Submitted URL: http://zipperthatdoll.com/
Effective URL: https://www.fbdemo.com/
Submission Tags: @phish_report
Submission: On November 26 via api from FI — Scanned from AU

Summary

This website contacted 11 IPs in 2 countries across 13 domains to perform 31 HTTP transactions. The main IP is 172.67.198.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fbdemo.com.
TLS certificate: Issued by WE1 on November 24th 2024. Valid for: 3 months.
This is the only time www.fbdemo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.212.247 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 172.67.157.119 13335 (CLOUDFLAR...)
8 172.67.198.209 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
2 172.67.222.13 13335 (CLOUDFLAR...)
3 2400:52e0:1::1 200325 (BunnyCDN ...)
2 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
2 157.240.8.23 32934 (FACEBOOK)
1 142.250.199.99 15169 (GOOGLE)
2 157.240.8.35 32934 (FACEBOOK)
4 216.239.34.178 15169 (GOOGLE)
31 11
Apex Domain
Subdomains
Transfer
8 fbdemo.com
www.fbdemo.com
961 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
23 KB
3 b-cdn.net
lennelucrecia01.b-cdn.net
12 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
212 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
192 KB
2 lennelucrecia.com
www.lennelucrecia.com
371 KB
1 gstatic.com
fonts.gstatic.com
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 beautepoints.com
beautepoints.com
659 B
1 grupdaunemas.com
grupdaunemas.com
831 B
1 daunemas.support
daunemas.support
790 B
1 zipperthatdoll.com
zipperthatdoll.com
638 B
31 13
Domain Requested by
8 www.fbdemo.com www.fbdemo.com
7 www.google-analytics.com www.fbdemo.com
www.google-analytics.com
www.googletagmanager.com
3 lennelucrecia01.b-cdn.net www.fbdemo.com
lennelucrecia01.b-cdn.net
2 www.facebook.com www.fbdemo.com
2 connect.facebook.net www.fbdemo.com
connect.facebook.net
2 www.googletagmanager.com www.fbdemo.com
www.google-analytics.com
2 www.lennelucrecia.com www.fbdemo.com
www.lennelucrecia.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.fbdemo.com
1 beautepoints.com 1 redirects
1 grupdaunemas.com 1 redirects
1 daunemas.support 1 redirects
1 zipperthatdoll.com 1 redirects
31 13

This site contains links to these domains. Also see Links.

Domain
cutt.ly
www.lennelucrecia.com
www.82cart.com
Subject Issuer Validity Valid
fbdemo.com
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
lennelucrecia.com
WE1
2024-10-11 -
2025-01-09
3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA
2024-11-05 -
2025-11-11
a year crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-04 -
2024-12-03
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.fbdemo.com/
Frame ID: EC1B9A8B3E6D1D175AAC5CF5CDE0EA76
Requests: 31 HTTP requests in this frame

Screenshot

Page Title

Daunemas Link Alternatif | Login Daunemas Slot | Daftar Situs Daunemas

Page URL History Show full URLs

  1. http://zipperthatdoll.com/ HTTP 307
    https://zipperthatdoll.com/ HTTP 301
    https://daunemas.support/ HTTP 301
    https://grupdaunemas.com/ HTTP 301
    https://beautepoints.com/ HTTP 301
    https://www.fbdemo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

31
Requests

90 %
HTTPS

43 %
IPv6

13
Domains

13
Subdomains

11
IPs

2
Countries

1675 kB
Transfer

3776 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zipperthatdoll.com/ HTTP 307
    https://zipperthatdoll.com/ HTTP 301
    https://daunemas.support/ HTTP 301
    https://grupdaunemas.com/ HTTP 301
    https://beautepoints.com/ HTTP 301
    https://www.fbdemo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.fbdemo.com/
Redirect Chain
  • http://zipperthatdoll.com/
  • https://zipperthatdoll.com/
  • https://daunemas.support/
  • https://grupdaunemas.com/
  • https://beautepoints.com/
  • https://www.fbdemo.com/
99 KB
17 KB
Document
General
Full URL
https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b10ddcbdcfe683f6fc9782c200341b5cdd1c1e53d5d1a55102ad297ab85158c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e86257f3b6179d1-SYD
content-encoding
zstd
content-type
text/html
date
Tue, 26 Nov 2024 01:36:15 GMT
last-modified
Fri, 27 Sep 2024 08:02:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bD3Mz%2BvXF1FeZO0efbFRsUycer1gL0cNMVUamNX7DT%2FAvAq9ZzecORYZ1Y4yGNNeX5yi%2F7fKhTwFW06ei251nuE2JPV%2BIijWwD75Yr7m4ihUNLj0Jrkrb8RTND0ovQmmuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=23250&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4134&recv_bytes=4511&delivery_rate=573&cwnd=12000&unsent_bytes=0&cid=b69edc3e6393ac7a&ts=694&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e86257a9da25d1c-SYD
content-type
text/html; charset=iso-8859-1
date
Tue, 26 Nov 2024 01:36:14 GMT
location
https://www.fbdemo.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FBm%2FnyeVXgfD91vRDohiDnFHyJHd3uYcF3lMWiGR17btPDIoN1%2FphqqlIsv7mL4H6IBpnAj6AAFwVctOy2Tqk9rMYlXlZYTMvCRH%2BELad0IbPBSJxiYWcnmuH2kfudjqKfxT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=23613&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4167&recv_bytes=4509&delivery_rate=553&cwnd=12000&unsent_bytes=0&cid=da37667c7d887f12&ts=357&x=1" cfExtPri cfHdrFlush;dur=0
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito|Nunito:700|Alegreya:regular|Archivo+Black:regular|Amaranth:regular|Vollkorn:regular|Carrois+Gothic+SC:regular|Bubblegum+Sans:regular|Allerta+Stencil:regular
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
144e2b01924648e84606faa00f347c2c3f28f5b10aa25306deaa7d410dad3498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, max-age=86400
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 01:36:16 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 01:36:16 GMT
x-xss-protection
0
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
theme-44da91514.css
www.lennelucrecia.com/themes/82cart_cloud_store_child/assets/cache/
693 KB
125 KB
Stylesheet
General
Full URL
https://www.lennelucrecia.com/themes/82cart_cloud_store_child/assets/cache/theme-44da91514.css
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a442fe374499e985bc70821de2da84ceadf5b5374749c7dc5a3850f72ee23729

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"662c6cbf-ad55c"
age
54570
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLNSWODwmFKKUPez6LDC%2FzXKdHm0cqROrz9gjFRcD712ykVZsRlv%2F0YDJ9EOBum7B77vuvQ7NVJwWDupgn5RTBB9P%2Ft10qLV8r1shJGx%2B84K9nrWsGKiUyB803NQZz2J2fjb%2Fova%2FXo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23378&sent=22&recv=9&lost=0&retrans=0&sent_bytes=15616&recv_bytes=4741&delivery_rate=119588&cwnd=12000&unsent_bytes=0&cid=863e386c946d70bc&ts=126&x=1", cfExtPri, cfHdrFlush;dur=20
date
Tue, 26 Nov 2024 01:36:16 GMT
content-type
text/css
last-modified
Sat, 27 Apr 2024 03:10:55 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e862585ae2ed5d7-SYD
server
cloudflare
customer-s1.css
lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/
33 KB
8 KB
Stylesheet
General
Full URL
https://lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/customer-s1.css?4180
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1::1 , Australia, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-MEL1-1140 /
Resource Hash
401593f82ab4dc9ff61d5dcec3f5a3d2f4365da206121a18dce161ff5e631b3e

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
cf-cache-status
HIT
etag
W/"64456f9f-82f0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCgGUY1pJrsHco4zuE18hX4fnDFeX11EevEofYQufDGNSLA2uW%2Fh3yoGCrBox9JeiS9VBaZ5k0J7Fp0Ptjn%2FI7BJ8F5lByfq96ZfhfoDrzVRnA4JidmSL%2BVcDYC%2B%2Fy8ApNReka2lFl4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"
server-timing
cfL4;desc="?proto=TCP&rtt=11677&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3127&recv_bytes=1424&delivery_rate=370111&cwnd=252&unsent_bytes=0&cid=3055483fc4bc6815&ts=149&x=0"
date
Tue, 26 Nov 2024 01:36:16 GMT
last-modified
Sun, 23 Apr 2023 17:49:19 GMT
content-type
text/css
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/25/2024 10:26:46
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestpullsuccess
True
cdn-uid
841997ea-5385-4018-a16e-be0b247587d6
cdn-requestid
d90d498d63d39fea2af648fb60c2156e
cdn-pullzone
483037
cdn-proxyver
1.06
cf-ray
8e80f13f0b087e3d-SYD
cdn-requesttime
0
access-control-allow-origin
*
cdn-edgestorageid
1140
server
BunnyCDN-MEL1-1140
cdn-requestcountrycode
AU
js
www.googletagmanager.com/gtag/
266 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-61V6FKMWZ5
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6334dacae5766d09a31bb8bc28756070e3584437b9c27f2eed0c4276ea17134a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 01:36:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 01:36:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96090
x-xss-protection
0
server
Google Tag Manager
logo_daunemas.png
www.fbdemo.com/img/
574 KB
575 KB
Image
General
Full URL
https://www.fbdemo.com/img/logo_daunemas.png
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20a702d7dd78ce5ae83e7e4f61538fed69b05aa8c7c6b08270c960c4046fc2a3

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"8f73c-6231531a38aee"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qr6bWKDYpLPjRPYwn6D9FRj%2BZK9wru11EFbY5v9GDN%2F7fQCoboGneh%2BQ%2FmuKrMvBnxo8p9eG94TEq0oQFwxJ8qHwaL%2FZMBTZnOywi%2F65J%2FCxX4IlkYap00BFxGNdzAldHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8625877aba79d1-SYD
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23538&sent=316&recv=82&lost=0&retrans=0&sent_bytes=364159&recv_bytes=8636&delivery_rate=6407548&cwnd=180000&unsent_bytes=0&cid=b69edc3e6393ac7a&ts=2298&x=1", cfHdrFlush;dur=0
content-length
587580
date
Tue, 26 Nov 2024 01:36:17 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 07:56:34 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
email-decode.min.js
www.fbdemo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.fbdemo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"673dd3d6-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LWxr%2F3zbHDERGYXg59MsQ5ZQJkmxaG2udy%2Fmh5yuZRW82k3R0QwssgHbMtK78Dlwm5Ska2%2B8UYnAhtjySLbgftq9F1sQO1GZL9bL5exq38EAPisznCQQkWGMcV8GdEd%2FEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e862584a82c79d1-SYD
expires
Thu, 28 Nov 2024 01:36:16 GMT
date
Tue, 26 Nov 2024 01:36:16 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 12:19:34 GMT
server
cloudflare
vary
Accept-Encoding
bottom-712919513.js
www.lennelucrecia.com/themes/82cart_cloud_store_child/assets/cache/
917 KB
246 KB
Script
General
Full URL
https://www.lennelucrecia.com/themes/82cart_cloud_store_child/assets/cache/bottom-712919513.js
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001d582faf300dc16f4e377ac4b0db096c61134e046dd49e324e2944decdb7ed

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"662c6cc4-e520d"
age
341520
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5HTQpQKb1%2FjVBRlVfhGOWA62nZn49iwfGAtwCgMVqTozez%2FZMQyVddcSTYcKCm9jnKzSYm2U%2FoUKhdqM9nE2dQu7HvO3uYAyw3qYYRKPFhGgjC93n5ZGsAaUnoEXrZk2zNQf0QOjaLM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23378&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4198&recv_bytes=4741&delivery_rate=119588&cwnd=12000&unsent_bytes=0&cid=863e386c946d70bc&ts=123&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 01:36:16 GMT
content-type
application/javascript
last-modified
Sat, 27 Apr 2024 03:11:00 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e862585ae2fd5d7-SYD
server
cloudflare
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
gzip
age
6644
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 01:45:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 23:45:32 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-7xK6p3RB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 01:36:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-7xK6p3RB' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4434, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
LXD6O7lr3WV/9fOdMXDJR3/n3axN4yEjLsRH7wQcO4ZcNb4xMt1m4YfytIUMjo4vzgCdgzZ44tZBGGGPge6W7A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
noun_Search_2861426.svg
lennelucrecia01.b-cdn.net/img/cms/icons/
3 KB
2 KB
Image
General
Full URL
https://lennelucrecia01.b-cdn.net/img/cms/icons/noun_Search_2861426.svg
Requested by
Host: lennelucrecia01.b-cdn.net
URL: https://lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/customer-s1.css?4180
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1::1 , Australia, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-MEL1-1140 /
Resource Hash
e3acca85e5cd4befa0770d8957dd59b44a8871a32f48fd6a885a71d46d9069e8

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/customer-s1.css?4180

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
MISS
etag
W/"64456f1d-c03"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fazVda3oF7jR5acFsnLOkUI2ninPZTJweyEYSthKBLAHvsqbrybVl%2Fk3KTg8BqHZFymtNqN%2FCkAGoKAsynspSzmzAn6tfycsfCTDezXosu2%2FWQrygg9z%2BlOHiZ%2FO9I6PwqyiikYLPLg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"
server-timing
cfL4;desc="?proto=TCP&rtt=11954&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1791&delivery_rate=118271&cwnd=250&unsent_bytes=0&cid=dd3c065401adc35a&ts=144&x=0"
date
Tue, 26 Nov 2024 01:36:16 GMT
last-modified
Sun, 23 Apr 2023 17:47:09 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
11/25/2024 10:26:46
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestpullsuccess
True
cdn-uid
841997ea-5385-4018-a16e-be0b247587d6
cdn-requestid
4a0a269ec314749d51efe50f9ecd0ad0
cdn-pullzone
483037
cdn-proxyver
1.06
cf-ray
8e80f1423a4f5720-SYD
cdn-requesttime
0
cdn-edgestorageid
1140
server
BunnyCDN-MEL1-1140
cdn-requestcountrycode
AU
sb.png
lennelucrecia01.b-cdn.net/img/cms/icons/
1 KB
2 KB
Image
General
Full URL
https://lennelucrecia01.b-cdn.net/img/cms/icons/sb.png
Requested by
Host: lennelucrecia01.b-cdn.net
URL: https://lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/customer-s1.css?4180
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1::1 , Australia, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-MEL1-1140 /
Resource Hash
a62d88c98e628a9ca22a0c6d70f72d87b68b1807397ca6b66565890c51ed4bda

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lennelucrecia01.b-cdn.net/modules/stthemeeditor/views/css/customer-s1.css?4180

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"64456f1d-569"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fuh1%2B%2F4latSuj%2FjUffrURQAJz5T%2BcMh4CxgPmV3bHKRNL4kxenklJZ56aB0i5ufJIn84egpoTBFVwtBJhfP4MiScDfXgcSfSOd28nkmTHYapnLNUhH14DQMaLLHck7HJjpz%2B4Joc5kE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"
server-timing
cfL4;desc="?proto=TCP&rtt=12488&sent=3&recv=6&lost=0&retrans=0&sent_bytes=219&recv_bytes=1780&delivery_rate=112422&cwnd=250&unsent_bytes=0&cid=95072e3b7f0e60ef&ts=135&x=0"
date
Tue, 26 Nov 2024 01:36:16 GMT
content-type
image/png
last-modified
Sun, 23 Apr 2023 17:47:09 GMT
cdn-cachedat
11/25/2024 10:26:46
cdn-cache
HIT
cdn-requestpullcode
200
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-requestpullsuccess
True
cdn-uid
841997ea-5385-4018-a16e-be0b247587d6
cdn-requestid
a140c4bf51ed839a53f8ea283f9dd509
cdn-pullzone
483037
cdn-proxyver
1.06
cf-ray
8e80f1423a5fd5de-SYD
cdn-requesttime
0
accept-ranges
bytes
content-length
1385
cdn-edgestorageid
1140
server
BunnyCDN-MEL1-1140
cdn-requestcountrycode
AU
XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v26/
38 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaBTMnFcQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito|Nunito:700|Alegreya:regular|Archivo+Black:regular|Amaranth:regular|Vollkorn:regular|Carrois+Gothic+SC:regular|Bubblegum+Sans:regular|Allerta+Stencil:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f3.1e100.net
Software
sffe /
Resource Hash
dd1d87a3e43058c21090e00341b2ccce34653e9ca3e67c33e4ad7ac9ab6bc883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://www.fbdemo.com
Referer
https://fonts.googleapis.com/

Response headers

age
253877
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 23 Nov 2025 03:04:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 03:04:59 GMT
last-modified
Thu, 14 Sep 2023 00:02:27 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39188
x-xss-protection
0
server
sffe
bb14167c8c69bd2302067a56625efaf2.woff2
www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/
0
0

banner_daunemas.jpg
www.fbdemo.com/img/
325 KB
325 KB
Image
General
Full URL
https://www.fbdemo.com/img/banner_daunemas.jpg
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d87e0d5ab936560cfe7ef2d40021f46a5542bc596df62d2110d6445bb79f4d8

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"51289-62315316ad752"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxiaXr1PB%2BK9ZkPyjCqcwGnuCtrDuazarY6DNmf83Jr6R%2BBKgcNY%2Fo%2FM96xoAAt37bmPSVJPToljAwwA8wKrjXmEikbH3qjtGC3uBAdyA%2F%2BLfZyUfCjh2dMEek%2BrL31JOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8625881b6a79d1-SYD
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23542&sent=32&recv=23&lost=0&retrans=0&sent_bytes=23634&recv_bytes=6029&delivery_rate=15990&cwnd=24000&unsent_bytes=0&cid=b69edc3e6393ac7a&ts=2092&x=1", cfHdrFlush;dur=0
content-length
332425
date
Tue, 26 Nov 2024 01:36:17 GMT
content-type
image/jpeg
last-modified
Fri, 27 Sep 2024 07:56:30 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
194715485617120
connect.facebook.net/signals/config/
76 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/194715485617120?v=2.9.176&r=stable&domain=www.fbdemo.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
d7eada3f65d0c8c9eb3208619ce66440ff1d750e86ccc58d3c53f990647c4cb6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-DQfrsjDc' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 01:36:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-DQfrsjDc' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=77, mss=1232, tbw=70879, tp=68, tpl=0, uplat=295, ullat=1
pragma
public
x-fb-debug
NN2Qpys5uYOebSruBOWo4hDivWGgZvb8j2ORGC4PLMEqC3TGo3ey7/q5rZiYdDc1rXiYKqL2YkheJulMqKfiqg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=194715485617120&ev=PageView&dl=https%3A%2F%2Fwww.fbdemo.com%2F&rl=&if=false&ts=1732584977006&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732584977003.683173152389726331&cs_est=true&ler=empty&cdl=API_unavailable&it=1732584976663&coo=false&rqm=GET
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4517, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 26 Nov 2024 01:36:17 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
196 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=194715485617120&ev=PageView&dl=https%3A%2F%2Fwww.fbdemo.com%2F&rl=&if=false&ts=1732584977006&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732584977003.683173152389726331&cs_est=true&ler=empty&cdl=API_unavailable&it=1732584976663&coo=false&rqm=FGET
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 01:36:17 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Yi+QQPpljpKTAgObs6vkSeW/lI/dQrvaFF1SdmdHluHff5GU2QU7yeYUesRCVJ1XF7pHsQ5teysnS+eqkkpgRg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4885, tp=13, tpl=0, uplat=235, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
br
age
1094
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 02:18:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 01:18:03 GMT
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1129
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/j/
15 B
434 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1290680515&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fbdemo.com%2F&ul=en-au&de=UTF-8&dt=Daunemas%20Link%20Alternatif%20%7C%20Login%20Daunemas%20Slot%20%7C%20Daftar%20Situs%20Daunemas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEIJAAAAACAAI~&jid=1457844996&gjid=53426226&cid=1071580350.1732584977&tid=UA-159293754-96&_gid=312245280.1732584977&_r=1&_slc=1&did=d6YPbH&z=1496690129
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c45801f2ac423a4fc50b5d573011cf9ba89bc0aefd78aa16f0d1f5d014c813d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain
Referer
https://www.fbdemo.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 01:36:17 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.fbdemo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
47abf9ab81bffceef802e33fb4fb1b89.woff
www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/
0
0

collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1290680515&t=event&ni=1&cu=IDR&_s=2&dl=https%3A%2F%2Fwww.fbdemo.com%2F&ul=en-au&de=UTF-8&dt=Daunemas%20Link%20Alternatif%20%7C%20Login%20Daunemas%20Slot%20%7C%20Daftar%20Situs%20Daunemas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=UX&ea=detail&el=Product%20Detail%20View&_u=aGBAAEIJAAAAACAMI~&jid=&gjid=&cid=1071580350.1732584977&tid=UA-159293754-96&_gid=312245280.1732584977&did=d6YPbH&pa=detail&pr1id=646&pr1nm=golden-maple-leaf-daun-emas-artificial-palsu-dekorasi&pr1ca=bunga-artifisial&pr1br=&pr1va=0&pr1ps=0&pr1qt=1&pr1pr=Rp15.000&z=1897216588
Requested by
Host: www.fbdemo.com
URL: https://www.fbdemo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

age
24310
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 18:51:07 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
js
www.googletagmanager.com/gtag/
278 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WFP3HRSSFR&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d57f338bac1f441549e54b8174053929bf3a16fa52b97fe2f53b3c9df9f6a808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 01:36:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 01:36:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99982
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-61V6FKMWZ5&gtm=45je4bk0v9101452853za200&_p=1732584976541&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1071580350.1732584977&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732584977&sct=1&seg=0&dl=https%3A%2F%2Fwww.fbdemo.com%2F&dt=Daunemas%20Link%20Alternatif%20%7C%20Login%20Daunemas%20Slot%20%7C%20Daftar%20Situs%20Daunemas&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4241
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-61V6FKMWZ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.fbdemo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 01:36:17 GMT
content-type
text/plain
server
Golfe2
9e54cf2cf0d1eb640867446fcbd7d254.ttf
www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/
0
0

collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WFP3HRSSFR&gtm=45je4bk0v9124598362za200&_p=1732584976541&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-au&sr=1600x1200&cid=1071580350.1732584977&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.fbdemo.com%2F&dt=Daunemas%20Link%20Alternatif%20%7C%20Login%20Daunemas%20Slot%20%7C%20Daftar%20Situs%20Daunemas&sid=1732584977&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&edid=d6YPbH&tfd=4475
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFP3HRSSFR&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.fbdemo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 01:36:17 GMT
content-type
text/plain
server
Golfe2
pavicon-daunemas.png
www.fbdemo.com/img/
42 KB
43 KB
Other
General
Full URL
https://www.fbdemo.com/img/pavicon-daunemas.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7f0b985a16b3a07578c1f49594371a5acda059ca75420a5522097a2cd0de89

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a789-6231531770099"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThaV07tWXOYORg6i%2FCgjYp51gz7P1MwQTZpkNglN0aPpsRd5nqLcWnD3BLli%2FQwPCWnza%2FNB16zgvI2m%2Fol7qWnD3pTEMEcYmiy4v%2Bq5ogZm0lh860c82fKkkua195smGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8625919c5779d1-SYD
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23990&sent=823&recv=135&lost=0&retrans=0&sent_bytes=965643&recv_bytes=11538&delivery_rate=3557551&cwnd=228000&unsent_bytes=0&cid=b69edc3e6393ac7a&ts=3913&x=1", cfHdrFlush;dur=0
content-length
42889
date
Tue, 26 Nov 2024 01:36:19 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 07:56:31 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
pavicon-daunemas.png
www.fbdemo.com/img/
42 KB
0
Other
General
Full URL
https://www.fbdemo.com/img/pavicon-daunemas.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7f0b985a16b3a07578c1f49594371a5acda059ca75420a5522097a2cd0de89

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a789-6231531770099"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThaV07tWXOYORg6i%2FCgjYp51gz7P1MwQTZpkNglN0aPpsRd5nqLcWnD3BLli%2FQwPCWnza%2FNB16zgvI2m%2Fol7qWnD3pTEMEcYmiy4v%2Bq5ogZm0lh860c82fKkkua195smGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8625919c5779d1-SYD
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23990&sent=823&recv=135&lost=0&retrans=0&sent_bytes=965643&recv_bytes=11538&delivery_rate=3557551&cwnd=228000&unsent_bytes=0&cid=b69edc3e6393ac7a&ts=3913&x=1", cfHdrFlush;dur=0
content-length
42889
date
Tue, 26 Nov 2024 01:36:19 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 07:56:31 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
pavicon-daunemas.png
www.fbdemo.com/img/
42 KB
0
Other
General
Full URL
https://www.fbdemo.com/img/pavicon-daunemas.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7f0b985a16b3a07578c1f49594371a5acda059ca75420a5522097a2cd0de89

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a789-6231531770099"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThaV07tWXOYORg6i%2FCgjYp51gz7P1MwQTZpkNglN0aPpsRd5nqLcWnD3BLli%2FQwPCWnza%2FNB16zgvI2m%2Fol7qWnD3pTEMEcYmiy4v%2Bq5ogZm0lh860c82fKkkua195smGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8625919c5779d1-SYD
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23990&sent=823&recv=135&lost=0&retrans=0&sent_bytes=965643&recv_bytes=11538&delivery_rate=3557551&cwnd=228000&unsent_bytes=0&cid=b69edc3e6393ac7a&ts=3913&x=1", cfHdrFlush;dur=0
content-length
42889
date
Tue, 26 Nov 2024 01:36:19 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 07:56:31 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
pavicon-daunemas.png
www.fbdemo.com/img/
42 KB
0
Other
General
Full URL
https://www.fbdemo.com/img/pavicon-daunemas.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b7f0b985a16b3a07578c1f49594371a5acda059ca75420a5522097a2cd0de89

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://www.fbdemo.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a789-6231531770099"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThaV07tWXOYORg6i%2FCgjYp51gz7P1MwQTZpkNglN0aPpsRd5nqLcWnD3BLli%2FQwPCWnza%2FNB16zgvI2m%2Fol7qWnD3pTEMEcYmiy4v%2Bq5ogZm0lh860c82fKkkua195smGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8625919c5779d1-SYD
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23990&sent=823&recv=135&lost=0&retrans=0&sent_bytes=965643&recv_bytes=11538&delivery_rate=3557551&cwnd=228000&unsent_bytes=0&cid=b69edc3e6393ac7a&ts=3913&x=1", cfHdrFlush;dur=0
content-length
42889
date
Tue, 26 Nov 2024 01:36:19 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 07:56:31 GMT
vary
User-Agent, Accept-Encoding
server
cloudflare
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WFP3HRSSFR&gtm=45je4bk0v9124598362za200&_p=1732584976541&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-au&sr=1600x1200&cid=1071580350.1732584977&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&cu=IDR&dl=https%3A%2F%2Fwww.fbdemo.com%2F&dt=Daunemas%20Link%20Alternatif%20%7C%20Login%20Daunemas%20Slot%20%7C%20Daftar%20Situs%20Daunemas&sid=1732584977&sct=1&seg=0&_s=2&tfd=9480
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFP3HRSSFR&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8
Referer
https://www.fbdemo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.fbdemo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 01:36:22 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.lennelucrecia.com
URL
https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/bb14167c8c69bd2302067a56625efaf2.woff2
Domain
www.lennelucrecia.com
URL
https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/47abf9ab81bffceef802e33fb4fb1b89.woff
Domain
www.lennelucrecia.com
URL
https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/9e54cf2cf0d1eb640867446fcbd7d254.ttf

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| addtocart_animation number| click_on_header_cart object| prestashop boolean| quick_search_as number| quick_search_as_min number| quick_search_as_size string| st_maximum_already_message string| st_refresh_url object| sttheme string| wrongemailaddress_stnewsletter string| label_payment_fee object| gaDevIds string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer function| fbq function| _fbq object| swiper_options function| st_update_cart function| showFlyimgImage function| init_global_maps object| st_owl_progressBar object| st_owl_bar object| st_owl_elem object| st_owl_isPause object| st_owl_tick object| st_owl_percentTime function| st_owl_progressBar_init function| st_owl_buildProgressBar function| st_owl_start function| st_owl_pauseOnDragging function| st_owl_moved function| vc_js function| vc_initVideoBackgrounds function| vcExtractYoutubeId function| vcResizeVideoBackground function| insertYoutubeVideoAsBackground function| getColumnsCount string| screen_size function| getSizeName function| loadScript function| wpb_prepare_tab_content function| vc_accordionActivate function| addNotification object| func_pa function| ajaxGetPaymentFee function| ajaxChangePaymentMethod object| GoogleAnalyticEnhancedECommerce function| vc_plugin_flexslider function| vc_twitterBehaviour function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts function| $ function| jQuery function| Tether function| Swiper function| Waypoint function| hcSticky function| Stellar function| vc_rowBehaviour object| Select2 string| waypointContextKey object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager

6 Cookies

Domain/Path Name / Value
.fbdemo.com/ Name: _fbp
Value: fb.1.1732584977003.683173152389726331
.fbdemo.com/ Name: _gid
Value: GA1.2.312245280.1732584977
.fbdemo.com/ Name: _gat
Value: 1
.fbdemo.com/ Name: _ga_61V6FKMWZ5
Value: GS1.1.1732584977.1.0.1732584977.0.0.0
.fbdemo.com/ Name: _ga
Value: GA1.1.1071580350.1732584977
.fbdemo.com/ Name: _ga_WFP3HRSSFR
Value: GS1.2.1732584977.1.0.1732584977.0.0.0

6 Console Messages

Source Level URL
Text
javascript error URL: https://www.fbdemo.com/
Message:
Access to font at 'https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/bb14167c8c69bd2302067a56625efaf2.woff2' from origin 'https://www.fbdemo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/bb14167c8c69bd2302067a56625efaf2.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.fbdemo.com/
Message:
Access to font at 'https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/47abf9ab81bffceef802e33fb4fb1b89.woff' from origin 'https://www.fbdemo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/47abf9ab81bffceef802e33fb4fb1b89.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.fbdemo.com/
Message:
Access to font at 'https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/9e54cf2cf0d1eb640867446fcbd7d254.ttf' from origin 'https://www.fbdemo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.lennelucrecia.com/themes/82cart_cloud_store/assets/css/9e54cf2cf0d1eb640867446fcbd7d254.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beautepoints.com
connect.facebook.net
daunemas.support
fonts.googleapis.com
fonts.gstatic.com
grupdaunemas.com
lennelucrecia01.b-cdn.net
www.facebook.com
www.fbdemo.com
www.google-analytics.com
www.googletagmanager.com
www.lennelucrecia.com
zipperthatdoll.com
www.lennelucrecia.com
142.250.199.99
157.240.8.23
157.240.8.35
172.67.157.119
172.67.198.209
172.67.212.247
172.67.222.13
216.239.34.178
2400:52e0:1::1
2404:6800:4004:80c::200e
2404:6800:4004:813::2008
2404:6800:4004:821::200a
2606:4700:3034::6815:24e2
2606:4700:3037::ac43:d38b
001d582faf300dc16f4e377ac4b0db096c61134e046dd49e324e2944decdb7ed
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
144e2b01924648e84606faa00f347c2c3f28f5b10aa25306deaa7d410dad3498
20a702d7dd78ce5ae83e7e4f61538fed69b05aa8c7c6b08270c960c4046fc2a3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d87e0d5ab936560cfe7ef2d40021f46a5542bc596df62d2110d6445bb79f4d8
401593f82ab4dc9ff61d5dcec3f5a3d2f4365da206121a18dce161ff5e631b3e
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
6334dacae5766d09a31bb8bc28756070e3584437b9c27f2eed0c4276ea17134a
7b10ddcbdcfe683f6fc9782c200341b5cdd1c1e53d5d1a55102ad297ab85158c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b7f0b985a16b3a07578c1f49594371a5acda059ca75420a5522097a2cd0de89
a442fe374499e985bc70821de2da84ceadf5b5374749c7dc5a3850f72ee23729
a62d88c98e628a9ca22a0c6d70f72d87b68b1807397ca6b66565890c51ed4bda
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c45801f2ac423a4fc50b5d573011cf9ba89bc0aefd78aa16f0d1f5d014c813d9
d57f338bac1f441549e54b8174053929bf3a16fa52b97fe2f53b3c9df9f6a808
d7eada3f65d0c8c9eb3208619ce66440ff1d750e86ccc58d3c53f990647c4cb6
dd1d87a3e43058c21090e00341b2ccce34653e9ca3e67c33e4ad7ac9ab6bc883
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3acca85e5cd4befa0770d8957dd59b44a8871a32f48fd6a885a71d46d9069e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855