c208477b7b7dc44055cd43abe88c3d8
9102e19691ad902e363d894b85a3337d8e0f6f8498b2bd484dc7f7df3e3dc36d
a2adf69c744fed8fd32d63507d11858ab3fdbc702e604f3b02936e3827b875f9
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b2c50b941874715410f7617821e1ed79c895942b46c4a51fe9bf08cada86d3f2
bb2c264be10b46475664e6e48cd4d47b7886b394e53ec21c80190d4d7aec183a
c4ea60e8bec831ebc1290ce076c2c60299cec983104dc7b1c63c35155de3bd3b
d76489e3717e5da9e2780588fa2e0e54bc4fb9df5dfbfa6fb636fbd62c7ca74a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
fb7b91d5fb643aa40f596768d7798d7e1efaeabf1ff47ef2ee7ceea06a89c71e

www.daronsdubiz.com Open in urlscan Pro 2600:9000:2490:6400:5:4d23:6f00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

76 %IPv6

11 Domains

17 Subdomains

16 IPs

4 Countries

1641 kBTransfer

3773 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.daronsdubiz.com Open in urlscan Pro
2600:9000:2490:6400:5:4d23:6f00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

76 %
IPv6

11
Domains

17
Subdomains

16
IPs

4
Countries

1641 kB
Transfer

3773 kB
Size

12
Cookies

31 HTTP transactions
0 data transactions