pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev Open in urlscan Pro
2a06:98c1:58::eb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Submission: On December 02 via manual (December 2nd 2024, 10:03:31 am UTC) from ZA — Scanned from US

Summary HTTP 88 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 16 domains to perform 88 HTTP transactions. The main IP is 2a06:98c1:58::eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev.
TLS certificate: Issued by E5 on November 27th 2024. Valid for: 3 months.

This is the only time pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2a06:98c1:58::eb 2a06:98c1:58::eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
2	2600:1408:c40... 2600:1408:c400:5::17c7:3716	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
6	2600:1408:c40... 2600:1408:c400:18e::1e80	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2607:f8b0:400... 2607:f8b0:4004:c1f::9d	15169 (GOOGLE) (GOOGLE)
2	3.251.24.2 3.251.24.2	16509 (AMAZON-02) (AMAZON-02)
1	169.202.182.156 169.202.182.156	14115 (AMALGAMAT...) (AMALGAMATED-BSA)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::5f	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.219.151.184 3.219.151.184	14618 (AMAZON-AES) (AMAZON-AES)
4	23.50.125.47 23.50.125.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.22.27.13 52.22.27.13	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.39.45 63.140.39.45	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.167.4.131 35.167.4.131	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	23.62.161.51 23.62.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2607:f8b0:400... 2607:f8b0:4004:c1d::69	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
1	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c0b::65	15169 (GOOGLE) (GOOGLE)
88	22

15 2a06:98c1:58::eb (United States)

ASN13335 (CLOUDFLARENET, US)

pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:5::17c7:3716 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1408:c400:18e::1e80 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c1f::9d (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.251.24.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-24-2.eu-west-1.compute.amazonaws.com

credit.apr.absa.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.202.182.156 (Krugersdorp, South Africa)

ASN14115 (AMALGAMATED-BSA, ZA)

ib.absa.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.151.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-151-184.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.50.125.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-47.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fledge.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.27.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-27-13.compute-1.amazonaws.com

absa.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.39.45 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-45.data.adobedc.net

fpt.absa.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.167.4.131 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-4-131.us-west-2.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.62.161.51 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-161-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c1d::69 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c09::9d (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c0b::65 (Washington, United States)

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182	19 KB
15	r2.dev pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev	151 KB
12	google.com www.google.com — Cisco Umbrella Rank: 3 google.com — Cisco Umbrella Rank: 1	572 B
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	753 KB
6	teads.tv p.teads.tv — Cisco Umbrella Rank: 6062 cm.teads.tv — Cisco Umbrella Rank: 6366 fledge.teads.tv — Cisco Umbrella Rank: 8024 t.teads.tv — Cisco Umbrella Rank: 3448	7 KB
6	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 458	128 KB
5	absa.co.za ib.absa.co.za Failed credit.apr.absa.co.za fpt.absa.co.za	73 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 262 absa.demdex.net	2 KB
3	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 333	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	102 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	41 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	82 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2001	315 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1608	490 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	30 KB
88	16

	Domain	Requested by
15	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
10	www.googletagmanager.com	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev www.googletagmanager.com assets.adobedtm.com
9	www.google.com	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev www.googletagmanager.com
8	td.doubleclick.net	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev www.googletagmanager.com
8	googleads.g.doubleclick.net	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev www.googletagmanager.com
6	assets.adobedtm.com	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev assets.adobedtm.com
3	google.com	www.googletagmanager.com
3	px.ads.linkedin.com	snap.licdn.com pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
3	connect.facebook.net	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev connect.facebook.net
2	t.teads.tv	p.teads.tv pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2	cm.teads.tv	p.teads.tv pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2	www.facebook.com	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2	fpt.absa.co.za	assets.adobedtm.com
2	dpm.demdex.net	assets.adobedtm.com pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2	credit.apr.absa.co.za	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
2	snap.licdn.com	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev snap.licdn.com
2	cdnjs.cloudflare.com	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev cdnjs.cloudflare.com
1	api.ipify.org	ajax.googleapis.com
1	fledge.teads.tv	p.teads.tv
1	cm.everesttech.net	1 redirects
1	absa.demdex.net	assets.adobedtm.com
1	p.teads.tv	assets.adobedtm.com
1	ajax.googleapis.com	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
1	ib.absa.co.za	pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
88	24

This site contains links to these domains. Also see Links.

Domain
www.absa.co.za

Subject Issuer	Validity	Valid
*.r2.dev E5	`2024-11-27` - `2025-02-25`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-10` - `2024-12-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
credit.apr.absa.co.za DigiCert SHA2 Secure Server CA	`2024-04-17` - `2025-05-18`	a year	crt.sh
ib.absa.co.za DigiCert SHA2 Secure Server CA	`2024-05-21` - `2025-06-10`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
teads.tv R10	`2024-11-25` - `2025-02-23`	3 months	crt.sh
fpt.absa.co.za DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-22` - `2025-06-22`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ipify.org WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Frame ID: B89E7DCF13E6E786C6DBCBF08F4EAE3E
Requests: 77 HTTP requests in this frame

Frame: https://absa.demdex.net/dest5.html?d_nsid=0
Frame ID: 45D9F3B42FAFA3E45B2CD0A73E315D1D
Requests: 1 HTTP requests in this frame

Frame: https://fledge.teads.tv/v1/interest-group/tag.html
Frame ID: 63FFA4183C6B29114F69030FAD5B51A2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/9288866678?random=1722633583524&cv=11&fst=1722633583524&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: F3BE80189656329954ED94C9CB39BD23
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/674976093?random=1722633583557&cv=11&fst=1722633583557&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9164813779za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 5878C32178D846B5A81E2AE24D70BD53
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/740619428?random=1722633583638&cv=11&fst=1722633583638&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9170055295za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: D8C3DAD0D5C64621B248A747467225B3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1016187748?random=1722633583672&cv=11&fst=1722633583672&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874091768za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 3D36DB9D03C87297B26C373FBB9834AC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/9288866678?random=1733133806376&cv=11&fst=1733133806376&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 55BD65D84649AE04469902FA09FB17AA
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/674976093?random=1733133806388&cv=11&fst=1733133806388&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164813779za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 5A06F1CBE3DEF04AABD6E025C185BAB3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/740619428?random=1733133806401&cv=11&fst=1733133806401&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9170055295za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 95B6F5F79B153F51C407C8BCAEAB995C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1016187748?random=1733133806413&cv=11&fst=1733133806413&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v874091768za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 6CCFB5C5E5D9F5AEF4737C2F430B3D7D
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Frame ID: 7F941817844FF3EB6E6D10170606C2EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Absa Online Banking

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

98 %
HTTPS

59 %
IPv6

16
Domains

24
Subdomains

22
IPs

4
Countries

1391 kB
Transfer

3659 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.absa.co.za/aol-help/
Title: Get help with registration

Search URL Search Domain Scan URL

URL: https://www.absa.co.za/talk-to-us/
Title: Contact

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://cm.everesttech.net/cm/dd?d_uuid=29315709947985448964060210836210481667 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z02F7AAAALO-swOY

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request cc.html Show response
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 124 KB
125 KB 505ms
424ms Document
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1f3ee6d6ac34f4feb3379e3ee7c6d59e66688ef14e98cead61ad78ba87446b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
CF-RAY: 8eba7ca11d437cf3-EWR
Connection: keep-alive
Content-Length: 127411
Content-Type: text/html
Date: Mon, 02 Dec 2024 10:03:24 GMT
ETag: "805cc7c1069f92defc1e3fee6aa7475e"
Last-Modified: Sat, 30 Nov 2024 10:18:37 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 35ms
18ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 278386
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MHxEP3OgRxER1h4QiQuu1loNmBzMkwwkTUXKmn8fdcqPgisvZVKoyhVWHeYjt%2FTZ9B%2BoDXvlNq76%2FtG7008lbtPFcdoGt23kgRuIfpRJvn6%2F%2Bjb%2B2B5DIAYq%2Bvws9TkpKkQLPxRbI9tI6GXWD%2FOm4rS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 10:03:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eba7ca3ecabc331-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
100 KB 68ms
32ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-878225088&l=gtmDataLayer&cx=c

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b66296733d1db43186ca1d265f6ee4dd88c14c18d3ea173bde2b47428a861e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 10:03:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101331
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
100 KB 88ms
77ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1016187748&l=gtmDataLayer&cx=c

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e7d9b92f4d6fa96cc025d39f78a460a3fec5bc850d7e6053ca1dabc2e0fa9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 10:03:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102004
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
98 KB 77ms
67ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-740619428&l=gtmDataLayer&cx=c

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be96b140cf44bfd9d7ebd871db5976d4fabee3885433f18482c9d9721c103d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 10:03:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100399
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
100 KB 57ms
47ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-674976093&l=gtmDataLayer&cx=c

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c946fb51e3d1b271b689120d1076912fd21f289db3b9a8c2a23ce16583074935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 10:03:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102003
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
89 KB 74ms
64ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93b584e17cda453b3a86f1439e24d5a40c201c66e39132a6cb2ea604f6b56ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 10:03:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90863
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
981 B 61ms
15ms Script
application/javascript 2600:1408:c400:5::17c7:3716
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3716 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

3628be465ec3d28413b23bd425c36d30ab28016eb5f6d2f702ca7f5ae883e93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: max-age=86337
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 771
date: Mon, 02 Dec 2024 10:03:24 GMT
last-modified: Tue, 26 Nov 2024 13:42:29 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 launch-f1bf6d4c040e.min.js Show response
assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/ 432 KB
113 KB 102ms
26ms Script
application/x-javascript 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

82040f289a7625792ab74fc582cbf4b838883d637b71330aaae3de91c17e96ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "4fcaae35e2e5b1f98a21e3bddb092bb4:1731656549.563079"
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 11:03:24 GMT
accept-ranges: bytes
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length: 115628
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Nov 2024 07:42:29 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET styles.0264db92e0ab603f.css
ib.absa.co.za/xdas/clr/ 0
0

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 34 KB
12 KB 91ms
15ms Script
application/x-javascript 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement.min.js

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "ade220db70aa3259d42f32d039757920:1689673134.025267"
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 11:03:24 GMT
accept-ranges: bytes
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length: 12463
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/x-javascript
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 3 KB
2 KB 91ms
16ms Script
application/x-javascript 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement_Module_ActivityMap.min.js

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "051ec0e10d7fb5b48a8bf326aa3a7442:1689673134.518239"
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 11:03:24 GMT
accept-ranges: bytes
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length: 1597
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/x-javascript
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H3 200 1747847538608265 Show response
connect.facebook.net/signals/config/ 105 KB
21 KB 136ms
117ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1747847538608265?v=2.9.164&r=stable&domain=ib.absa.co.za&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6896c9229fd5e0231131e85f4de87c5a272e512a15775d0a0e32beede4cbfc47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-YBeBcN3W' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-YBeBcN3W' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=24, mss=1232, tbw=33965, tp=35, tpl=0, uplat=97, ullat=0
pragma: public
x-fb-debug: N7IBP7FB6kvpnXxTHVKianA4I0Q2ynPx34TnSD2EgtpgCt8kIX12kP0IusKZKXIpNOZCik8rd2BwEOCO+/b7zQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 18ms
16ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-KULud3P0' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-KULud3P0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=23, mss=1232, tbw=4525, tp=11, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: JMmFd9CPqps2vXrnQK7VeC8TIu3Oe+dep8Pp5EYhKg4TNx5G3gfj03W98KAw4TEn52wU6JuP7vc40ZsSTOsK1w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 34ms
32ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8568421&l=gtmDataLayer

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7430e7e809ab1ec4ed331cebff795468b5b171f8ab816144fa664f5683a2e6e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 10:03:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84942
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/9288866678/ 5 KB
2 KB 68ms
32ms Script
text/javascript 2607:f8b0:4004:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/9288866678/?random=1722633583524&cv=11&fst=1722633583524&bg=ffffff&guid=ON&async=1&gtm=45be47v0za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1457ca014d6661b81d4865940406f5b4a8df7d40f70f4204b4f9ba40aadb0b1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2401
date: Mon, 02 Dec 2024 10:03:24 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/674976093/ 5 KB
2 KB 61ms
34ms Script
text/javascript 2607:f8b0:4004:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674976093/?random=1722633583557&cv=11&fst=1722633583557&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9164813779za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ae19b60bf96bb948cb231fc50289224e47f4cfac4aee5e96a9c55321b8535ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2403
date: Mon, 02 Dec 2024 10:03:24 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740619428/ 5 KB
2 KB 55ms
32ms Script
text/javascript 2607:f8b0:4004:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740619428/?random=1722633583638&cv=11&fst=1722633583638&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9170055295za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19d530b92bda90c91a04d58306c9ab27c0233da282a33b5cf8846f5750486b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2404
date: Mon, 02 Dec 2024 10:03:24 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016187748/ 5 KB
2 KB 48ms
34ms Script
text/javascript 2607:f8b0:4004:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016187748/?random=1722633583672&cv=11&fst=1722633583672&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874091768za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41e974f11822600f009123cb11242af4c758a46901b2a6afe129b1ad2be5487a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2406
date: Mon, 02 Dec 2024 10:03:24 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 404 RCfdd3c4fc28344501990f78d95b26a243-source.min.js
assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/ 0
0 204ms
202ms Script
text/plain 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCfdd3c4fc28344501990f78d95b26a243-source.min.js

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 11:03:24 GMT
accept-ranges: bytes
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length: 10
date: Mon, 02 Dec 2024 10:03:24 GMT
server: AkamaiNetStorage

GET
H2 200 place.js Show response
credit.apr.absa.co.za/422006/ 72 KB
35 KB 426ms
90ms Script
application/x-javascript 3.251.24.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://credit.apr.absa.co.za/422006/place.js?r=0.8282007671560956

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.251.24.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-251-24-2.eu-west-1.compute.amazonaws.com

Software

haile /

Resource Hash

64c10e21f126abb9a62d50006e4865c830144c944febc2d4616ea4ff74fcff88

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security: max-age=86400
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
x-content-type-options: nosniff
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/x-javascript
server: haile

GET
H2 404 RCbd3f2c964f8540a7b5faf83b0ff5de3d-source.min.js
assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/ 0
0 226ms
224ms Script
text/plain 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCbd3f2c964f8540a7b5faf83b0ff5de3d-source.min.js

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 11:03:24 GMT
accept-ranges: bytes
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length: 10
date: Mon, 02 Dec 2024 10:03:24 GMT
server: AkamaiNetStorage

GET
H/1.1 200
OK logo-brand-red.svg
ib.absa.co.za/xdas/clr/assets/images/ 3 KB
3 KB 1898ms
249ms Image
image/svg+xml 169.202.182.156
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.absa.co.za/xdas/clr/assets/images/logo-brand-red.svg

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

169.202.182.156 Krugersdorp, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),

Reverse DNS

Software

Resource Hash

27bb94240d233cc8f7382fb36ab34a409f99d0e8ec55bcf24e8965fbfa47dbd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 2716
Date: Mon, 02 Dec 2024 10:03:25 GMT
Content-Type: image/svg+xml
Last-Modified: Fri, 15 Nov 2024 06:35:46 GMT
Connection: keep-alive

GET
H/1.1 404
Not Found runtime.84f79c54ca1b6b29.js
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 132ms
130ms Script
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/runtime.84f79c54ca1b6b29.js
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7ca3ff3f7cf3-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:24 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H/1.1 404
Not Found polyfills.427bfb582aba5263.js
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 144ms
123ms Script
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/polyfills.427bfb582aba5263.js
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7ca41e8143f7-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:24 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H/1.1 404
Not Found vendor.3a186de20bc36275.js
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 147ms
125ms Script
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/vendor.3a186de20bc36275.js
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7ca41b8b4399-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:24 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H/1.1 404
Not Found main.2c60ab46fc18d9bb.js
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 157ms
134ms Script
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/main.2c60ab46fc18d9bb.js
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7ca42ab043eb-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:24 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 57ms
15ms Script
text/javascript 2607:f8b0:4004:c1f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: gzip
age: 413585
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 15:10:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 15:10:19 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30306
x-xss-protection: 0
server: sffe

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
40 KB 16ms
15ms Script
text/javascript 2600:1408:c400:5::17c7:3716
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3716 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 41181
date: Mon, 02 Dec 2024 10:03:24 GMT
last-modified: Tue, 26 Nov 2024 13:49:02 GMT
content-type: text/javascript
x-amz-server-side-encryption: AES256

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
978 B 148ms
110ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=&time=1733133804256&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: gzip
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
access-control-allow-methods: GET, OPTIONS
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
date: Mon, 02 Dec 2024 10:03:23 GMT
content-type: application/json
access-control-allow-headers: *
x-li-pop: afd-prod-lor1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-fs-uuid: 00062846a8c15f73aa0e7ca4e8b84c62
x-msedge-ref: Ref A: 815AED9FAB1B4D5DA5D2389EA150357D Ref B: EWR30EDGE0716 Ref C: 2024-12-02T10:03:24Z
x-restli-protocol-version: 1.0.0
x-li-uuid: AAYoRqjBX3OqDnyk6LhMYg==
access-control-allow-origin: *

GET
H2 200 collect
px.ads.linkedin.com/ 0
534 B 89ms
65ms Image
application/javascript 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1733133804256&li_adsId=0ad4a83c-8c7d-4d66-a573-25d1c16c1f16&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 26BD57B5848C4F46B8F95DB872B2E914 Ref B: EWR30EDGE0320 Ref C: 2024-12-02T10:03:24Z
x-li-fabric: prod-lva1
x-li-uuid: AAYoRqjBafPIV7X+TPFVTA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 02 Dec 2024 10:03:23 GMT
content-type: application/javascript

GET
H2 200 id Show response
dpm.demdex.net/ 363 B
932 B 77ms
19ms XHR
application/json 3.219.151.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=AA45CC59566062417F000101%40AdobeOrg&d_nsid=0&ts=1733133804359

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.219.151.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-151-184.compute-1.amazonaws.com

Software

Resource Hash

455a32a1a050d9f5c73bd580142827dc296a3103a2b23b30da964264bc69a618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-1-v068-01516261b.edge-va6.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: DMxRM5QdSME=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length: 307
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/json;charset=utf-8
vary: Origin

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 17 KB
6 KB 154ms
22ms Script
application/javascript 23.50.125.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-47.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 487b5c89f3869c78cc95737ca7f38873fdd764730ecd0c8cb67d925037188480

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

x-amz-id-2: aXRvls6LqdaLgxwutMl4AarOmWAWi6XbMZPWkt1fD+gHulaSq81QL0SY5N5ZZPioHha6g1svQderRxPv2u6Qq2b61ek1otcM
Vary: Accept-Encoding
Cache-Control: max-age=155
Content-Encoding: gzip
ETag: "b16c2631b3b4d5afbfe9589a84da4916"
Connection: keep-alive
x-amz-request-id: WWQ2BK0EF41XE6BW
Accept-Ranges: bytes
Content-Length: 5823
Date: Mon, 02 Dec 2024 10:03:24 GMT
Last-Modified: Mon, 28 Oct 2024 09:50:33 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 1747847538608265 Show response
connect.facebook.net/signals/config/ 100 KB
20 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1747847538608265?v=2.9.176&r=stable&domain=pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b24a2ff831ee9b26abb5cbdd6482f173610c3792675f01b76f3b494cfd2f4d3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-YPDWKi4u' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-YPDWKi4u' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=89, mss=1232, tbw=93021, tp=86, tpl=0, uplat=62, ullat=0
pragma: public
x-fb-debug: WjDLikpeByYEdDksNoM6RjafJyyz5CygJFHHPjriVYA95S5zB5ilQpDitU/21wI6+rqMj66jnTaPTmVDvHPoOA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
216 B 36ms
35ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3806969FD31847D1A9CE1EC82A90040A Ref B: EWR30EDGE0320 Ref C: 2024-12-02T10:03:24Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYoRqjDBtunzfJkk2PeIw==
x-li-proto: http/2
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
x-cache: CONFIG_NOCACHE
date: Mon, 02 Dec 2024 10:03:24 GMT
vary: Origin

GET
H2 200 dest5.html
absa.demdex.net/ Frame 45D9 0
0 127ms
16ms Document
text/html 52.22.27.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://absa.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.22.27.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-27-13.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 02 Dec 2024 10:03:24 GMT
dcs: dcs-prod-va6-1-v068-000b935fe.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 11 Nov 2024 10:05:20 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: 2OcPDZT9TGs=

GET
H2 200 id Show response
fpt.absa.co.za/ 48 B
477 B 186ms
21ms XHR
application/x-javascript 63.140.39.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fpt.absa.co.za/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AA45CC59566062417F000101%40AdobeOrg&mid=28946252779572861954097160951097760560&ts=1733133804450

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.45 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-45.data.adobedc.net

Software

jag /

Resource Hash

498d302fe654cbb00af9c64150683254560306443e70a7f6320f975817b8ea7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
p3p: CP="This is not a P3P policy"
content-length: 48
date: Mon, 02 Dec 2024 10:03:24 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=Z02F7AAAALO-swOY
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=29315709947985448964060210836210481667
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z02F7AAAALO-swOY

42 B
716 B

18ms
18ms

Image
image/gif

3.219.151.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z02F7AAAALO-swOY

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Server

3.219.151.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-151-184.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-2-v068-0245cc3ae.edge-va6.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: pIkEiS7UR5Y=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z02F7AAAALO-swOY
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Mon, 02 Dec 2024 10:03:24 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 35ms
16ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1747847538608265&ev=PageView&dl=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&rl=&if=false&ts=1733133804537&sw=1600&sh=1200&v=2.9.176&r=stable&a=adobe_launch&ec=0&o=4124&fbp=fb.2.1733133804534.776319259894828309&cs_est=true&pm=1&hrl=bb2c45&ler=empty&cdl=API_unavailable&it=1733133804431&coo=false&cs_cc=1&cas=25658337873757662%2C7556021131121552%2C7378196685596330%2C7635904949805536%2C7799291493437949%2C7268077473299422%2C7323205557745013%2C5023400964358767%2C5668477419948073%2C8188246017880637%2C25060950620217803%2C7315340285209675%2C7935518496489982%2C5508182192566139%2C1629236803854851&rqm=GET

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4497, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 76ms
58ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1747847538608265&ev=PageView&dl=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&rl=&if=false&ts=1733133804537&sw=1600&sh=1200&v=2.9.176&r=stable&a=adobe_launch&ec=0&o=4124&fbp=fb.2.1733133804534.776319259894828309&cs_est=true&pm=1&hrl=bb2c45&ler=empty&cdl=API_unavailable&it=1733133804431&coo=false&cs_cc=1&cas=25658337873757662%2C7556021131121552%2C7378196685596330%2C7635904949805536%2C7799291493437949%2C7268077473299422%2C7323205557745013%2C5023400964358767%2C5668477419948073%2C8188246017880637%2C25060950620217803%2C7315340285209675%2C7935518496489982%2C5508182192566139%2C1629236803854851&rqm=FGET

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443753008058755547"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443753008058755547", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: bsEN5qFnl1Wd7catcjRhHg3tEybEUdI4TJMb3DNXN0+seM5A59t7aGRHj7hPaIRXyPbey8ZGgXJMw2bPJ67meA==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4865, tp=13, tpl=0, uplat=41, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 166 B
634 B 103ms
18ms Fetch
application/json 23.50.125.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&buyer_pixel_id=12308
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 70fc8c970a0d623037a56586832893a97fa36d876598ad050e98d8c09499a586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Observe-Browsing-Topics: ?1
Expires: Mon, 02 Dec 2024 10:03:24 GMT
Access-Control-Allow-Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Content-Length: 166
Date: Mon, 02 Dec 2024 10:03:24 GMT
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK tag.html
fledge.teads.tv/v1/interest-group/ Frame 63FF 0
0 106ms
21ms Document
text/html 23.50.125.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fledge.teads.tv/v1/interest-group/tag.html
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Ad-Auction-Allowed: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 568
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Dec 2024 10:03:24 GMT
Expires: Mon, 02 Dec 2024 10:03:24 GMT
Pragma: no-cache

GET
H2 200 track
t.teads.tv/ 23 B
0 152ms
25ms Fetch
image/gif 23.62.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.teads.tv/track?action=browser-topics&env=js-web&tag_version=6.21.0_ad40570&provider=tag&buyer_pixel_id=12308&referer=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&user_session_id=dcdff72c-1aaa-47a5-bb8d-e797b920df43
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.161.51 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length: 23
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 159ms
30ms Image
image/gif 23.62.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.21.0_ad40570&provider=tag&buyer_pixel_id=12308&referer=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&user_session_id=dcdff72c-1aaa-47a5-bb8d-e797b920df43
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.161.51 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
date: Mon, 02 Dec 2024 10:03:24 GMT
content-type: image/gif

GET
H/1.1 200
OK conversion
cm.teads.tv/v3/ 0
529 B 60ms
19ms Image
text/plain 23.50.125.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=pageView&env=js-web&tag_version=6.21.0_ad40570&provider=tag&buyer_pixel_id=12308&referer=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&user_session_id=dcdff72c-1aaa-47a5-bb8d-e797b920df43
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-125-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Observe-Browsing-Topics: ?1
Expires: Mon, 02 Dec 2024 10:03:24 GMT
Content-Length: 0
Attribution-Reporting-Register-Trigger: {"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1733133804","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date: Mon, 02 Dec 2024 10:03:24 GMT

GET
H/1.1 404
Not Found source-sans-pro-v10-latin-600.7818c5433f6bc777.woff2
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 125ms
123ms Font
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.7818c5433f6bc777.woff2
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7cb07d7343eb-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:26 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 21ms
19ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "5eb03e5f-12d68"
age: 287816
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDAyYEBRhp%2F5xaYUWMtRFbwkBpYGlh9iszDa%2Bq4t8hu5IApFtz3uSEo5zNCKoZv%2BxIayq2liH3R0bFJNzwB62Ks43mhBA%2B5Vo09W8hQUFwlCDk%2BR%2BjvmxyEdAGzBsHuM6lMg7AMzc7wV21IllibntIr5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 10:03:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 10:03:26 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eba7cb0785e4387-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
server: cloudflare

GET
H/1.1 404
Not Found source-sans-pro-v10-latin-regular.c30c139557e59b1d.woff2
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 125ms
124ms Font
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.c30c139557e59b1d.woff2
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7cb07b924399-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:26 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H/1.1 404
Not Found source-sans-pro-v10-latin-700.9e5e10e9276a4106.woff2
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 118ms
117ms Font
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.9e5e10e9276a4106.woff2
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7cb07eac43f7-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:26 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H3 200 /
www.google.com/pagead/1p-user-list/9288866678/ 42 B
64 B 71ms
30ms Image
image/gif 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/9288866678/?random=1722633583524&cv=11&fst=1722632400000&bg=ffffff&guid=ON&async=1&gtm=45be47v0za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d2JBSWcnO41k51Tg9qSzYukqQq3Q_vA&random=2270082281&rmt_tld=0&ipr=y

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/674976093/ 42 B
64 B 69ms
29ms Image
image/gif 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/674976093/?random=1722633583557&cv=11&fst=1722632400000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9164813779za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7doKYb2V3rV-LNSn75cXoKzfiR-VujcA&random=767377184&rmt_tld=0&ipr=y

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/740619428/ 42 B
64 B 70ms
31ms Image
image/gif 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740619428/?random=1722633583638&cv=11&fst=1722632400000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9170055295za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7djEHA_SW3ngICvGc6zVHysjDSfe3GPw&random=374822079&rmt_tld=0&ipr=y

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/1016187748/ 42 B
64 B 70ms
32ms Image
image/gif 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1016187748/?random=1722633583672&cv=11&fst=1722632400000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874091768za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dEQltUMsYf-ohhGUNwd_yO1iy2X51_Q&random=2632781982&rmt_tld=0&ipr=y

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 place.js Show response
credit.apr.absa.co.za/422006/ 72 KB
35 KB 92ms
91ms Script
application/x-javascript 3.251.24.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://credit.apr.absa.co.za/422006/place.js?r=0.6904599161030587

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.251.24.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-251-24-2.eu-west-1.compute.amazonaws.com

Software

haile /

Resource Hash

112ab6b34bca82ce736db02a9da72b8a48b8554ca7299ab85585c0d82287e953

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security: max-age=86400
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
x-content-type-options: nosniff
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
date: Mon, 02 Dec 2024 10:03:26 GMT
content-type: application/x-javascript
server: haile

GET
H2 200 9288866678
td.doubleclick.net/td/rul/ Frame F3BE 0
0 67ms
37ms Document
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/9288866678?random=1722633583524&cv=11&fst=1722633583524&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Dec 2024 10:03:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 674976093
td.doubleclick.net/td/rul/ Frame 5878 0
0 63ms
35ms Document
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/674976093?random=1722633583557&cv=11&fst=1722633583557&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9164813779za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Dec 2024 10:03:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 740619428
td.doubleclick.net/td/rul/ Frame D8C3 0
0 68ms
43ms Document
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/740619428?random=1722633583638&cv=11&fst=1722633583638&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9170055295za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Dec 2024 10:03:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1016187748
td.doubleclick.net/td/rul/ Frame 3D36 0
0 66ms
44ms Document
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/1016187748?random=1722633583672&cv=11&fst=1722633583672&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874091768za200zb9190192033&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1920&u_h=1080&url=https%3A%2F%2Fib.absa.co.za%2Fxdas%2Fclr%2Fregister%3Flang%3Den&ref=https%3A%2F%2Fib.absa.co.za%2Fabsa-online%2Fregistration%2F%3Flang%3Den&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=1823123765.1722619244&uaa=x86&uab=64&uafvl=Not)A%253BBrand%3B99.0.0.0%7CGoogle%2520Chrome%3B127.0.6533.72%7CChromium%3B127.0.6533.72&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Dec 2024 10:03:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
api.ipify.org/ 22 B
315 B 79ms
31ms XHR
application/json 104.26.12.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa1ca7a298c05fcd0b150c05da0bfaae7c50d2a762631fcaaefb0c40b4806767

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8eba7cb13970421d-EWR
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=8527&min_rtt=8412&rtt_var=1415&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4047&recv_bytes=2304&delivery_rate=464667&cwnd=254&unsent_bytes=0&cid=99c5182f612f226f&ts=38&x=0"
content-length: 22
date: Mon, 02 Dec 2024 10:03:26 GMT
content-type: application/json
vary: Origin
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 30ms
29ms Ping
text/plain 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&scrsrc=www.googletagmanager.com&frm=0&rnd=2130159409.1733133806&auid=490681247.1733133806&npa=0&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1733133806305&tfd=2689&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 42ms
42ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-417280903&l=gtmDataLayer&cx=c&gtm=45be4bk0v9164147058za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-878225088&l=gtmDataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ffadcc3846eac15955cee452e2950108515ef08b980910bd169aba4e0bd7729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 10:03:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93822
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 34ms
33ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-417280903&l=gtmDataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e843a3386e47521083a7dccfb7692e7f3ef3618a2f1a81e02bd82ac4058811b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 02 Dec 2024 10:03:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 02 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93780
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/9288866678/ 5 KB
2 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/9288866678/?random=1733133806376&cv=11&fst=1733133806376&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0264a0c9ff5c19ce5925b46e942f5b96d672ad6f8fc9e0c6e4866c76c74e951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2350
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 9288866678
td.doubleclick.net/td/rul/ Frame 55BD 0
0 33ms
32ms Document
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/9288866678?random=1733133806376&cv=11&fst=1733133806376&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Dec 2024 10:03:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 674976093
google.com/ccm/form-data/ 0
20 B 62ms
25ms Ping
text/plain 2607:f8b0:4004:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/674976093?gtm=45be4bk0pfv9164813779za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=0&frm=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-674976093&l=gtmDataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:26 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/674976093/ 5 KB
2 KB 39ms
39ms Script
text/javascript 2607:f8b0:4004:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674976093/?random=1733133806388&cv=11&fst=1733133806388&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164813779za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-674976093&l=gtmDataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c9a192960160f2b01d02dab7e659a8acd858bf5aa5d6ec4d322c9151b2634c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2357
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 674976093
td.doubleclick.net/td/rul/ Frame 5A06 0
0 31ms
30ms Document
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/674976093?random=1733133806388&cv=11&fst=1733133806388&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164813779za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-674976093&l=gtmDataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Dec 2024 10:03:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 740619428
google.com/ccm/form-data/ 0
20 B 58ms
34ms Ping
text/plain 2607:f8b0:4004:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/740619428?gtm=45be4bk0pfv9170055295za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=0&frm=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-740619428&l=gtmDataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:26 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740619428/ 5 KB
2 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740619428/?random=1733133806401&cv=11&fst=1733133806401&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9170055295za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-740619428&l=gtmDataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56cb6173ebbd3efaf1e8cb1ee19a4bda42058f6c339b692b63eeabe358c310e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2354
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 740619428
td.doubleclick.net/td/rul/ Frame 95B6 0
0 32ms
31ms Document
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/740619428?random=1733133806401&cv=11&fst=1733133806401&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9170055295za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-740619428&l=gtmDataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Dec 2024 10:03:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 1016187748
google.com/ccm/form-data/ 0
20 B 45ms
32ms Ping
text/plain 2607:f8b0:4004:c0b::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/1016187748?gtm=45be4bk0pfv874091768za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=0&frm=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1016187748&l=gtmDataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 10:03:26 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016187748/ 5 KB
2 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016187748/?random=1733133806413&cv=11&fst=1733133806413&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v874091768za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1016187748&l=gtmDataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62eeb8a264438499718e6d3533dc6cce63b21c270831f11c680f159e7ddeed0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2357
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 1016187748
td.doubleclick.net/td/rul/ Frame 6CCF 0
0 35ms
34ms Document
text/html 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/1016187748?random=1733133806413&cv=11&fst=1733133806413&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v874091768za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1016187748&l=gtmDataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Dec 2024 10:03:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 td
www.googletagmanager.com/ 0
18 B 24ms
23ms Image
text/plain 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=AW-878225088&v=3&t=t&pid=801070080&dl=pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&tdp=AW-878225088;164147058;0;0;0&frm=0&rtg=164147058&slo=0&hlo=1&lst=3&z=0
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Mon, 02 Dec 2024 10:03:26 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 404
Not Found source-sans-pro-v10-latin-700.886452199d7cc99d.woff
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 120ms
117ms Font
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.886452199d7cc99d.woff
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7cb22c934399-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:26 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H/1.1 404
Not Found source-sans-pro-v10-latin-600.53f34e82fd9a5e0d.woff
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 121ms
118ms Font
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.53f34e82fd9a5e0d.woff
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7cb22e9443eb-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:26 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H/1.1 404
Not Found source-sans-pro-v10-latin-regular.23e04aa202c158a2.woff
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 122ms
119ms Font
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.23e04aa202c158a2.woff
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7cb22fd143f7-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:26 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 7F94 0
0 47ms
17ms Document
text/html 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-9288866678&l=gtmDataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Dec 2024 10:03:26 GMT
expires: Tue, 02 Dec 2025 10:03:26 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/9288866678/ 42 B
64 B 28ms
27ms Image
image/gif 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/9288866678/?random=1733133806376&cv=11&fst=1733133600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dqwrZV9E2YVhwdtT4sekW7MsMbE8R-gn3N8L8_EYsPTIK3v9f&random=4180887290&rmt_tld=0&ipr=y

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/674976093/ 42 B
64 B 29ms
29ms Image
image/gif 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/674976093/?random=1733133806388&cv=11&fst=1733133600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164813779za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7drxHFs53yuThiIE-HAdJ2NSwblZdYDtUU7T5gCZWSJkgBTf9R&random=3557379623&rmt_tld=0&ipr=y

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/740619428/ 42 B
64 B 30ms
29ms Image
image/gif 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740619428/?random=1733133806401&cv=11&fst=1733133600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9170055295za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dcOYQ-H9eqYPffu46o-FA3Zd7rbIsTbvQiIl4KRkIRxodJ4Sc&random=4113637390&rmt_tld=0&ipr=y

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/1016187748/ 42 B
64 B 30ms
29ms Image
image/gif 2607:f8b0:4004:c1d::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1016187748/?random=1733133806413&cv=11&fst=1733133600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v874091768za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&hn=www.googleadservices.com&frm=0&tiba=Absa%20Online%20Banking&npa=0&pscdl=noapi&auid=490681247.1733133806&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dhxxwWhW_Xb0TL29OYT87th4LrDwkME2SP9Yajb1X8kQ9fgKG&random=1254008967&rmt_tld=0&ipr=y

Requested by

Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 404
Not Found source-sans-pro-v10-latin-700.d7d623eddfa851bc.ttf
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 124ms
124ms Font
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.d7d623eddfa851bc.ttf
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7cb2ff0c43eb-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:26 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H/1.1 404
Not Found source-sans-pro-v10-latin-600.f6d38edfda109439.ttf
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 123ms
123ms Font
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.f6d38edfda109439.ttf
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7cb2fd054399-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:26 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H/1.1 404
Not Found source-sans-pro-v10-latin-regular.9c0acacc1d455e33.ttf
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 0
0 124ms
124ms Font
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.9c0acacc1d455e33.ttf
Requested by: Host: pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7cb3085343f7-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:26 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H2 200 RC738e4c10e63f4cea8820e8092df34a01-source.min.js Show response
assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/27a974c6543e/ 714 B
704 B 21ms
20ms Script
application/x-javascript 2600:1408:c400:18e::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/27a974c6543e/RC738e4c10e63f4cea8820e8092df34a01-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/launch-f1bf6d4c040e.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:18e::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

8a3b451b668ed3ef92eefba1902cfc367d17ea225c8f5eed817903ae42fec641

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "4e7ff1a9dc55dfdefe2fd7819e3a5830:1731656551.130433"
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 11:03:26 GMT
accept-ranges: bytes
access-control-allow-origin: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
content-length: 403
date: Mon, 02 Dec 2024 10:03:26 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Nov 2024 07:42:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H/1.1 404
Not Found favicon.ico
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/ 27 KB
27 KB 136ms
135ms Other
text/html 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html

Response headers

CF-RAY: 8eba7cb3e8eb43f7-EWR
Content-Length: 27150
Date: Mon, 02 Dec 2024 10:03:26 GMT
Content-Type: text/html
Vary: Accept-Encoding
Connection: keep-alive
Server: cloudflare

GET
H2 200 s56169018552769
fpt.absa.co.za/b/ss/absabank-phoenix-prod/1/JS-2.24.0-LEWM/ 43 B
224 B 20ms
20ms Image
image/gif 63.140.39.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fpt.absa.co.za/b/ss/absabank-phoenix-prod/1/JS-2.24.0-LEWM/s56169018552769?AQB=1&ndh=1&pf=1&t=2%2F11%2F2024%200%3A3%3A26%201%20600&mid=28946252779572861954097160951097760560&aamlh=7&ce=UTF-8&ns=absabank&cdp=3&pageName=absa%20coza%20%7C%20cc.html&g=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&cc=ZAR&server=pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev&events=event1%2Cevent5&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=absa%20coza%20%7C%20cc.html&v3=D%3Dc5&v4=D%3Dc6&c5=application&v5=D%3Dc7&v11=30&c12=zero&v12=D%3Dc19&c13=Entry&v13=New&v14=28946252779572861954097160951097760560&v17=https%3A%2F%2Fpub-254f1ede8e794fdba2cdce72896d14c3.r2.dev%2Fcc.html&c18=30&c19=12%3A03%20PM%7CMonday&v19=guest&c20=New&c21=D%3Dv14&v21=english&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AA45CC59566062417F000101%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.45 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-45.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3721876510080565248-4618428970663956013
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 10:03:26 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Mon, 02 Dec 2024 10:03:26 GMT
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Dec 2024 10:03:26 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ib.absa.co.za
URL: https://ib.absa.co.za/xdas/clr/styles.0264db92e0ab603f.css

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.linkedin.com/	1970-01-21 10:11:09	Name: bcookie Value: "v=2&aa7e2fac-3f3e-4b24-835f-7e042d49f490"
.linkedin.com/	1970-01-21 01:27:00	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3387:u=1:x=1:i=1733133804:t=1733220204:v=2:sig=AQGhEvhvb4rT3uAYthjSd2-jRzQBz8t2"
.demdex.net/	1970-01-21 05:44:45	Name: demdex Value: 29315709947985448964060210836210481667
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1969-12-31 23:59:59	Name: AMCVS_AA45CC59566062417F000101%40AdobeOrg Value: 1
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1970-01-21 03:35:09	Name: _fbp Value: fb.2.1733133804534.776319259894828309
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1970-01-21 01:25:35	Name: tfpsi Value: dcdff72c-1aaa-47a5-bb8d-e797b920df43
cm.teads.tv/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.dpm.demdex.net/	1970-01-21 05:44:45	Name: dpm Value: 29315709947985448964060210836210481667
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1970-01-21 11:01:33	Name: AMCV_AA45CC59566062417F000101%40AdobeOrg Value: 179643557%7CMCIDTS%7C20060%7CMCMID%7C28946252779572861954097160951097760560%7CMCAAMLH-1733738604%7C7%7CMCAAMB-1733738604%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1733141004s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-20067%7CvVersion%7C5.5.0
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1969-12-31 23:59:59	Name: LSESSIONID Value: eyJlIjoiSXFIbWRTMXVRS2JUVUV3RWFCUmsxaGNmYnI3V0pvVjBSY2dldVRBNkhwMllmQmQwYWF5VnZWNzExU2Q5TEhwZEwrT01YeWFsak1YeVNmXC90OE0zT0Q5RzVIWDlmV3JYaVM5WXM2ZGtQS2U1MUVrVU5yVTZXUWdtT0lycTdEZVgxaXRVYmtOcGtwdkFTSlcyRTF5VjhpQT09IiwiaSI6IjNhS3NSczArd3Z3UGFDXC9Kd1grOWF3PT0ifQ%3D%3D.138d79a8d8868ef2.Y2Y3NzMwMmU1MjYzOThhMWQxMWJiZGNkMzIyMGMzMWFjMDBlMWJjZjhjMWRiNDM1MTUzMTBmNWRlZDhkYmUzMA%3D%3D
.doubleclick.net/	1970-01-21 11:01:33	Name: IDE Value: AHWqTUmD0MPjz--qX0GuGavmbrX_P3CxycYgjWKn1rwotOiIYXmkpibVceWG_I-g
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1970-01-21 03:35:09	Name: _gcl_au Value: 1.1.490681247.1733133806
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1970-01-21 01:25:35	Name: gpv_pn Value: cc.html
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1969-12-31 23:59:59	Name: s_ppv Value: cc.html%2C99%2C99%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1970-01-21 02:08:45	Name: s_nr Value: 1733133806808-New
.pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/	1969-12-31 23:59:59	Name: s_cc Value: true

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/runtime.84f79c54ca1b6b29.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/polyfills.427bfb582aba5263.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/vendor.3a186de20bc36275.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/main.2c60ab46fc18d9bb.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
rendering	warning	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html(Line 56) Message: [GroupMarkerNotSet(crbug.com/242999)!:A0901D00C4120000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCfdd3c4fc28344501990f78d95b26a243-source.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCbd3f2c964f8540a7b5faf83b0ff5de3d-source.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html Message: Refused to execute script from 'https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCfdd3c4fc28344501990f78d95b26a243-source.min.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/cc.html Message: Refused to execute script from 'https://assets.adobedtm.com/b0f73d23a6c8/20491b8fe211/233436219128/RCbd3f2c964f8540a7b5faf83b0ff5de3d-source.min.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.9e5e10e9276a4106.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.7818c5433f6bc777.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.c30c139557e59b1d.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.886452199d7cc99d.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.53f34e82fd9a5e0d.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.23e04aa202c158a2.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-700.d7d623eddfa851bc.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-600.f6d38edfda109439.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/source-sans-pro-v10-latin-regular.9c0acacc1d455e33.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

absa.demdex.net
ajax.googleapis.com
api.ipify.org
assets.adobedtm.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.teads.tv
connect.facebook.net
credit.apr.absa.co.za
dpm.demdex.net
fledge.teads.tv
fpt.absa.co.za
google.com
googleads.g.doubleclick.net
ib.absa.co.za
p.teads.tv
pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev
px.ads.linkedin.com
snap.licdn.com
t.teads.tv
td.doubleclick.net
www.facebook.com
www.google.com
www.googletagmanager.com
ib.absa.co.za
104.26.12.205
169.202.182.156
23.50.125.47
23.62.161.51
2600:1408:c400:18e::1e80
2600:1408:c400:5::17c7:3716
2606:4700::6811:180e
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c0b::65
2607:f8b0:4004:c17::61
2607:f8b0:4004:c1d::69
2607:f8b0:4004:c1f::5f
2607:f8b0:4004:c1f::9d
2620:1ec:21::14
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a06:98c1:58::eb
3.219.151.184
3.251.24.2
35.167.4.131
52.22.27.13
63.140.39.45
0c9a192960160f2b01d02dab7e659a8acd858bf5aa5d6ec4d322c9151b2634c3
0ffadcc3846eac15955cee452e2950108515ef08b980910bd169aba4e0bd7729
112ab6b34bca82ce736db02a9da72b8a48b8554ca7299ab85585c0d82287e953
1457ca014d6661b81d4865940406f5b4a8df7d40f70f4204b4f9ba40aadb0b1d
19d530b92bda90c91a04d58306c9ab27c0233da282a33b5cf8846f5750486b05
27bb94240d233cc8f7382fb36ab34a409f99d0e8ec55bcf24e8965fbfa47dbd8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3628be465ec3d28413b23bd425c36d30ab28016eb5f6d2f702ca7f5ae883e93f
41e974f11822600f009123cb11242af4c758a46901b2a6afe129b1ad2be5487a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
455a32a1a050d9f5c73bd580142827dc296a3103a2b23b30da964264bc69a618
487b5c89f3869c78cc95737ca7f38873fdd764730ecd0c8cb67d925037188480
498d302fe654cbb00af9c64150683254560306443e70a7f6320f975817b8ea7e
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5e7d9b92f4d6fa96cc025d39f78a460a3fec5bc850d7e6053ca1dabc2e0fa9f7
62eeb8a264438499718e6d3533dc6cce63b21c270831f11c680f159e7ddeed0e
64c10e21f126abb9a62d50006e4865c830144c944febc2d4616ea4ff74fcff88
6896c9229fd5e0231131e85f4de87c5a272e512a15775d0a0e32beede4cbfc47
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39
70fc8c970a0d623037a56586832893a97fa36d876598ad050e98d8c09499a586
7430e7e809ab1ec4ed331cebff795468b5b171f8ab816144fa664f5683a2e6e1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82040f289a7625792ab74fc582cbf4b838883d637b71330aaae3de91c17e96ce
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a3b451b668ed3ef92eefba1902cfc367d17ea225c8f5eed817903ae42fec641
8ae19b60bf96bb948cb231fc50289224e47f4cfac4aee5e96a9c55321b8535ec
93b584e17cda453b3a86f1439e24d5a40c201c66e39132a6cb2ea604f6b56ab7
9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a1f3ee6d6ac34f4feb3379e3ee7c6d59e66688ef14e98cead61ad78ba87446b9
a56cb6173ebbd3efaf1e8cb1ee19a4bda42058f6c339b692b63eeabe358c310e
aa1ca7a298c05fcd0b150c05da0bfaae7c50d2a762631fcaaefb0c40b4806767
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b24a2ff831ee9b26abb5cbdd6482f173610c3792675f01b76f3b494cfd2f4d3e
b66296733d1db43186ca1d265f6ee4dd88c14c18d3ea173bde2b47428a861e3a
be96b140cf44bfd9d7ebd871db5976d4fabee3885433f18482c9d9721c103d18
c0264a0c9ff5c19ce5925b46e942f5b96d672ad6f8fc9e0c6e4866c76c74e951
c946fb51e3d1b271b689120d1076912fd21f289db3b9a8c2a23ce16583074935
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
e843a3386e47521083a7dccfb7692e7f3ef3618a2f1a81e02bd82ac4058811b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev Open in urlscan Pro 2a06:98c1:58::eb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

98 %HTTPS

59 %IPv6

16 Domains

24 Subdomains

22 IPs

4 Countries

1391 kBTransfer

3659 kBSize

17 Cookies

2 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pub-254f1ede8e794fdba2cdce72896d14c3.r2.dev Open in urlscan Pro
2a06:98c1:58::eb Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

98 %
HTTPS

59 %
IPv6

16
Domains

24
Subdomains

22
IPs

4
Countries

1391 kB
Transfer

3659 kB
Size

17
Cookies

88 HTTP transactions
0 data transactions