resgatebr.site Open in urlscan Pro
23.111.145.146  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response resgatebr.site/g1-b/	23 KB 6 KB	1308ms 150ms	Document text/html	23.111.145.146 HVC-AS
General Check archive.org Show headers Download Go to Full URL https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.111.145.146 Tampa, United States, ASN29802 (HVC-AS, US), Reverse DNS 23-111-145-146.static.hvvc.us Software LiteSpeed / Resource Hash febfff34c24aa24b183a421c8df320636357d468715fe816a8c88d24dd6ecb95 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 5985 content-type text/html date Fri, 28 Jun 2024 04:58:14 GMT last-modified Tue, 20 Feb 2024 07:17:00 GMT server LiteSpeed vary Accept-Encoding,User-Agent
GET H2	404	botao_g1.png media.discordapp.net/attachments/1148354486444773440/1159570158394814575/	36 B 36 B	309ms 52ms	Image text/plain	162.159.130.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.discordapp.net/attachments/1148354486444773440/1159570158394814575/botao_g1.png? Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers date Fri, 28 Jun 2024 04:58:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FHux5Ozwgm%2FyZKzCSTG1gQjQqxoaINhQfjMTfZ7UsMiYTdVcQwU39zSyiQ%2FiouQS4r9%2Bf49vFVigDdiN%2Bf%2BJhFyJfvpNYBW8IMKhq%2FlFy6O0c8T6H2801WHzx9RgLobNC3DKN5X"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp cf-ray 89ab19c1fc4658d8-TXL content-length 36 alt-svc h3=":443"; ma=86400
GET H2	200	LQABQf5420807.js Show response resgatebr.site/g1-b/js/	8 KB 4 KB	149ms 142ms	Script application/javascript	23.111.145.146 HVC-AS
General Check archive.org Show headers Download Go to Full URL https://resgatebr.site/g1-b/js/LQABQf5420807.js Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 23.111.145.146 Tampa, United States, ASN29802 (HVC-AS, US), Reverse DNS 23-111-145-146.static.hvvc.us Software LiteSpeed / Resource Hash 8f925b74bfe416c902ef9b0d26d01da20dd7324284099a09b1f560520320f2ed Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/g1-b/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers date Fri, 28 Jun 2024 04:58:14 GMT content-encoding br last-modified Tue, 20 Feb 2024 07:17:00 GMT server LiteSpeed vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 3532 expires Fri, 05 Jul 2024 04:58:14 GMT
GET H2	200	css2 fonts.googleapis.com/	11 KB 1 KB	304ms 50ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&family=Montserrat:wght@300;400;500;600;700;800&family=Montserrat:wght@300;400;500;600;700;800&display=swap Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 28 Jun 2024 04:58:14 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 28 Jun 2024 04:58:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 28 Jun 2024 04:58:14 GMT
GET H2	200	178njvh www.redditmedia.com/mediaembed/ Frame CDF5	0 0	409ms 176ms	Document text/html	2a04:4e42:200::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditmedia.com/mediaembed/178njvh?autoplay=1 Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers accept-ranges bytes cache-control private, max-age=3600 content-encoding gzip content-length 3831 content-type text/html; charset=UTF-8 date Fri, 28 Jun 2024 04:58:14 GMT nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.5, "failure_fraction": 0.5} report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} server snooserv strict-transport-security max-age=31536000; includeSubdomains vary accept-encoding, Accept-Encoding via 1.1 varnish x-content-type-options nosniff x-envoy-upstream-service-time 19 x-ratelimit-remaining 99.0 x-ratelimit-reset 105 x-ratelimit-used 1 x-reddit-internal-ratelimit-exceeded false x-reddit-internal-ratelimit-rls-type ip-standard x-reddit-internal-ratelimit-shadowmode-exceeded false x-reddit-internal-ratelimit-type ip-standard x-reddit-pod-ip 10.107.190.141:80 x-xss-protection 1; mode=block
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	221 KB 59 KB	277ms 48ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 28 Jun 2024 04:58:14 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58251 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug kCXQkPt6fsISOoC3iMI6uXqE77HWXu5IDvptukRo3bmRi42QwcG0C9PMOyt8Wg5FJuukLCaJkrmUVbYeP7Giwg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 2 KB	403ms 155ms	Script application/javascript	2.18.64.26 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKRI4N3C77U5FRI5PS40&lib=ttq Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-26.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 35fbdc4df36aef4b49279f7a60315e974d37dc10996897a3212e48abbbe9756e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers x-akamai-request-id 2c7a4c3d date Fri, 28 Jun 2024 04:58:14 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2406280458142D7517673DCEA0A2BA9E-2A6EEB6C290495E6-00 x-cache TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) server-timing inner; dur=18, cdn-cache; desc=MISS, edge; dur=2, origin; dur=108 content-length 1779 pragma no-cache server nginx x-tt-logid 202406280458142D7517673DCEA0A2BA9E vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 109,2.20.179.90 x-tt-trace-host 0181852c4f60d9f5b7e1e5bef10fdabffe9cdc5ec79a2350f9d59c6bbf318a0653d07761e1bc3e3699deda8f20402adafd8e670a9d3870fdf6bbe0551eff244c1ebe67e61ca8b54573b3b6fbd29a003d9afa0b547055bfd8b5a2347334fe208bbd expires Fri, 28 Jun 2024 04:58:14 GMT
GET H/1.1	200 OK	events.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/	10 KB 5 KB	1057ms 41ms	Script application/javascript	43.152.26.64 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=545955065547997252&lib=kwaiq Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.26.64 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers x-ks-client-ip 80.255.7.106 Date Mon, 27 May 2024 02:56:14 GMT Content-Encoding gzip x-oss-request-id 6653F64E970E1130322584D6 X-Cache-Lookup Cache Hit Content-MD5 xdyEdfWuJAvRR0tEZ9nn2A== kwaisign NULL Connection keep-alive Content-Length 3744 X-Ks-Request-ID 5632656747589549503 X-Ks-Cache Hit from 43.152.26.64 x-oss-object-type Normal Last-Modified Mon, 27 May 2024 02:52:15 GMT Server Lego Server Etag "C5DC8475F5AE240BD1474B4467D9E7D8" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length Cache-Control no-cache x-oss-storage-class Standard X-NWS-LOG-UUID 5632656747589549503 Accept-Ranges bytes x-oss-hash-crc64ecma 13562747518461854989 x-oss-server-time 2 Expires Wed, 26 Jun 2024 02:56:14 GMT
GET H2	200	RPbbtQ8975711.png media.atomicatpages.com/u/lPmeHvm48eWtbGJo3dOhOxE5R262/l/	3 KB 3 KB	263ms 72ms	Image image/webp	2400:52e0:1e00::1079:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://media.atomicatpages.com/u/lPmeHvm48eWtbGJo3dOhOxE5R262/l/RPbbtQ8975711.png Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1079 / Resource Hash 4c397ae7503092b4d57b41d29e3d9a565720f7a2f2f417c31759137184bac38b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers date Fri, 28 Jun 2024 04:58:14 GMT x-downloadsize 4469 cdn-edgestorageid 1082 x-bo-processingtime 0 cdn-cachedat 06/28/2024 04:58:14 cdn-pullzone 1770958 content-length 2780 x-bo-server DE-132 last-modified Fri, 28 Jun 2024 04:58:14 GMT server BunnyCDN-DE1-1079 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 14 content-type image/webp cdn-cache MISS cdn-uid 79663dcb-f1ac-47d2-a40f-a1b818ddf98f cache-control public, max-age=31919000 x-bo-compressionratio 37.79% cdn-requestid 7b40dc4fd2db4fad2da450a3a22d1014 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	YJfweh5405331.png media.atomicatpages.com/u/lPmeHvm48eWtbGJo3dOhOxE5R262/Pictures/	4 KB 5 KB	266ms 76ms	Image image/webp	2400:52e0:1e00::1079:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://media.atomicatpages.com/u/lPmeHvm48eWtbGJo3dOhOxE5R262/Pictures/YJfweh5405331.png Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1079 / Resource Hash f2f3bec0109df53c02ab4e0b263500549cab1ce0a6dc8391739b10ea7b4cea37 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers date Fri, 28 Jun 2024 04:58:14 GMT x-downloadsize 7462 cdn-edgestorageid 1079 x-bo-processingtime 1 cdn-cachedat 06/28/2024 04:58:14 cdn-pullzone 1770958 content-length 4466 x-bo-server DE-133 last-modified Fri, 28 Jun 2024 04:58:14 GMT server BunnyCDN-DE1-1079 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 12 content-type image/webp cdn-cache MISS cdn-uid 79663dcb-f1ac-47d2-a40f-a1b818ddf98f cache-control public, max-age=31919000 x-bo-compressionratio 40.15% cdn-requestid d0bd5c282970ae388fc5c4ef56bac7f1 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	oYYntw9064923.png media.atomicatpages.com/u/lPmeHvm48eWtbGJo3dOhOxE5R262/l/	33 KB 34 KB	781ms 592ms	Image image/webp	2400:52e0:1e00::1079:1 CDN77 _
General Check archive.org Show headers Download Go to Show image Full URL https://media.atomicatpages.com/u/lPmeHvm48eWtbGJo3dOhOxE5R262/l/oYYntw9064923.png Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-DE1-1079 / Resource Hash edbaf28c452959bdb10edc0288f85e01521e36662a0e3e1515a42e70fa7b25af Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers date Fri, 28 Jun 2024 04:58:15 GMT x-downloadsize 178572 cdn-edgestorageid 1082 x-bo-processingtime 296 cdn-cachedat 06/28/2024 04:58:15 cdn-pullzone 1770958 content-length 34050 x-bo-server DE-95 last-modified Fri, 28 Jun 2024 04:58:14 GMT server BunnyCDN-DE1-1079 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 19 content-type image/webp cdn-cache MISS cdn-uid 79663dcb-f1ac-47d2-a40f-a1b818ddf98f cache-control public, max-age=31919000 x-bo-compressionratio 80.93% cdn-requestid d7ac19f5a2f08bafa01d0d13ee6d7fea cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	a.js Show response cdn.atomicatpages.com/	2 KB 1 KB	793ms 250ms	Script application/javascript	35.199.65.48 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.atomicatpages.com/a.js?cache=63398 Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.199.65.48 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 48.65.199.35.bc.googleusercontent.com Software nginx / Resource Hash 5ee6ff7cd266186d4abdb32fc423bcc36a2564e1c758d363274f7c8d601ebfb7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers date Fri, 28 Jun 2024 04:58:15 GMT content-encoding br last-modified Thu, 18 Apr 2024 06:30:18 GMT server nginx etag W/"6620bdfa-7a3" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	json Show response wtfismyip.com/	367 B 562 B	505ms 358ms	XHR application/json	2a01:4f9:6b:4b55::acab HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://wtfismyip.com/json Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/js/LQABQf5420807.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a01:4f9:6b:4b55::acab , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software / Resource Hash 420b7bc5463b18fafefc4e1fd5b49f03e4f1071f2991588ff426da23c78c9f28 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jun 2024 04:58:15 GMT access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, must-revalidate x-fortune It's going to be a fucking glorious day content-length 367 expires 0
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	373ms 22ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&family=Montserrat:wght@300;400;500;600;700;800&family=Montserrat:wght@300;400;500;600;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://resgatebr.site Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers date Tue, 25 Jun 2024 15:27:45 GMT x-content-type-options nosniff age 221430 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 Jun 2025 15:27:45 GMT
GET H2	200	1134868977873853 Show response connect.facebook.net/signals/config/	58 KB 12 KB	324ms 323ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1134868977873853?v=2.9.159&r=stable&domain=resgatebr.site&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 96472d09f326a8c61d1846f53239b0bfcf726d71e695de933db28391caf255d8 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 28 Jun 2024 04:58:15 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=44, rtx=0, c=61, mss=1297, tbw=63769, tp=-1, tpl=-1, uplat=281, ullat=0 pragma public x-fb-debug KbgDN8zTku6OWbB+4BWM3goISdCHVCAqvq+ZRS8hkSx6DGcG8UFhy5pVs3wn10y4/Zy2awMVGeJELQ4X3NNs8w== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	main.MTZkNWZlYWU4MA.js Show response analytics.tiktok.com/i18n/pixel/static/	339 KB 97 KB	51ms 51ms	Script application/javascript	2.18.64.26 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKRI4N3C77U5FRI5PS40&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-26.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 47604965129b76c210cbca0993bce3965a85330fc257684ab4467a9db8ba1122 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers x-akamai-request-id 2c7a4ddd date Fri, 28 Jun 2024 04:58:14 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2024062715344988BB13647B4F8D6326AA x-tt-trace-id 00-24062715344988BB13647B4F8D6326AA-5CE300D76E621DC3-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 012e34d847fbaf6459e4c49675a12f29db53281241599ffa33f694b3dcb30f8fc78fff58a7d33fa5da6c7e8c2f881882bc11d8054b30157874b83f271048ead6482f573d24877c5065ddea544b4d09ddfd27e6601a9c594d7b67ddbcae81a73c02 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4 content-length 98812
GET H2	200	identify_ce1d8843.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 39 KB	44ms 43ms	Script application/javascript	2.18.64.26 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-26.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers x-akamai-request-id 2c7a5075 date Fri, 28 Jun 2024 04:58:15 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202405211400007B05E65B9CAD80486EDE x-tt-trace-id 00-2405211400007B05E65B9CAD80486EDE-400B715293803C3A-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 017874a0935aef664d38b9a2c29dcae40eace53b0c18a95cd6e37f0e5a78c95d464bff2c84cd6cf36ca5b1dbb61279987bfbbfc383295ed68a6d7fe8c387f300402c8156a89d9a6220adf260fbbfb9d4fdd65a4c8c0c529b5204175296c6f72401 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2 content-length 39577
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 838 B	169ms 167ms	Ping text/plain	2.18.64.26 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-26.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://resgatebr.site/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 62187c58.2c7a5100 date Fri, 28 Jun 2024 04:58:15 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240628045815EF821BFC188B6A9439A8-4361A30C3668248F-00 x-cache TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) x-parent-response-time 122,2.20.179.90 server-timing cdn-cache; desc=MISS, edge; dur=91, origin; dur=34, inner; dur=29 content-length 0 pragma no-cache server nginx x-tt-logid 20240628045815EF821BFC188B6A9439A8 x-cache-remote TCP_MISS from a23-32-16-92.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 34,23.32.16.92 x-tt-trace-host 0181852c4f60d9f5b7e1e5bef10fdabffe36b7dc380c64d9614b50f2ad8f5fecc08997f189c89acc6ec5e1867770f3ac3ef734fa12d39cfea69f57239ece0670319a7b083067b4e13a44957349998b1909d3f9220f1e01669129cbca8805b47802870af19d69c46bff622ec6a75e8d2617 access-control-allow-headers Authorization,* expires Fri, 28 Jun 2024 04:58:15 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	158ms 39ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1134868977873853&ev=PageView&dl=https%3A%2F%2Fresgatebr.site%2Fg1-b%2F&rl=&if=false&ts=1719550695384&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.1.1719550695347.980582752101742095&ler=empty&cdl=API_unavailable&it=1719550694898&coo=false&rqm=GET Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2833, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 28 Jun 2024 04:58:15 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 4 KB	400ms 282ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1134868977873853&ev=PageView&dl=https%3A%2F%2Fresgatebr.site%2Fg1-b%2F&rl=&if=false&ts=1719550695384&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.1.1719550695347.980582752101742095&ler=empty&cdl=API_unavailable&it=1719550694898&coo=false&rqm=FGET Requested by Host: resgatebr.site URL: https://resgatebr.site/g1-b/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0e259a26932afc81","source_keys":["1","2"]},{"key_piece":"0xb837881f36cd05f5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Fri, 28 Jun 2024 04:58:15 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385413999991701115", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=43, rtx=0, c=14, mss=1297, tbw=3151, tp=-1, tpl=-1, uplat=239, ullat=0 pragma no-cache x-fb-debug 3rjF9GKxKQMC4s/4MqIJ3BMUpNYwgIX+FbYb+WvNsv3N3uqdp0dJWbYtU8UTQbX3jtc2wyutCVnjp2NtnPJtKg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385413999991701115"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	200	save apidopro.atomicat-api.com/lytics/	0 466 B	3129ms 3039ms	Ping application/json	172.67.139.36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://apidopro.atomicat-api.com/lytics/save Requested by Host: cdn.atomicatpages.com URL: https://cdn.atomicatpages.com/a.js?cache=63398 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://resgatebr.site/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 28 Jun 2024 04:58:16 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2FPyZSxOyu9RyLGgKxwxQA59ls0gPlodq7KzK5Fj5J5fx1KMmZCHE7Jr4oEqlsdKLl7DhUyo1LYt%2BotUEvy2lL7cmRD2SGbA0kNsKkn78R1dkC8V3RDMIeK2uFoMiJzf%2BkB5uDT7zJjBuEpK"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 89ab19c6fde730cf-FRA alt-svc h3=":443"; ma=86400
POST H3	200	getGrayInfo Show response ads.mythad.com/rest/n/adintl/gray/	270 B 258 B	275ms 219ms	XHR application/json	184.24.77.81 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js Protocol H3 Security QUIC, , AES_256_GCM Server 184.24.77.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-81.deploy.static.akamaitechnologies.com Software / Resource Hash 845d4d0bb820cbbe4c6c715cf7a43038a8e1c4cb1da170b058e26f84c460b8b7 Request headers Referer https://resgatebr.site/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 content-type application/json Response headers date Fri, 28 Jun 2024 04:58:18 GMT content-encoding gzip vary Accept-Encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://resgatebr.site access-control-allow-credentials true alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 239 quic-version 0x00000001
OPTIONS H2	200	getGrayInfo ads.mythad.com/rest/n/adintl/gray/ Frame	0 0	3011ms 2690ms	Preflight	2a02:26f0:7400::5f64:6421 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7400::5f64:6421 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://resgatebr.site Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://resgatebr.site access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Fri, 28 Jun 2024 04:58:16 GMT
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 843 B	2898ms 2898ms	Ping text/plain	2.18.64.26 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-26.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://resgatebr.site/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 1cec75b6.2c7a53af date Fri, 28 Jun 2024 04:58:15 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240628045815B12373619DE6C39328AD-1EAAA9EB6CA216AB-00 x-cache TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) x-parent-response-time 270,2.20.179.90 server-timing cdn-cache; desc=MISS, edge; dur=91, origin; dur=182, inner; dur=175 content-length 0 pragma no-cache server nginx x-tt-logid 20240628045815B12373619DE6C39328AD x-cache-remote TCP_MISS from a23-218-223-86.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 182,23.218.223.86 x-tt-trace-host 0181852c4f60d9f5b7e1e5bef10fdabffedfb4a1fe0f299987df3f504a9e03f43d66e1353d00395333a1dc24be38065677b846448e94b20fda3bc7eb336182088cc3e15c4e1c93a20c905b43fbff42d854b5cd9de6c9982a2b55c4fcb43b91c70a00b16034790b163825155bbb3234a27f access-control-allow-headers Authorization,* expires Fri, 28 Jun 2024 04:58:15 GMT
GET H/1.1	200 OK	core.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/core/	291 KB 77 KB	2015ms 2015ms	Script application/javascript	43.152.26.64 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=545955065547997252&lib=kwaiq Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=545955065547997252&lib=kwaiq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.26.64 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash a21102dc1ae4aa467f052f60ac51326e46e35ccd5de2e9489be63b4b358fc10f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers x-ks-client-ip 80.255.7.106 Date Wed, 26 Jun 2024 06:06:50 GMT Content-Encoding gzip x-oss-request-id 667BAFFA07CCA73632EA5C23 X-Cache-Lookup Cache Hit Content-MD5 4XZ4t4vSykVZ0/jNUFPwsg== kwaisign NULL Connection keep-alive Content-Length 78223 X-Ks-Request-ID 10323274148306701333 X-Ks-Cache Hit from 43.152.26.64 x-oss-object-type Normal Last-Modified Wed, 26 Jun 2024 05:59:56 GMT Server Lego Server Etag "E17678B78BD2CA4559D3F8CD5053F0B2" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length Cache-Control no-cache x-oss-storage-class Standard X-NWS-LOG-UUID 10323274148306701333 Accept-Ranges bytes x-oss-hash-crc64ecma 14604453638594700644 x-oss-server-time 85 Expires Fri, 26 Jul 2024 06:06:50 GMT
POST H2	200	radar Show response logsdk.kwai-pro.com/rest/wd/common/log/collect/	71 B 280 B	409ms 211ms	XHR text/plain	23.213.161.140 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.140 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-140.deploy.static.akamaitechnologies.com Software / Resource Hash 46852853ed316bfce76e98db9c85198f758c9adaafaea36d1959deb1ad3c117b Request headers Referer https://resgatebr.site/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://resgatebr.site date Fri, 28 Jun 2024 04:58:18 GMT access-control-allow-credentials true alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 71 content-type text/plain;charset=UTF-8
POST H2	200	radar Show response logsdk.kwai-pro.com/rest/wd/common/log/collect/	72 B 192 B	441ms 245ms	XHR text/plain	23.213.161.140 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.140 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-140.deploy.static.akamaitechnologies.com Software / Resource Hash f6678c28ae0e3515e3728f70446ca4bdbb3026bb1cc9c2f790d279fbf1a74ae8 Request headers Referer https://resgatebr.site/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://resgatebr.site date Fri, 28 Jun 2024 04:58:19 GMT access-control-allow-credentials true content-length 72 content-type text/plain;charset=UTF-8
GET H3	200	getPixelConfig Show response ads.mythad.com/rest/n/adintl/ad/	405 B 325 B	881ms 881ms	XHR application/json	184.24.77.81 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=545955065547997252&pageId=pageId-1719550698605-4070605115274 Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js Protocol H3 Security QUIC, , AES_256_GCM Server 184.24.77.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-81.deploy.static.akamaitechnologies.com Software / Resource Hash ed117d811f4303fca308710b1a9af3a9f1dff33c83d29fe0b763e37fa4a8eabc Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://resgatebr.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers date Fri, 28 Jun 2024 04:58:19 GMT content-encoding gzip vary Accept-Encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://resgatebr.site access-control-allow-credentials true alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 305 quic-version 0x00000001
OPTIONS H2	200	api ads.mythad.com/log/common/co/ Frame	0 0	315ms 314ms	Preflight	2a02:26f0:7400::5f64:6421 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common/co/api Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7400::5f64:6421 Lisbon, Portugal, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://resgatebr.site Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://resgatebr.site access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Fri, 28 Jun 2024 04:58:19 GMT
POST H3	200	api Show response ads.mythad.com/log/common/co/	2 KB 1002 B	224ms 223ms	XHR application/json	184.24.77.81 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common/co/api Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZkNWZlYWU4MA.js Protocol H3 Security QUIC, , AES_256_GCM Server 184.24.77.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-24-77-81.deploy.static.akamaitechnologies.com Software / Resource Hash 8b75897e91d92f4a5175f6db0d2d9d1762f914183109eca09766496e5603a5d8 Request headers Referer https://resgatebr.site/ Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36 content-type application/json Response headers date Fri, 28 Jun 2024 04:58:20 GMT content-encoding gzip vary Accept-Encoding content-type application/json;charset=utf-8 access-control-allow-origin https://resgatebr.site access-control-allow-credentials true alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 983 quic-version 0x00000001

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq string| KwaiAnalyticsObject object| kwaiq object| install function| _0x3bc6 function| _0x185482 function| _0x13009d function| _0x3c1c function| _0x453b8a function| _0x51cb94 object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| events function| Radar object| core object| _WEBLOGGER function| Weblog

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.discordapp.net/	1969-12-31 23:59:59	Name: __cfruid Value: 08d10cf62def8cb4ba0750bb518cdd2ed0460e4f-1719550694
			.discordapp.net/	1969-12-31 23:59:59	Name: _cfuvid Value: HbnSMPEA.JSTE_mdIO161nzm_oRwTcnEuSXx0XxLeeU-1719550694731-0.0.1.1-604800000
			.tiktok.com/	1970-01-21 07:00:46	Name: _ttp Value: 2iUgiEm5GnzW7b6OBxPMLcNDfjQ
			.resgatebr.site/	1970-01-21 07:00:46	Name: _tt_enable_cookie Value: 1
			.resgatebr.site/	1970-01-21 07:00:46	Name: _ttp Value: WvaLsFUXKQhELF129l-H4Sqr7Ov
			.resgatebr.site/	1970-01-20 23:48:46	Name: _fbp Value: fb.1.1719550695347.980582752101742095
			resgatebr.site/	1970-01-21 06:24:46	Name: _did Value: web_926385037DF4B88A
			.mythad.com/	1970-01-21 07:15:10	Name: kwai_ckid Value: 1719550699373_7336295985579508
			.resgatebr.site/	1970-01-21 06:24:46	Name: kwai_uuid Value: 47c76e4035c25042a4f1896600d707a9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://media.discordapp.net/attachments/1148354486444773440/1159570158394814575/botao_g1.png? Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mythad.com
analytics.tiktok.com
apidopro.atomicat-api.com
cdn.atomicatpages.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
logsdk.kwai-pro.com
media.atomicatpages.com
media.discordapp.net
resgatebr.site
s1.kwai.net
wtfismyip.com
www.facebook.com
www.redditmedia.com
162.159.130.232
172.67.139.36
184.24.77.81
2.18.64.26
23.111.145.146
23.213.161.140
2400:52e0:1e00::1079:1
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a01:4f9:6b:4b55::acab
2a02:26f0:7400::5f64:6421
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::396
35.199.65.48
43.152.26.64
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
35fbdc4df36aef4b49279f7a60315e974d37dc10996897a3212e48abbbe9756e
376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4
420b7bc5463b18fafefc4e1fd5b49f03e4f1071f2991588ff426da23c78c9f28
46852853ed316bfce76e98db9c85198f758c9adaafaea36d1959deb1ad3c117b
47604965129b76c210cbca0993bce3965a85330fc257684ab4467a9db8ba1122
4c397ae7503092b4d57b41d29e3d9a565720f7a2f2f417c31759137184bac38b
5ee6ff7cd266186d4abdb32fc423bcc36a2564e1c758d363274f7c8d601ebfb7
845d4d0bb820cbbe4c6c715cf7a43038a8e1c4cb1da170b058e26f84c460b8b7
8b75897e91d92f4a5175f6db0d2d9d1762f914183109eca09766496e5603a5d8
8f925b74bfe416c902ef9b0d26d01da20dd7324284099a09b1f560520320f2ed
96472d09f326a8c61d1846f53239b0bfcf726d71e695de933db28391caf255d8
a21102dc1ae4aa467f052f60ac51326e46e35ccd5de2e9489be63b4b358fc10f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed117d811f4303fca308710b1a9af3a9f1dff33c83d29fe0b763e37fa4a8eabc
edbaf28c452959bdb10edc0288f85e01521e36662a0e3e1515a42e70fa7b25af
f2f3bec0109df53c02ab4e0b263500549cab1ce0a6dc8391739b10ea7b4cea37
f6678c28ae0e3515e3728f70446ca4bdbb3026bb1cc9c2f790d279fbf1a74ae8
febfff34c24aa24b183a421c8df320636357d468715fe816a8c88d24dd6ecb95