urlscan.io logo urlscan.io
SecurityTrails logo

pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev Open in urlscan Pro
2a06:98c1:58::eb  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Effective URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Submission: On December 02 via automatic, source openphish — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 16 domains to perform 94 HTTP transactions. The main IP is 2a06:98c1:58::eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev.
TLS certificate: Issued by E5 on November 27th 2024. Valid for: 3 months.
This is the only time pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 19 2a06:98c1:58::eb 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1408:c40... 20940 (AKAMAI-AS...)
8 2600:1408:ec0... 20940 (AKAMAI-AS...)
4 31.13.66.19 32934 (FACEBOOK)
8 142.250.31.156 15169 (GOOGLE)
2 54.229.42.230 16509 (AMAZON-02)
2 169.202.182.156 14115 (AMALGAMAT...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2620:1ec:21::14 8068 (MICROSOFT...)
2 52.202.132.24 14618 (AMAZON-AES)
4 23.222.197.151 16625 (AKAMAI-AS)
1 3.219.151.184 14618 (AMAZON-AES)
2 63.140.39.248 14618 (AMAZON-AES)
1 1 3.81.197.94 14618 (AMAZON-AES)
2 157.240.229.35 32934 (FACEBOOK)
2 23.209.57.156 16625 (AKAMAI-AS)
9 172.253.122.104 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.74.152 13335 (CLOUDFLAR...)
2 172.253.63.97 15169 (GOOGLE)
3 172.253.122.100 15169 (GOOGLE)
94 23
19    2a06:98c1:58::eb (United States)

ASN13335 (CLOUDFLARENET, US)
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:1408:c400:5::17c7:3719 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
snap.licdn.com
8    2600:1408:ec00:887::1e80 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
assets.adobedtm.com
4    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
8    142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net
googleads.g.doubleclick.net
2    54.229.42.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-42-230.eu-west-1.compute.amazonaws.com
credit.apr.absa.co.za
2    169.202.182.156 (Krugersdorp, South Africa)

ASN14115 (AMALGAMATED-BSA, ZA)
ib.absa.co.za
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    52.202.132.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-132-24.compute-1.amazonaws.com
dpm.demdex.net
4    23.222.197.151 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-197-151.deploy.static.akamaitechnologies.com
p.teads.tv
cm.teads.tv
fledge.teads.tv
1    3.219.151.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-151-184.compute-1.amazonaws.com
absa.demdex.net
2    63.140.39.248 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-248.data.adobedc.net
fpt.absa.co.za
1    3.81.197.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-197-94.compute-1.amazonaws.com
cm.everesttech.net
2    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
2    23.209.57.156 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-57-156.deploy.static.akamaitechnologies.com
t.teads.tv
9    172.253.122.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f104.1e100.net
www.google.com
8    2607:f8b0:4004:c09::9c (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
2    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
3    172.253.122.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f100.1e100.net
google.com
Apex Domain
Subdomains		 Transfer
19 r2.dev
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
162 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
19 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 3
google.com — Cisco Umbrella Rank: 1
572 B
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
753 KB
8 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 458
129 KB
6 teads.tv
p.teads.tv — Cisco Umbrella Rank: 6062
cm.teads.tv — Cisco Umbrella Rank: 6366
fledge.teads.tv — Cisco Umbrella Rank: 8024
t.teads.tv — Cisco Umbrella Rank: 3448
7 KB
6 absa.co.za
ib.absa.co.za Failed
credit.apr.absa.co.za
fpt.absa.co.za
73 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
102 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 262
absa.demdex.net
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
211 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
41 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
82 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2001
317 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1608
490 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
30 KB
94 16
Domain Requested by
19 pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev 1 redirects pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
9 www.google.com pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
www.googletagmanager.com
9 www.googletagmanager.com pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
www.googletagmanager.com
assets.adobedtm.com
8 td.doubleclick.net pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
www.googletagmanager.com
8 googleads.g.doubleclick.net pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
www.googletagmanager.com
8 assets.adobedtm.com pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
assets.adobedtm.com
4 connect.facebook.net pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
connect.facebook.net
3 google.com www.googletagmanager.com
3 px.ads.linkedin.com snap.licdn.com
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2 t.teads.tv p.teads.tv
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2 cm.teads.tv p.teads.tv
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2 www.facebook.com pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2 fpt.absa.co.za assets.adobedtm.com
2 dpm.demdex.net assets.adobedtm.com
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2 credit.apr.absa.co.za pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2 ib.absa.co.za pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2 snap.licdn.com pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
snap.licdn.com
2 cdnjs.cloudflare.com pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
cdnjs.cloudflare.com
1 api.ipify.org ajax.googleapis.com
1 fledge.teads.tv p.teads.tv
1 cm.everesttech.net 1 redirects
1 absa.demdex.net assets.adobedtm.com
1 p.teads.tv assets.adobedtm.com
1 ajax.googleapis.com pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
94 24

This site contains links to these domains. Also see Links.

Domain
www.absa.co.za
Subject Issuer Validity Valid
*.r2.dev
E5		 2024-11-27 -
2025-02-25		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-09 -
2025-08-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-10 -
2024-12-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
credit.apr.absa.co.za
DigiCert SHA2 Secure Server CA		 2024-04-17 -
2025-05-18		 a year crt.sh
ib.absa.co.za
DigiCert SHA2 Secure Server CA		 2024-05-21 -
2025-06-10		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-25 -
2025-10-26		 a year crt.sh
teads.tv
R10		 2024-11-25 -
2025-02-23		 3 months crt.sh
fpt.absa.co.za
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-22 -
2025-06-22		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
ipify.org
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Frame ID: 4FF5BA4B66439CC5B4693E1DB8B7EE9F
Requests: 83 HTTP requests in this frame

Frame: https://absa.demdex.net/dest5.html?d_nsid=0
Frame ID: F101C11E14461419EEA8C6ED4CF7B0DF
Requests: 1 HTTP requests in this frame

Frame: https://fledge.teads.tv/v1/interest-group/tag.html
Frame ID: E455B6EBEE93E873306F3A3FD91ED204
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/9288866678?random=1722633583524&cv=11&fst=1722633583524&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 9CA0CC337465C80034D985D919C7DEF2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/674976093?random=1722633583557&cv=11&fst=1722633583557&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9164813779za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: B3029AABD12AC21075842D4DDC4A92BB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/740619428?random=1722633583638&cv=11&fst=1722633583638&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9170055295za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 8A09F316F69661C946C1E70CDAAA80BC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1016187748?random=1722633583672&cv=11&fst=1722633583672&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874091768za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 3641FD0808D2A0143FA1AD1BBB58EEBD
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/9288866678?random=1733149799012&cv=11&fst=1733149799012&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 72E889952608B4AE7E07C847B3D0590D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/674976093?random=1733149799027&cv=11&fst=1733149799027&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164813779za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 65508C399BFB2E3EB41CA683825BB3AB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/740619428?random=1733149799041&cv=11&fst=1733149799041&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9170055295za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: F5F9F35697603D1293385D176D84BAD7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1016187748?random=1733149799056&cv=11&fst=1733149799056&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v874091768za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: A8F16076E63D7295261D8262D5368411
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Frame ID: 3373BFB1AB66C8A826688E16AB7A8066
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Absa Online Banking

Page URL History Show full URLs

  1. http://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html HTTP 307
    https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html Page URL
  2. https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cdn-cgi/phish-bypass?atok=vlXJVRx0g71zSxaXqYayKTp4iokeODbBF.QZ_7x.Uc4-173314... HTTP 301
    https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

98 %
HTTPS

30 %
IPv6

16
Domains

24
Subdomains

23
IPs

4
Countries

1403 kB
Transfer

3966 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html HTTP 307
    https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html Page URL
  2. https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cdn-cgi/phish-bypass?atok=vlXJVRx0g71zSxaXqYayKTp4iokeODbBF.QZ_7x.Uc4-1733149791-0.0.1.1-%2Fcc.html HTTP 301
    https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html HTTP 307
  • https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Request Chain 40
  • https://cm.everesttech.net/cm/dd?d_uuid=52393407939469184793757926211410736431 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z03EZAAAALEwZgN2

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cc.html
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Redirect Chain
  • http://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
  • https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29236afec8f1d42d2290c0a07e982382519892bee14165b641edd9127ca1341
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

CF-RAY
8ebc02f38b0009de-MIA
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Dec 2024 14:29:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Non-Authoritative-Reason
HSTS
cf.errors.css
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cdn-cgi/styles/cf.errors.css
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

Transfer-Encoding
chunked
Vary
Accept-Encoding
Cache-Control
max-age=7200, public
Content-Encoding
gzip
ETag
W/"6740aa36-5df3"
Connection
keep-alive
X-Content-Type-Options
nosniff
CF-RAY
8ebc02f3eb6a09de-MIA
Expires
Mon, 02 Dec 2024 16:29:51 GMT
Date
Mon, 02 Dec 2024 14:29:51 GMT
Content-Type
text/css
Last-Modified
Fri, 22 Nov 2024 15:58:46 GMT
Server
cloudflare
X-Frame-Options
DENY
icon-exclamation.png
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cdn-cgi/images/ 		452 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cdn-cgi/styles/cf.errors.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cdn-cgi/styles/cf.errors.css

Response headers

Vary
Accept-Encoding
Cache-Control
max-age=7200, public
ETag
"6740aa36-1c4"
Connection
keep-alive
X-Content-Type-Options
nosniff
CF-RAY
8ebc02f42bb209de-MIA
Expires
Mon, 02 Dec 2024 16:29:51 GMT
Accept-Ranges
bytes
Content-Length
452
Date
Mon, 02 Dec 2024 14:29:51 GMT
Content-Type
image/png
Last-Modified
Fri, 22 Nov 2024 15:58:46 GMT
Server
cloudflare
X-Frame-Options
DENY
favicon.ico
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		27 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc02f48c0909de-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:51 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
Primary Request cc.html
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Redirect Chain
  • https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cdn-cgi/phish-bypass?atok=vlXJVRx0g71zSxaXqYayKTp4iokeODbBF.QZ_7x.Uc4-1733149791-0.0.1.1-%2Fcc.html
  • https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
124 KB
125 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1f3ee6d6ac34f4feb3379e3ee7c6d59e66688ef14e98cead61ad78ba87446b9

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
CF-RAY
8ebc030bfac509de-MIA
Connection
keep-alive
Content-Length
127411
Content-Type
text/html
Date
Mon, 02 Dec 2024 14:29:55 GMT
ETag
"805cc7c1069f92defc1e3fee6aa7475e"
Last-Modified
Sat, 30 Nov 2024 10:18:37 GMT
Server
cloudflare
Vary
Accept-Encoding

Redirect headers

CF-RAY
8ebc030b197909de-MIA
Cache-Control
private, no-cache
Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Mon, 02 Dec 2024 14:29:55 GMT
Location
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Server
cloudflare
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
439677
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhvredgKgKWpMuqlU35pUUavXHl8nXEwXyL%2FgC95242HqbAeDwr421VVQ3Jp0Oja4mc6U5g2Fv5CHaRLDzeroehQZIHYCa99diMkxpvvYRgxaCfAULlsnd%2B2bd7VvtKn9%2FhELcIW"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 14:29:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ebc030e2f188db5-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
js
www.googletagmanager.com/gtag/ 		291 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-878225088&l=gtmDataLayer&cx=c
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5b3313eb85d7c98d531562165db6352e2f52d59b5c931260929b40e67de3794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 14:29:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101329
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		293 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1016187748&l=gtmDataLayer&cx=c
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b4031d37fd818f5a7e9de6710ce3ca2a987522bc6291edea82697117ec3b99aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 14:29:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102005
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		286 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-740619428&l=gtmDataLayer&cx=c
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f11a08c55625296d066df11a94fa22092f4480864d61422633f1057de20ec3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 14:29:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100400
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		292 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-674976093&l=gtmDataLayer&cx=c
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c0c829f07848838a5e71e298a983c7193f9df97efaf2baa58a6bf599825804f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 14:29:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102004
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		248 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a23f43d4917705b1a92b09c790a4b4dfdc6f10fecf4c3e60d7e2ba35ea37782f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 14:29:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90860
x-xss-protection
0
server
Google Tag Manager
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
3628be465ec3d28413b23bd425c36d30ab28016eb5f6d2f702ca7f5ae883e93f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
max-age=70346
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
771
date
Mon, 02 Dec 2024 14:29:55 GMT
last-modified
Tue, 26 Nov 2024 13:42:29 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
launch-f1bf6d4c040e.min.js
assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/ 		432 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:887::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
82040f289a7625792ab74fc582cbf4b838883d637b71330aaae3de91c17e96ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"4fcaae35e2e5b1f98a21e3bddb092bb4:1731656549.563079"
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 15:29:55 GMT
accept-ranges
bytes
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length
115628
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/x-javascript
last-modified
Fri, 15 Nov 2024 07:42:29 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
styles.0264db92e0ab603f.css
ib.absa.co.za/xdas/clr/ 		0
0
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement.min.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:887::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
etag
"ade220db70aa3259d42f32d039757920:1689673134.025267"
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 15:29:55 GMT
accept-ranges
bytes
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length
12463
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/x-javascript
last-modified
Tue, 18 Jul 2023 09:38:54 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:887::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
etag
"051ec0e10d7fb5b48a8bf326aa3a7442:1689673134.518239"
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 15:29:55 GMT
accept-ranges
bytes
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length
1597
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/x-javascript
last-modified
Tue, 18 Jul 2023 09:38:54 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
1747847538608265
connect.facebook.net/signals/config/ 		105 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1747847538608265?v=2.9.164&r=stable&domain=ib.absa.co.za&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
6896c9229fd5e0231131e85f4de87c5a272e512a15775d0a0e32beede4cbfc47
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-OVjkqebH' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-OVjkqebH' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=93, rtx=0, c=23, mss=1232, tbw=4448, tp=9, tpl=0, uplat=173, ullat=0
pragma
public
x-fb-debug
G5kGZOarX4IAN5CKekyatMj9I9/G8bDndk9gUVVKGbiZ34IUlzPZovacsmn5W8w5vrex8J0S5ZFbZK6zj0bfOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-WTCYpYBB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-WTCYpYBB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=73, rtx=0, c=39, mss=1232, tbw=28912, tp=32, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
bMgMh/P6qksOMOQbOUEekUDrbE3qplET50URFswBrGphsaSxx/2kqU9YKifvPfBgIYWB8dmmg7euCd+BXILwIQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		234 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8568421&l=gtmDataLayer
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d570bdffff9ed6104f009cbe995a3a9d2e4a9de9f947ae57b0364c997caa1f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 14:29:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
84944
x-xss-protection
0
server
Google Tag Manager
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/9288866678/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/9288866678/?random=1722633583524&cv=11&fst=1722633583524&bg=ffffff&guid=ON&async=1&gtm=45be47v0za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
6ec58afae8d5620bdb1c200a8ef0f06f55db4e9b0db795e639924fa5cee3be0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2398
date
Mon, 02 Dec 2024 14:29:55 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/674976093/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674976093/?random=1722633583557&cv=11&fst=1722633583557&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9164813779za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
30e243974da2a6b8235de97ad0694ae3b9ee0f2c09646cd94a2db116fd560ef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2406
date
Mon, 02 Dec 2024 14:29:55 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/740619428/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740619428/?random=1722633583638&cv=11&fst=1722633583638&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9170055295za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
292493d008cf7961c6469720ca41ddeca967d306b3f41f34f6795ded320262d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2399
date
Mon, 02 Dec 2024 14:29:56 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016187748/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016187748/?random=1722633583672&cv=11&fst=1722633583672&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874091768za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
31bc2b71febd0e9cd3a747ddf27db15978a7093211d0eaba716a73f16590ec16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2406
date
Mon, 02 Dec 2024 14:29:56 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
RCfdd3c4fc28344501990f78d95b26a243-source.min.js
assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCfdd3c4fc28344501990f78d95b26a243-source.min.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:887::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 15:29:56 GMT
accept-ranges
bytes
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length
10
date
Mon, 02 Dec 2024 14:29:56 GMT
server
AkamaiNetStorage
place.js
credit.apr.absa.co.za/422006/ 		72 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://credit.apr.absa.co.za/422006/place.js?r=0.8282007671560956
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.229.42.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-42-230.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash
ec1c8c93df7acb0251371cca59ad424beed3d9178f8b47f24d3725109ceacc5b
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security
max-age=86400
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
pics-label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
x-content-type-options
nosniff
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
date
Mon, 02 Dec 2024 14:29:56 GMT
content-type
application/x-javascript
server
haile
RCbd3f2c964f8540a7b5faf83b0ff5de3d-source.min.js
assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCbd3f2c964f8540a7b5faf83b0ff5de3d-source.min.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:887::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 15:29:56 GMT
accept-ranges
bytes
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length
10
date
Mon, 02 Dec 2024 14:29:56 GMT
server
AkamaiNetStorage
logo-brand-red.svg
ib.absa.co.za/xdas/clr/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.absa.co.za/xdas/clr/assets/images/logo-brand-red.svg
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
169.202.182.156 Krugersdorp, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
Software
/
Resource Hash
27bb94240d233cc8f7382fb36ab34a409f99d0e8ec55bcf24e8965fbfa47dbd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
2716
Date
Mon, 02 Dec 2024 14:29:58 GMT
Content-Type
image/svg+xml
Last-Modified
Fri, 15 Nov 2024 06:35:46 GMT
Connection
keep-alive
runtime.84f79c54ca1b6b29.js
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/runtime.84f79c54ca1b6b29.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc030e0da109de-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:55 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
polyfills.427bfb582aba5263.js
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/polyfills.427bfb582aba5263.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc030ed974a515-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:55 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
vendor.3a186de20bc36275.js
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/vendor.3a186de20bc36275.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc030edbdfb3e9-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:55 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
main.2c60ab46fc18d9bb.js
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/main.2c60ab46fc18d9bb.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc030ee9c57425-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:55 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
gzip
age
358538
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 10:54:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 10:54:17 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30306
x-xss-protection
0
server
sffe
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
41181
date
Mon, 02 Dec 2024 14:29:55 GMT
last-modified
Tue, 26 Nov 2024 13:49:02 GMT
content-type
text/javascript
x-amz-server-side-encryption
AES256
attribution_trigger
px.ads.linkedin.com/ 		2 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1733149795851&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
gzip
x-li-fabric
prod-lva1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
access-control-allow-methods
GET, OPTIONS
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/json
access-control-allow-headers
*
x-li-pop
afd-prod-lva1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-fs-uuid
0006284a61eecf20d7ef5fb4fd418271
x-msedge-ref
Ref A: 913E15B3E295449C9ECB262A7ACE3977 Ref B: MIAEDGE2908 Ref C: 2024-12-02T14:29:55Z
x-restli-protocol-version
1.0.0
x-li-uuid
AAYoSmHuzyDX71+0/UGCcQ==
access-control-allow-origin
*
collect
px.ads.linkedin.com/ 		0
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1733149795851&li_adsId=52abf61c-65fd-47bc-930b-366ae2c60ab8&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1E6470DBF07743BEBCF68DED905FF1E9 Ref B: MIA301000108049 Ref C: 2024-12-02T14:29:56Z
x-li-fabric
prod-lor1
x-li-uuid
AAYoSmHxc5A7LDzPKKJ1BQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/javascript
id
dpm.demdex.net/ 		363 B
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=AA45CC59566062417F000101%40AdobeOrg&d_nsid=0&ts=1733149796053
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.132.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-132-24.compute-1.amazonaws.com
Software
/
Resource Hash
b7b75c21398a0eff8cfca90cb75c7f94c54c90207dec6de9017f504910c8ca87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-va6-2-v068-036b4e458.edge-va6.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
Unz5wACCR2Q=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length
308
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Mon, 02 Dec 2024 14:29:56 GMT
content-type
application/json;charset=utf-8
vary
Origin
teads-fellow.js
p.teads.tv/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.teads.tv/teads-fellow.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
487b5c89f3869c78cc95737ca7f38873fdd764730ecd0c8cb67d925037188480

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

x-amz-id-2
aXRvls6LqdaLgxwutMl4AarOmWAWi6XbMZPWkt1fD+gHulaSq81QL0SY5N5ZZPioHha6g1svQderRxPv2u6Qq2b61ek1otcM
Vary
Accept-Encoding
Cache-Control
max-age=443
Content-Encoding
gzip
ETag
"b16c2631b3b4d5afbfe9589a84da4916"
Connection
keep-alive
x-amz-request-id
WWQ2BK0EF41XE6BW
Accept-Ranges
bytes
Content-Length
5823
Date
Mon, 02 Dec 2024 14:29:56 GMT
Last-Modified
Mon, 28 Oct 2024 09:50:33 GMT
Content-Type
application/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
1747847538608265
connect.facebook.net/signals/config/ 		100 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1747847538608265?v=2.9.176&r=stable&domain=pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
b24a2ff831ee9b26abb5cbdd6482f173610c3792675f01b76f3b494cfd2f4d3e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-cwGjXyDd' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 14:29:56 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-cwGjXyDd' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=69, rtx=0, c=74, mss=1232, tbw=93088, tp=87, tpl=0, uplat=166, ullat=0
pragma
public
x-fb-debug
OYXFtfZrd0yaA8TIWC34Q47MDJL+rUMU6aDlfnnk7loKh69JgBesaQvpizLe8zkT98l3nrOtfpL/mkp0jQRhjQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
px.ads.linkedin.com/wa/ 		0
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9B7A058CF7EA47959E0ECFD4B9488D3E Ref B: MIA301000108049 Ref C: 2024-12-02T14:29:56Z
x-li-fabric
prod-lva1
access-control-allow-credentials
true
x-li-uuid
AAYoSmHxPzVUCOZpCX7rjQ==
x-li-proto
http/2
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
x-cache
CONFIG_NOCACHE
date
Mon, 02 Dec 2024 14:29:55 GMT
vary
Origin
dest5.html
absa.demdex.net/ Frame F101 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://absa.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.219.151.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-151-184.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 02 Dec 2024 14:29:56 GMT
dcs
dcs-prod-va6-2-v068-0331cc037.edge-va6.demdex.com 4 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 22 Nov 2024 13:01:38 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
FBWMAL1/TCc=
id
fpt.absa.co.za/ 		48 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fpt.absa.co.za/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AA45CC59566062417F000101%40AdobeOrg&mid=52019903193882090203792624526475973660&ts=1733149796304
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.248 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-248.data.adobedc.net
Software
jag /
Resource Hash
2093d92b6c9dd72cbd7ad63fb216efab9f5cb55037b57df6348ab142301d39af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
p3p
CP="This is not a P3P policy"
content-length
48
date
Mon, 02 Dec 2024 14:29:56 GMT
x-xss-protection
1; mode=block
content-type
application/x-javascript;charset=utf-8
vary
Origin
server
jag
ibs:dpid=411&dpuuid=Z03EZAAAALEwZgN2
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=52393407939469184793757926211410736431
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z03EZAAAALEwZgN2
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z03EZAAAALEwZgN2
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Server
52.202.132.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-132-24.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-va6-1-v068-083860b43.edge-va6.demdex.com 3 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
O4sJ/FdJTRY=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Mon, 02 Dec 2024 14:29:56 GMT
content-type
image/gif

Redirect headers

Cache-Control
no-cache
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z03EZAAAALEwZgN2
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length
0
Date
Mon, 02 Dec 2024 14:29:56 GMT
Connection
keep-alive
Server
AMO-cookiemap/1.1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1747847538608265&ev=PageView&dl=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&rl=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&if=false&ts=1733149796360&sw=1600&sh=1200&v=2.9.176&r=stable&a=adobe_launch&ec=0&o=4124&fbp=fb.2.1733149796356.55471670669576348&cs_est=true&pm=1&hrl=bb2c45&cdl=API_unavailable&it=1733149796102&coo=false&cs_cc=1&cas=25658337873757662%2C7556021131121552%2C7378196685596330%2C7635904949805536%2C7799291493437949%2C7268077473299422%2C7323205557745013%2C5023400964358767%2C5668477419948073%2C8188246017880637%2C25060950620217803%2C7315340285209675%2C7935518496489982%2C5508182192566139%2C1629236803854851&rqm=GET
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=23, mss=1232, tbw=4497, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 02 Dec 2024 14:29:56 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1747847538608265&ev=PageView&dl=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&rl=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&if=false&ts=1733149796360&sw=1600&sh=1200&v=2.9.176&r=stable&a=adobe_launch&ec=0&o=4124&fbp=fb.2.1733149796356.55471670669576348&cs_est=true&pm=1&hrl=bb2c45&cdl=API_unavailable&it=1733149796102&coo=false&cs_cc=1&cas=25658337873757662%2C7556021131121552%2C7378196685596330%2C7635904949805536%2C7799291493437949%2C7268077473299422%2C7323205557745013%2C5023400964358767%2C5668477419948073%2C8188246017880637%2C25060950620217803%2C7315340285209675%2C7935518496489982%2C5508182192566139%2C1629236803854851&rqm=FGET
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443821694377776094"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 14:29:56 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
QMCkomqjhEIaHS7H4TMoJI1SqIjWfVQJ/nO2b8JTCA2k1DTdzhGi8wzW8GUYV3q9iaFxtg2OHNvECCc16BEwgw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443821694377776094", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=23, mss=1232, tbw=4865, tp=13, tpl=0, uplat=135, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
advertiser
cm.teads.tv/v2/ 		166 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&buyer_pixel_id=12308
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bf9d1fcb1cfa466e4b0f02b4f47a9e5d610283e89e6ab122fa9e2b08ffa85475

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Observe-Browsing-Topics
?1
Expires
Mon, 02 Dec 2024 14:29:56 GMT
Access-Control-Allow-Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Content-Length
166
Date
Mon, 02 Dec 2024 14:29:56 GMT
Content-Type
application/json; charset=utf-8
tag.html
fledge.teads.tv/v1/interest-group/ Frame E455 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fledge.teads.tv/v1/interest-group/tag.html
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Ad-Auction-Allowed
true
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
568
Content-Type
text/html; charset=utf-8
Date
Mon, 02 Dec 2024 14:29:57 GMT
Expires
Mon, 02 Dec 2024 14:29:57 GMT
Pragma
no-cache
track
t.teads.tv/ 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.teads.tv/track?action=browser-topics&env=js-web&tag_version=6.21.0_ad40570&provider=tag&buyer_pixel_id=12308&referer=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&user_session_id=def0037d-ffa5-4622-b5fb-3f7caf88ea9c
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.57.156 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-57-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length
23
date
Mon, 02 Dec 2024 14:29:57 GMT
content-type
image/gif
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.21.0_ad40570&provider=tag&buyer_pixel_id=12308&referer=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&user_session_id=def0037d-ffa5-4622-b5fb-3f7caf88ea9c
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.57.156 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-57-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Mon, 02 Dec 2024 14:29:57 GMT
content-type
image/gif
conversion
cm.teads.tv/v3/ 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.teads.tv/v3/conversion?action=pageView&env=js-web&tag_version=6.21.0_ad40570&provider=tag&buyer_pixel_id=12308&referer=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&user_session_id=def0037d-ffa5-4622-b5fb-3f7caf88ea9c
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.197.151 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-197-151.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Observe-Browsing-Topics
?1
Expires
Mon, 02 Dec 2024 14:29:56 GMT
Content-Length
0
Attribution-Reporting-Register-Trigger
{"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1733149796","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date
Mon, 02 Dec 2024 14:29:56 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 		34 KB
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement.min.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:887::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
etag
"ade220db70aa3259d42f32d039757920:1689673134.025267"
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 15:29:58 GMT
accept-ranges
bytes
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length
12463
date
Mon, 02 Dec 2024 14:29:58 GMT
last-modified
Tue, 18 Jul 2023 09:38:54 GMT
content-type
application/x-javascript
server
AkamaiNetStorage
vary
Accept-Encoding
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 		3 KB
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:887::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
etag
"051ec0e10d7fb5b48a8bf326aa3a7442:1689673134.518239"
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 15:29:58 GMT
accept-ranges
bytes
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length
1597
date
Mon, 02 Dec 2024 14:29:58 GMT
last-modified
Tue, 18 Jul 2023 09:38:54 GMT
content-type
application/x-javascript
server
AkamaiNetStorage
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		239 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-WTCYpYBB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 14:29:55 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-WTCYpYBB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=73, rtx=0, c=39, mss=1232, tbw=28912, tp=32, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
bMgMh/P6qksOMOQbOUEekUDrbE3qplET50URFswBrGphsaSxx/2kqU9YKifvPfBgIYWB8dmmg7euCd+BXILwIQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
logo-brand-red.svg
ib.absa.co.za/xdas/clr/assets/images/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.absa.co.za/xdas/clr/assets/images/logo-brand-red.svg
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
169.202.182.156 Krugersdorp, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
Software
/
Resource Hash
27bb94240d233cc8f7382fb36ab34a409f99d0e8ec55bcf24e8965fbfa47dbd8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

Accept-Ranges
bytes
Content-Length
2716
Date
Mon, 02 Dec 2024 14:29:58 GMT
Content-Type
image/svg+xml
Last-Modified
Fri, 15 Nov 2024 06:35:46 GMT
source-sans-pro-v10-latin-600.7818c5433f6bc777.woff2
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.7818c5433f6bc777.woff2
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc03224d035c7d-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:58 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03e5f-12d68"
age
1914610
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmfFC8ijYCWMEW8iCsLHUiQUqySPCsWjil0DamCDV0BO5UtlGub5sc3CA05VbBKfqXQigwxlN6qv1Brm0KjAiuv599kc4zXhexuerQroMhxW3qvl8P589LToDwuB7SFni%2BuvpUXL"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 14:29:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 02 Dec 2024 14:29:58 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ebc03224a035c71-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
source-sans-pro-v10-latin-regular.c30c139557e59b1d.woff2
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.c30c139557e59b1d.woff2
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc0322dbc409e2-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:59 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
source-sans-pro-v10-latin-700.9e5e10e9276a4106.woff2
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.9e5e10e9276a4106.woff2
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc0322e96a226f-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:59 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
/
www.google.com/pagead/1p-user-list/9288866678/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/9288866678/?random=1722633583524&cv=11&fst=1722632400000&bg=ffffff&guid=ON&async=1&gtm=45be47v0za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dMDefpAtWQa19geyODZrAPOs1BjTmQw&random=3726947804&rmt_tld=0&ipr=y
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 14:29:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/674976093/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/674976093/?random=1722633583557&cv=11&fst=1722632400000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9164813779za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dScnboEyCZONuybrBdHauaFJRictVjw&random=3188622331&rmt_tld=0&ipr=y
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 14:29:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/740619428/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/740619428/?random=1722633583638&cv=11&fst=1722632400000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9170055295za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7diPKSRpwNpvNoWBGO__C0oVpoOlLAKw&random=69773327&rmt_tld=0&ipr=y
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 14:29:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/1016187748/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1016187748/?random=1722633583672&cv=11&fst=1722632400000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874091768za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7daiElSH6biYLlY2PA_okbECZeq91-2w&random=871942171&rmt_tld=0&ipr=y
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 14:29:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
place.js
credit.apr.absa.co.za/422006/ 		72 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://credit.apr.absa.co.za/422006/place.js?r=0.07463664413995419
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.229.42.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-42-230.eu-west-1.compute.amazonaws.com
Software
haile /
Resource Hash
76c04200e060cd3942ab1ea09d0e31a58cfb8f115eba5febd69dbd9af492c2cf
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security
max-age=86400
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
pics-label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
x-content-type-options
nosniff
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
date
Mon, 02 Dec 2024 14:29:58 GMT
content-type
application/x-javascript
server
haile
9288866678
td.doubleclick.net/td/rul/ Frame 9CA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/9288866678?random=1722633583524&cv=11&fst=1722633583524&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 14:29:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
674976093
td.doubleclick.net/td/rul/ Frame B302 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/674976093?random=1722633583557&cv=11&fst=1722633583557&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9164813779za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 14:29:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
740619428
td.doubleclick.net/td/rul/ Frame 8A09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/740619428?random=1722633583638&cv=11&fst=1722633583638&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9170055295za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 14:29:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1016187748
td.doubleclick.net/td/rul/ Frame 3641 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/1016187748?random=1722633583672&cv=11&fst=1722633583672&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874091768za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 14:29:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
api.ipify.org/ 		22 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf478ab4df77496812b6dd021d1876f67752079b46811d47bc3673e2998c4e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ebc0323abc1749a-MIA
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=47038&min_rtt=41739&rtt_var=11812&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4045&recv_bytes=2336&delivery_rate=90790&cwnd=251&unsent_bytes=0&cid=b40770a932984b66&ts=117&x=0"
content-length
22
date
Mon, 02 Dec 2024 14:29:59 GMT
content-type
application/json
vary
Origin
server
cloudflare
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&dl=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&scrsrc=www.googletagmanager.com&frm=0&rnd=125415383.1733149799&auid=1696694751.1733149799&npa=0&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733149798928&tfd=3886&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers
js
www.googletagmanager.com/gtag/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-417280903&l=gtmDataLayer&cx=c&gtm=45be4bk0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
adf8177057d61a294e2f8ee0b2bea398bb345de5f140b9ac1275be3038858063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 14:29:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93822
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-417280903&l=gtmDataLayer
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
5383370830738c8b093251d944edc49c3c8f032839d005cf8e506b3a28e32306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 14:29:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93779
x-xss-protection
0
server
Google Tag Manager
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/9288866678/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/9288866678/?random=1733149799012&cv=11&fst=1733149799012&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
6f91e78beb3dcef4fae483364d2fecf074c8f41b417e77290b8559b2c12e3df5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2357
date
Mon, 02 Dec 2024 14:29:59 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
9288866678
td.doubleclick.net/td/rul/ Frame 72E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/9288866678?random=1733149799012&cv=11&fst=1733149799012&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 14:29:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
674976093
google.com/ccm/form-data/ 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://google.com/ccm/form-data/674976093?gtm=45be4bk0pfv9164813779za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=0&frm=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-674976093&l=gtmDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:59 GMT
content-type
text/plain
server
Golfe2
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/674976093/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674976093/?random=1733149799027&cv=11&fst=1733149799027&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164813779za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-674976093&l=gtmDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
37968e9c05f41c3896ba00cf4194006c6cea2206799a95667c913c63ff382f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2366
date
Mon, 02 Dec 2024 14:29:59 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
674976093
td.doubleclick.net/td/rul/ Frame 6550 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/674976093?random=1733149799027&cv=11&fst=1733149799027&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164813779za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-674976093&l=gtmDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 14:29:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
740619428
google.com/ccm/form-data/ 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://google.com/ccm/form-data/740619428?gtm=45be4bk0pfv9170055295za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=0&frm=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-740619428&l=gtmDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:59 GMT
content-type
text/plain
server
Golfe2
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/740619428/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740619428/?random=1733149799041&cv=11&fst=1733149799041&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9170055295za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-740619428&l=gtmDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
904c09f93a6e80ffcc46f1b9148744430d04ccdc938923097c33abf88b6b6d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2364
date
Mon, 02 Dec 2024 14:29:59 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
740619428
td.doubleclick.net/td/rul/ Frame F5F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/740619428?random=1733149799041&cv=11&fst=1733149799041&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9170055295za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-740619428&l=gtmDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 14:29:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1016187748
google.com/ccm/form-data/ 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://google.com/ccm/form-data/1016187748?gtm=45be4bk0pfv874091768za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=0&frm=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1016187748&l=gtmDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 14:29:59 GMT
content-type
text/plain
server
Golfe2
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016187748/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016187748/?random=1733149799056&cv=11&fst=1733149799056&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v874091768za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1016187748&l=gtmDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
85f10a077320e00cadde425d51ac84afcb086a7b64ebfe77074475051fdb2e29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2368
date
Mon, 02 Dec 2024 14:29:59 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
1016187748
td.doubleclick.net/td/rul/ Frame A8F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/1016187748?random=1733149799056&cv=11&fst=1733149799056&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v874091768za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1016187748&l=gtmDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 14:29:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
source-sans-pro-v10-latin-600.53f34e82fd9a5e0d.woff
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.53f34e82fd9a5e0d.woff
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc03245fd85c7d-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:59 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 3373 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 14:29:59 GMT
expires
Tue, 02 Dec 2025 14:29:59 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
source-sans-pro-v10-latin-700.886452199d7cc99d.woff
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.886452199d7cc99d.woff
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc03248e3109e2-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:59 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
source-sans-pro-v10-latin-regular.23e04aa202c158a2.woff
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.23e04aa202c158a2.woff
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc03248b93226f-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:59 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
/
www.google.com/pagead/1p-user-list/9288866678/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/9288866678/?random=1733149799012&cv=11&fst=1733148000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dMj1FPqcfYXWefMt4rwrbz0YekyYhtcePCbrp_BtwEWyQ494E&random=1299277861&rmt_tld=0&ipr=y
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 14:29:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/674976093/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/674976093/?random=1733149799027&cv=11&fst=1733148000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164813779za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dsUNAL6y2K5mOV4V8LlmwG34UYlYHN_mor38x-r7-lTqYoIFY&random=1195177952&rmt_tld=0&ipr=y
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 14:29:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/740619428/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/740619428/?random=1733149799041&cv=11&fst=1733148000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9170055295za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dEJQjzPTMbnNIO80Qv5bnhEYAeSqMUaXm18p66n3R3rTePI92&random=729309112&rmt_tld=0&ipr=y
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 14:29:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/1016187748/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1016187748/?random=1733149799056&cv=11&fst=1733148000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v874091768za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&ref=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1696694751.1733149799&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dEEyuKLesDzKbuop3RRHqOpxQwwDeZ_qpYWGyh9X24hw8pqDt&random=1727453358&rmt_tld=0&ipr=y
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 14:29:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
source-sans-pro-v10-latin-600.f6d38edfda109439.ttf
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.f6d38edfda109439.ttf
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc0325f88109e2-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:59 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
source-sans-pro-v10-latin-regular.9c0acacc1d455e33.ttf
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.9c0acacc1d455e33.ttf
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc0325fdb7226f-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:59 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
source-sans-pro-v10-latin-700.d7d623eddfa851bc.ttf
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.d7d623eddfa851bc.ttf
Requested by
Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY
8ebc0325fa7c5c7d-MIA
Content-Length
27150
Date
Mon, 02 Dec 2024 14:29:59 GMT
Content-Type
text/html
Vary
Accept-Encoding
Connection
keep-alive
Server
cloudflare
RC738e4c10e63f4cea8820e8092df34a01-source.min.js
assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/27a974c6543e/ 		714 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/27a974c6543e/RC738e4c10e63f4cea8820e8092df34a01-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:887::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8a3b451b668ed3ef92eefba1902cfc367d17ea225c8f5eed817903ae42fec641
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"4e7ff1a9dc55dfdefe2fd7819e3a5830:1731656551.130433"
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 15:29:59 GMT
accept-ranges
bytes
access-control-allow-origin
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length
403
date
Mon, 02 Dec 2024 14:29:59 GMT
content-type
application/x-javascript
last-modified
Fri, 15 Nov 2024 07:42:31 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
s67356681686632
fpt.absa.co.za/b/ss/absabank-phoenix-prod/1/JS-2.24.0-LEWM/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fpt.absa.co.za/b/ss/absabank-phoenix-prod/1/JS-2.24.0-LEWM/s67356681686632?AQB=1&ndh=1&pf=1&t=2%2F11%2F2024%204%3A29%3A59%201%20600&mid=52019903193882090203792624526475973660&aamlh=7&ce=UTF-8&ns=absabank&cdp=3&pageName=absa%20coza%20%7C%20cc.html&g=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&r=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&cc=ZAR&server=pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&events=event1%2Cevent5&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=absa%20coza%20%7C%20cc.html&v3=D%3Dc5&v4=D%3Dc6&c5=application&v5=D%3Dc7&v11=44&c12=zero&v12=D%3Dc19&c13=Entry&v13=New&v14=52019903193882090203792624526475973660&v17=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&c18=44&c19=4%3A29%20PM%7CMonday&v19=guest&c20=New&c21=D%3Dv14&v21=english&v31=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AA45CC59566062417F000101%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.39.248 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-39-248.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, max-age=0, no-transform, private
pragma
no-cache
etag
3721910854350766080-4618274655563195405
x-content-type-options
nosniff
expires
Sun, 01 Dec 2024 14:29:59 GMT
access-control-allow-origin
*
p3p
CP="This is not a P3P policy"
content-length
43
date
Mon, 02 Dec 2024 14:29:59 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 03 Dec 2024 14:29:59 GMT
vary
*
server
jag
content-type
image/gif;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ib.absa.co.za
URL
https://ib.absa.co.za/xdas/clr/styles.0264db92e0ab603f.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| environmentDetails string| deviceCheck object| dataLayer function| lintrk boolean| _already_called_lintrk object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| customCuePoint object| triggerCuePoint function| triggerStart function| triggerEnded function| trackRocketFuelConversion function| mboxCreate function| mboxDefine function| mboxUpdate string| _linkedin_data_partner_id function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_ActivityMap object| s object| google_tag_manager object| google_tag_data object| gtmDataLayer object| ORIBILI object| teads_e number| teads_buyer_pixel_id function| _CustomAssetAnalytics object| config object| customAssetAnalytics function| s_getLoadTime boolean| first_party_cookie_allowed boolean| teads_tracking_allowed string| advertiser_domain string| teads_session_id object| teads_tracking_events_sent object| ___sc422006 object| ___so422006 function| isimo string| PSESSIONID string| SSESSIONID string| LSESSIONID function| $ function| jQuery number| __gt function| gtag object| GooglebQhCsO function| onYouTubeIframeAPIReady number| s_loadT string| docLocationPath object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt object| s_i_absabank-phoenix-prod

18 Cookies

Domain/Path Name / Value
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: __cf_mw_byp
Value: vlXJVRx0g71zSxaXqYayKTp4iokeODbBF.QZ_7x.Uc4-1733149791-0.0.1.1-/cc.html
.linkedin.com/ Name: bcookie
Value: "v=2&25ed77f3-1ea2-4f7a-8edb-6614a65f9bd2"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3462:u=1:x=1:i=1733149796:t=1733236196:v=2:sig=AQEQIBu1FxCKj48vYKF-0H9KKaGXad7b"
.demdex.net/ Name: demdex
Value: 52393407939469184793757926211410736431
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: AMCVS_AA45CC59566062417F000101%40AdobeOrg
Value: 1
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: _fbp
Value: fb.2.1733149796356.55471670669576348
.dpm.demdex.net/ Name: dpm
Value: 52393407939469184793757926211410736431
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: tfpsi
Value: def0037d-ffa5-4622-b5fb-3f7caf88ea9c
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: AMCV_AA45CC59566062417F000101%40AdobeOrg
Value: 179643557%7CMCIDTS%7C20060%7CMCMID%7C52019903193882090203792624526475973660%7CMCAAMLH-1733754596%7C7%7CMCAAMB-1733754596%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1733156996s%7CNONE%7CMCSYNCSOP%7C411-20067%7CMCAID%7CNONE%7CvVersion%7C5.5.0
cm.teads.tv/ Name: ar_debug
Value: 1
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: LSESSIONID
Value: eyJpIjoiWjNkWkRNa1pKRHJRcWZXTHY1eTBLUT09IiwiZSI6InQ2cjR6bWh0STJTeStlY3BMSGQxR0UrNDV2SUcwQlVKa3hMbGh6cGxuV3o2cnduWFA2RjBWRktCUFlMeThJSktsQm5FdWwwSzFoMWM0a2FSRWRpbXBkXC9Wakl0UlgzejRQR2M2THZ1UnBZOUgrNjVYYlJ6OUVSbE9UYng4SHFpbWtFODJQTjdjMEM2YzQrcGZ3ZzJrcHc9PSJ9.3a7545fe65737e97.N2ZmYzNhZTkyYmQzZjNkZjVjZmVjYjJkNDA1NWMyOTQ5YTBkZDFiNWFhZTZjMDk3NjU3M2ZhY2UwYmE2YjQ5ZA%3D%3D
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: _gcl_au
Value: 1.1.1696694751.1733149799
.doubleclick.net/ Name: IDE
Value: AHWqTUla4I9hDUfzCJPNWiXzMU6TWcVUtqf3LfSqLyLoFelgbmC5hx3Ed22vJX27
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: gpv_pn
Value: cc.html
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: s_ppvl
Value: %5B%5BB%5D%5D
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: s_ppv
Value: cc.html%2C99%2C99%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: s_nr
Value: 1733149799733-New
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ Name: s_cc
Value: true

20 Console Messages

Source Level URL
Text
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/runtime.84f79c54ca1b6b29.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/polyfills.427bfb582aba5263.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/vendor.3a186de20bc36275.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/main.2c60ab46fc18d9bb.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
rendering warning URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html(Line 56)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A080D100B43E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCbd3f2c964f8540a7b5faf83b0ff5de3d-source.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCfdd3c4fc28344501990f78d95b26a243-source.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Message:
Refused to execute script from 'https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCfdd3c4fc28344501990f78d95b26a243-source.min.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Message:
Refused to execute script from 'https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCbd3f2c964f8540a7b5faf83b0ff5de3d-source.min.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.7818c5433f6bc777.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.9e5e10e9276a4106.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.c30c139557e59b1d.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.53f34e82fd9a5e0d.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.23e04aa202c158a2.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.886452199d7cc99d.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.9c0acacc1d455e33.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.d7d623eddfa851bc.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.f6d38edfda109439.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

absa.demdex.net
ajax.googleapis.com
api.ipify.org
assets.adobedtm.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.teads.tv
connect.facebook.net
credit.apr.absa.co.za
dpm.demdex.net
fledge.teads.tv
fpt.absa.co.za
google.com
googleads.g.doubleclick.net
ib.absa.co.za
p.teads.tv
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
px.ads.linkedin.com
snap.licdn.com
t.teads.tv
td.doubleclick.net
www.facebook.com
www.google.com
www.googletagmanager.com
ib.absa.co.za
104.17.24.14
142.250.31.156
157.240.229.35
169.202.182.156
172.253.122.100
172.253.122.104
172.253.63.97
172.67.74.152
23.209.57.156
23.222.197.151
2600:1408:c400:5::17c7:3719
2600:1408:ec00:887::1e80
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c19::61
2620:1ec:21::14
2a06:98c1:58::eb
3.219.151.184
3.81.197.94
31.13.66.19
52.202.132.24
54.229.42.230
63.140.39.248
2093d92b6c9dd72cbd7ad63fb216efab9f5cb55037b57df6348ab142301d39af
27bb94240d233cc8f7382fb36ab34a409f99d0e8ec55bcf24e8965fbfa47dbd8
292493d008cf7961c6469720ca41ddeca967d306b3f41f34f6795ded320262d4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48
30e243974da2a6b8235de97ad0694ae3b9ee0f2c09646cd94a2db116fd560ef2
31bc2b71febd0e9cd3a747ddf27db15978a7093211d0eaba716a73f16590ec16
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3628be465ec3d28413b23bd425c36d30ab28016eb5f6d2f702ca7f5ae883e93f
37968e9c05f41c3896ba00cf4194006c6cea2206799a95667c913c63ff382f9a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
487b5c89f3869c78cc95737ca7f38873fdd764730ecd0c8cb67d925037188480
4c0c829f07848838a5e71e298a983c7193f9df97efaf2baa58a6bf599825804f
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5383370830738c8b093251d944edc49c3c8f032839d005cf8e506b3a28e32306
6896c9229fd5e0231131e85f4de87c5a272e512a15775d0a0e32beede4cbfc47
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39
6ec58afae8d5620bdb1c200a8ef0f06f55db4e9b0db795e639924fa5cee3be0e
6f91e78beb3dcef4fae483364d2fecf074c8f41b417e77290b8559b2c12e3df5
76c04200e060cd3942ab1ea09d0e31a58cfb8f115eba5febd69dbd9af492c2cf
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82040f289a7625792ab74fc582cbf4b838883d637b71330aaae3de91c17e96ce
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
85f10a077320e00cadde425d51ac84afcb086a7b64ebfe77074475051fdb2e29
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a3b451b668ed3ef92eefba1902cfc367d17ea225c8f5eed817903ae42fec641
904c09f93a6e80ffcc46f1b9148744430d04ccdc938923097c33abf88b6b6d46
9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a1f3ee6d6ac34f4feb3379e3ee7c6d59e66688ef14e98cead61ad78ba87446b9
a23f43d4917705b1a92b09c790a4b4dfdc6f10fecf4c3e60d7e2ba35ea37782f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adf8177057d61a294e2f8ee0b2bea398bb345de5f140b9ac1275be3038858063
b24a2ff831ee9b26abb5cbdd6482f173610c3792675f01b76f3b494cfd2f4d3e
b4031d37fd818f5a7e9de6710ce3ca2a987522bc6291edea82697117ec3b99aa
b7b75c21398a0eff8cfca90cb75c7f94c54c90207dec6de9017f504910c8ca87
bf9d1fcb1cfa466e4b0f02b4f47a9e5d610283e89e6ab122fa9e2b08ffa85475
caf478ab4df77496812b6dd021d1876f67752079b46811d47bc3673e2998c4e6
d570bdffff9ed6104f009cbe995a3a9d2e4a9de9f947ae57b0364c997caa1f48
d5b3313eb85d7c98d531562165db6352e2f52d59b5c931260929b40e67de3794
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
ec1c8c93df7acb0251371cca59ad424beed3d9178f8b47f24d3725109ceacc5b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11a08c55625296d066df11a94fa22092f4480864d61422633f1057de20ec3c6
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f29236afec8f1d42d2290c0a07e982382519892bee14165b641edd9127ca1341