lendplus.co.za Open in urlscan Pro
2606:4700::6812:1f6a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lendplus.co.za/user/registration/reg1
Submission: On December 11 via api (December 11th 2024, 6:31:41 am UTC) from US — Scanned from US

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 54 HTTP transactions. The main IP is 2606:4700::6812:1f6a, located in United States and belongs to CLOUDFLARENET, US. The main domain is lendplus.co.za.
TLS certificate: Issued by WE1 on November 5th 2024. Valid for: 3 months.

This is the only time lendplus.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700::68... 2606:4700::6812:1f6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
1	142.251.41.3 142.251.41.3	15169 (GOOGLE) (GOOGLE)
1 7	172.67.72.244 172.67.72.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
8	23.48.224.105 23.48.224.105	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::64	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c21::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:48f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
1 4	65.109.111.60 65.109.111.60	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
54	16

6 2606:4700::6812:1f6a (United States)

ASN13335 (CLOUDFLARENET, US)

lendplus.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.72.244 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lendplusza.widget.helpcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.helpcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lendplusza.helpcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX YANDEX LLC, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.48.224.105 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-48-224-105.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::64 (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c21::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:48f4 (United States)

ASN13335 (CLOUDFLARENET, US)

helpcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.109.111.60 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.60.111.109.65.clients.your-server.de

lendplusza.crunch.help	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	helpcrunch.com 1 redirects lendplusza.widget.helpcrunch.com embed.helpcrunch.com — Cisco Umbrella Rank: 137341 helpcrunch.com — Cisco Umbrella Rank: 68170 lendplusza.helpcrunch.com	859 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	145 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9443	4 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	636 B
6	lendplus.co.za lendplus.co.za	500 KB
4	crunch.help 1 redirects lendplusza.crunch.help	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	91 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	553 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4577	76 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	201 KB
1	google.com analytics.google.com — Cisco Umbrella Rank: 142	544 B
1	gstatic.com fonts.gstatic.com	47 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	14 KB
54	14

	Domain	Requested by
8	analytics.tiktok.com	lendplus.co.za analytics.tiktok.com
6	mc.yandex.com	2 redirects mc.yandex.ru lendplus.co.za
6	www.facebook.com
6	lendplus.co.za	lendplus.co.za
4	lendplusza.crunch.help	1 redirects
4	helpcrunch.com	lendplusza.widget.helpcrunch.com
4	connect.facebook.net	lendplus.co.za connect.facebook.net
4	embed.helpcrunch.com	lendplusza.widget.helpcrunch.com embed.helpcrunch.com
2	lendplusza.helpcrunch.com	embed.helpcrunch.com
2	mc.yandex.ru	1 redirects lendplus.co.za
2	www.googletagmanager.com	lendplus.co.za www.googletagmanager.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	lendplus.co.za
1	lendplusza.widget.helpcrunch.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	lendplus.co.za
1	cdn.jsdelivr.net	lendplus.co.za
54	18

This site contains no links.

Subject Issuer	Validity	Valid
lendplus.co.za WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-19` - `2024-12-18`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-10-20` - `2025-04-01`	5 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
embed.helpcrunch.com WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh
helpcrunch.com E5	`2024-11-27` - `2025-02-25`	3 months	crt.sh
*.crunch.help E6	`2024-10-29` - `2025-01-27`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://lendplus.co.za/user/registration/reg1
Frame ID: 3C875D5A7059BCC7A81DE50AA4183A2A
Requests: 39 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-XVSN9GMWHN&gacid=816393587.1733898696&gtm=45je4ca0v9168612097z89166431884za200zb9166431884&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=1438834650
Frame ID: 109B5A5EE5CCDC48D97EECDB1CF15E21
Requests: 1 HTTP requests in this frame

Frame: https://embed.helpcrunch.com/sdk-code.js
Frame ID: 095AA66D63535B6C4716F6569BFE16CA
Requests: 9 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 33A9D727F02E8E2D45E0AEA4F3AB8AC0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online loan: register and apply. LendPlus

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/fingerprintjs@(\d)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

54
Requests

85 %
HTTPS

60 %
IPv6

14
Domains

18
Subdomains

16
IPs

3
Countries

1938 kB
Transfer

5938 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://lendplusza.widget.helpcrunch.com/ HTTP 301
https://embed.helpcrunch.com/sdk.js

Request Chain 42

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10591.RJk4glTrDvdd8xo8FsIaNgTtxJ9Tt-Iw1fEhUBRMe0RNdIwElgrxF-Tj6V46cMXW.L2c0Z4Bz2ubq8fqIUXwkEIaMHPo%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10591.-KEQYTZev67hEBMHtdkZbX7rX8kOinB41Mo4igbaGujVskgsSavL2_xwIT8pxx-9ZOi8rcye5JL-pJ17PEscGQd84BQS69GyG-8TVD7LNizW53JE1WqhdWR3SY3KJqRc6QhvzjrtShRCIxVbOJO10G3w2s7Z8nXwMXYVzphLz-2ESqfSbXxGCjbzF3A4RPZfQzD63AqRNmpmhtz750oKQdSLHtovd1xVtj1b4hxngzs%2C.8jvD0OZxRJ1zwDo0VVOg8y-2MfU%2C

Request Chain 45

https://mc.yandex.com/watch/96747482?wmode=7&page-url=https%3A%2F%2Flendplus.co.za%2Fuser%2Fregistration%2Freg1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1083691658638%3Ahid%3A955017316%3Az%3A-600%3Ai%3A20241210203137%3Aet%3A1733898697%3Ac%3A1%3Arn%3A384043660%3Arqn%3A1%3Au%3A1733898697784562285%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4555%3Awv%3A2%3Ads%3A1042%2C152%2C967%2C2%2C0%2C0%2C%2C1881%2C1%2C5112%2C5113%2C1%2C4413%3Aco%3A0%3Acpf%3A1%3Ans%3A1733898690816%3Agi%3AR0ExLjEuODE2MzkzNTg3LjE3MzM4OTg2OTY%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1733898698%3At%3AOnline%20loan%3A%20register%20and%20apply.%20LendPlus&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
https://mc.yandex.com/watch/96747482/1?wmode=7&page-url=https%3A%2F%2Flendplus.co.za%2Fuser%2Fregistration%2Freg1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1083691658638%3Ahid%3A955017316%3Az%3A-600%3Ai%3A20241210203137%3Aet%3A1733898697%3Ac%3A1%3Arn%3A384043660%3Arqn%3A1%3Au%3A1733898697784562285%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4555%3Awv%3A2%3Ads%3A1042%2C152%2C967%2C2%2C0%2C0%2C%2C1881%2C1%2C5112%2C5113%2C1%2C4413%3Aco%3A0%3Acpf%3A1%3Ans%3A1733898690816%3Agi%3AR0ExLjEuODE2MzkzNTg3LjE3MzM4OTg2OTY%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1733898698%3At%3AOnline%20loan%3A%20register%20and%20apply.%20LendPlus&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Request Chain 47

https://lendplusza.crunch.help/api/sdk/browser/knowledgebase HTTP 301
https://lendplusza.crunch.help/api/sdk/browser/knowledgebase/

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request reg1 Show response
lendplus.co.za/user/registration/ 4 KB
2 KB 2164ms
969ms Document
text/html 2606:4700::6812:1f6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplus.co.za/user/registration/reg1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

679948e7b27b4125545999b99f595be8f42f08d75ba9eb7c3c605d406b4cb259

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8f036ea94b2078d4-LAX
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
content-type: text/html; charset=utf-8
date: Wed, 11 Dec 2024 06:31:32 GMT
last-modified: Wed, 04 Dec 2024 14:46:11 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 index-cb774b46.js Show response
lendplus.co.za/static/ 310 KB
97 KB 1282ms
1281ms Script
application/javascript 2606:4700::6812:1f6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplus.co.za/static/index-cb774b46.js

Requested by

Host: lendplus.co.za
URL: https://lendplus.co.za/user/registration/reg1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72612eb384802feedafaba5a13981b5b66ff45fab0a510d2c30ba725446e6cae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lendplus.co.za
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67506b33-4d93e"
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 10:31:34 GMT
date: Wed, 11 Dec 2024 06:31:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 04 Dec 2024 14:46:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
cache-control: public, max-age=14400
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f036eaf6a3a78d4-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 vendor-07cc7445.js Show response
lendplus.co.za/static/ 1 MB
339 KB 1327ms
1327ms Script
application/javascript 2606:4700::6812:1f6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplus.co.za/static/vendor-07cc7445.js

Requested by

Host: lendplus.co.za
URL: https://lendplus.co.za/user/registration/reg1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e615b63d295364f6b864015b9895bd2f7c8358f0bfbfd116a423cbd334bd043

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lendplus.co.za
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67506b33-115e81"
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 10:31:34 GMT
date: Wed, 11 Dec 2024 06:31:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 04 Dec 2024 14:46:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
cache-control: public, max-age=14400
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f036eaf6a3b78d4-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 index-f1b320af.css
lendplus.co.za/static/ 519 KB
42 KB 1302ms
1302ms Stylesheet
text/css 2606:4700::6812:1f6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplus.co.za/static/index-f1b320af.css

Requested by

Host: lendplus.co.za
URL: https://lendplus.co.za/user/registration/reg1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b320afd8e31694c53f982f75b6bb3d8121c2cf66d4c1a6c2cf96c2f9ebe4ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67506b33-81c75"
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 10:31:34 GMT
date: Wed, 11 Dec 2024 06:31:34 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 04 Dec 2024 14:46:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
cache-control: public, max-age=14400
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f036eaf6a3978d4-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 fp.min.js Show response
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ 33 KB
14 KB 260ms
105ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js

Requested by

Host: lendplus.co.za
URL: https://lendplus.co.za/user/registration/reg1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99dc3803d1f19c8103f79f834044b2afd4c8af5b7927efbd36b1052d528b40ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"83f4-k1lBXMQZh0ZUAAhwylRSOHXBLBY"
age: 26175
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZF4M6hvDHg5JH5olBul3Rn3iD03lMipbebZ8bCKPsGNFfJurwvieuv4KhVR9YiuEa5lhlO1iJ1z4cDGG521ittbklbad4DCqcncKulYqNBkeiLZHZ%2FknGvderaPtlRad%2BTVRodfUlXDUSqaGyk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Wed, 11 Dec 2024 06:31:33 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220049-FRA, cache-lga21956-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f036eb07de969b5-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13749
server: cloudflare
x-jsd-version: 3.4.2

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 443ms
158ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;900&display=swap

Requested by

Host: lendplus.co.za
URL: https://lendplus.co.za/static/index-f1b320af.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f09ed467d6d2dae5836e2aa1c868a27305909341e08bdb95a9c8df55c766c9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/static/index-f1b320af.css

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 06:31:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 06:31:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 11 Dec 2024 06:15:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
79 KB 422ms
152ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TN6DK2VK&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: lendplus.co.za
URL: https://lendplus.co.za/user/registration/reg1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c0ecda6ee667be2425d09bb3c3c9c1a2ffa7c8db14d28a082b6dacd2c4e7088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Wed, 11 Dec 2024 06:31:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 06:31:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80404
x-xss-protection: 0
server: Google Tag Manager

GET eb5f9636-7823-4fa3-b249-b01f07844002
https://lendplus.co.za/ Frame 0
0

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 286ms
140ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lendplus.co.za
Referer: https://fonts.googleapis.com/

Response headers

age: 523591
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 05 Dec 2025 05:05:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 05:05:04 GMT
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48444
x-xss-protection: 0
server: sffe

GET
H2 200 data Show response
lendplus.co.za/wp-json/react/v2/ 87 KB
19 KB 558ms
558ms Fetch
application/json 2606:4700::6812:1f6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplus.co.za/wp-json/react/v2/data?lang=en

Requested by

Host: lendplus.co.za
URL: https://lendplus.co.za/static/vendor-07cc7445.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79adbe299e2e7e5375c5b508b16cdec573a72f032b8d3bb7ba9f1af7d49c0d9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: wss:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

x-robots-tag: noindex
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff, nosniff
date: Wed, 11 Dec 2024 06:31:35 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://lendplus.co.za/wp-json/>; rel="https://api.w.org/"
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https: wss:
referrer-policy: no-referrer-when-downgrade
allow: GET
cf-ray: 8f036ebe2d9878d4-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3

200

sdk.js Show response
embed.helpcrunch.com/
Redirect Chain

https://lendplusza.widget.helpcrunch.com/
https://embed.helpcrunch.com/sdk.js

8 KB
4 KB

182ms
88ms

Script
application/javascript

172.67.72.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.helpcrunch.com/sdk.js

Protocol

Server

172.67.72.244 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dd66c48001bcd93ec98fe20041e2d200074c31970cd9378870423018cdad633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"69f401028cea3f4e6b68f510534429e3"
age: 6053
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=imKTc9QGWWc1vGS%2FYp%2FKgecPY0ZOJgqAeBj7HiQQKMIRKiLvKeXPqMkY4HDFAxoH%2BaOSHOdApvp9MTiU3BhFtljvr%2B4prGqICvD4FmTeoAUcBzGb2SzdM7zOhIot5aJbLsNzx2J%2FeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71068&min_rtt=71018&rtt_var=26732&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4182&recv_bytes=4250&delivery_rate=46688&cwnd=12000&unsent_bytes=0&cid=9ff9633d05bea3c9&ts=93&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f036ec37f85528f-LAX
access-control-allow-origin: *
server: cloudflare

Redirect headers

cache-control: max-age=3600
location: https://embed.helpcrunch.com/sdk.js
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQjkUvYabDv6NXZ4dQK%2B9J%2FwV50SjsdsVIhPA94B6zsia0Sje22PjQ1D%2BIgcVrqB9Z%2Fkq0VNHseoHsmQRzX7eKOrCOR3GTFR3KbEVJ5YD10H1nwIbYLGR%2BR%2FfHkNPYjUkehoGmjHALnS14PD2MZT7TWs"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f036ec26d1bf7b1-LAX
expires: Wed, 11 Dec 2024 07:31:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71007&min_rtt=70991&rtt_var=26633&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4146&recv_bytes=4249&delivery_rate=45277&cwnd=12000&unsent_bytes=0&cid=05f73d3c8b81dcd5&ts=84&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 167
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 366 KB
122 KB 156ms
155ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XVSN9GMWHN&l=dataLayer&cx=c&gtm=45He4ca0v9166431884za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN6DK2VK&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bbf17561855e10e2a5e3bedccf92cf473cb862af92fc62d11569d920a63665a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 11 Dec 2024 06:31:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 124528
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 276ms
137ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lendplus.co.za
URL: https://lendplus.co.za/user/registration/reg1

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-KANHZ2Wx' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KANHZ2Wx' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8236, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: BMnt+RixLIhhogAs9/FJpwJd/tFI5u21Uz9CUIpTawn8JR9VivYyb11U+KYBzVwNU+ImnCzVhGGuxChcANLXQA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62212
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 221 KB
75 KB 1035ms
520ms Script
application/javascript 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: lendplus.co.za
URL: https://lendplus.co.za/user/registration/reg1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

c7ff5a3b62813ecb76c059e1d59e2de5cd4495b7c50f76b0c0981ccb21148cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "674f133a-12928"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Wed, 11 Dec 2024 07:31:36 GMT
access-control-allow-origin: *
content-length: 76072
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/javascript
last-modified: Tue, 03 Dec 2024 14:18:34 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 458ms
150ms Script
application/javascript 23.48.224.105
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CO37VG3C77UA0601F6L0&lib=ttq
Requested by: Host: lendplus.co.za
URL: https://lendplus.co.za/user/registration/reg1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-224-105.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4877230dcad84a2a2cd80d306ccaf7c984ca213c5f082a0a7b048f6de9907e57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
expires: Wed, 11 Dec 2024 06:31:36 GMT
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=11
x-cache: TCP_MISS from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 752d6eef
x-tt-trace-host: 01517621e153f4e6597b2abfd402ed4ae5b4a9cb7be1967acf161d94fc48198f9b86048c5b0a55768f306195fdff47ab3ebff909bfcda38fecbd44b1fb31be92cbeb018b5b066b06d863d557f375bef35501bb7184d9ec83aebfe62c64444dfdd3
x-origin-response-time: 11,23.195.36.71
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241211063136CD916E1550D66A0B66A1-52AC5C9D5481DBFA-00
x-tt-logid: 20241211063136CD916E1550D66A0B66A1
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 461ms
153ms Script
application/javascript 23.48.224.105
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQOC78JC77U9B9741EC0&lib=ttq
Requested by: Host: lendplus.co.za
URL: https://lendplus.co.za/user/registration/reg1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-224-105.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3192805d2d1c45668573ba1bfdcee0f9eabdeda143181c16627c0a4e42816004

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
expires: Wed, 11 Dec 2024 06:31:36 GMT
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=12
x-cache: TCP_MISS from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 752d6efb
x-tt-trace-host: 01517621e153f4e6597b2abfd402ed4ae5b4a9cb7be1967acf161d94fc48198f9b1eb5b8528e6f4e0cbef233455d3b01259816a5b9a45ef95e958229684619628307e8a0e4c0cb211a5001b81a8bb03cf0545f8eb26d7d8a55b79c81f6ddf9d589
x-origin-response-time: 12,23.195.36.71
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2412110631363DC850B56033C5F334D2-67F2E759302E94AC-00
x-tt-logid: 202412110631363DC850B56033C5F334D2
server: nginx

GET
H2 200 favicon.ico
lendplus.co.za/icon/ 4 KB
1 KB 917ms
916ms Other
image/x-icon 2606:4700::6812:1f6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplus.co.za/icon/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

413edc303ec89cd013ec16083060d412e98cfd3cc4bab019cd5dc628fa31e0f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"67506b07-10be"
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 10:31:36 GMT
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: image/x-icon
vary: Accept-Encoding
last-modified: Wed, 04 Dec 2024 14:45:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
cache-control: public, max-age=14400
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f036ec1fab778d4-LAX
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect Show response
analytics.google.com/g/ 0
544 B 408ms
141ms Fetch
text/plain 2607:f8b0:4004:c1b::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XVSN9GMWHN&gtm=45je4ca0v9168612097z89166431884za200zb9166431884&_p=1733898695216&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=816393587.1733898696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733898696&sct=1&seg=0&dl=https%3A%2F%2Flendplus.co.za%2Fuser%2Fregistration%2Freg1&dt=Online%20loan%3A%20register%20and%20apply.%20LendPlus&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5484
Requested by: Host: lendplus.co.za
URL: https://lendplus.co.za/static/vendor-07cc7445.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://lendplus.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
553 B 412ms
142ms Ping
text/plain 2607:f8b0:4004:c21::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XVSN9GMWHN&cid=816393587.1733898696&gtm=45je4ca0v9168612097z89166431884za200zb9166431884&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVSN9GMWHN&l=dataLayer&cx=c&gtm=45He4ca0v9166431884za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c21::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://lendplus.co.za
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 109B 0
0 437ms
155ms Document
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-XVSN9GMWHN&gacid=816393587.1733898696&gtm=45je4ca0v9168612097z89166431884za200zb9166431884&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=1438834650

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVSN9GMWHN&l=dataLayer&cx=c&gtm=45He4ca0v9166431884za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lendplus.co.za/user/registration/reg1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 06:31:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 306290219027025 Show response
connect.facebook.net/signals/config/ 85 KB
18 KB 213ms
212ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/306290219027025?v=2.9.178&r=stable&domain=lendplus.co.za&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

0a44464921ff88ab2addf9d4c3d8774c6c88564820f78e3d58d7736f5fbf8cf1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-9jDz0brL' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-9jDz0brL' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=80, mss=1232, tbw=74304, tp=71, tpl=0, uplat=75, ullat=0
pragma: public
x-fb-debug: zhtQWR/QNRyCWTOo8q0sq4RmvNfDPC0q+VIAOn7prOyGglNsoUznIhlrruEc9dWt5xO0us9Z3aFCfj5BTkmo2g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 main.MWZiM2ZlMGNjMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 351 KB
97 KB 140ms
140ms Script
application/javascript 23.48.224.105
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CO37VG3C77UA0601F6L0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-224-105.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

x-cache: TCP_MEM_HIT from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=17
x-tt-trace-id: 00-2412101334415555364465F1C1A26ED2-2AF42CAB2DA17FAC-00
content-length: 98749
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202412101334415555364465F1C1A26ED2
server: nginx
x-akamai-request-id: 752d7199
x-tt-trace-host: 01ef88a837bd69e7d0c90892c25febd30fe4aa4b0f78fcf242c4c167157565a92d8ac40e0f217a947f578871e70b76e654561235d9ea9bed56673a3b6563a072df184d1fb88c9523f498929982e279353dc5e06dafacd1a8d97cfed48dc5ac996f

GET
H3 200 sdk-code.js Show response
embed.helpcrunch.com/ Frame 095A 2 MB
487 KB 87ms
86ms Script
application/javascript 172.67.72.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.helpcrunch.com/sdk-code.js

Requested by

Host: lendplusza.widget.helpcrunch.com
URL: https://lendplusza.widget.helpcrunch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.244 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5e0d0276770686569ca2fa03afdcb9deb11209a35a9fc4ef34f43af76523df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"07330fabb56d915190e378edc6ca5fef"
age: 6189
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2Fbv4vKV25e%2F4dald0GrBzxoTgHu4m8Iq1IoiWVfJ1ZIYPEKlUjGDUTkvUgS8%2B5JjEavZ310EX2Q3DtLqXSULaQiOXIgZDIPZ1%2BU%2FU2AeN9aWcF5Q%2FPt8HMlE0FEA2tnN71D%2FzGE2pfXy8zfQCXAlnxFLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74198&min_rtt=71018&rtt_var=11639&sent=16&recv=13&lost=0&retrans=0&sent_bytes=8401&recv_bytes=4717&delivery_rate=43470&cwnd=12000&unsent_bytes=0&cid=9ff9633d05bea3c9&ts=363&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f036ec5291a528f-LAX
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Inter-Regular.woff
helpcrunch.com/fonts/widget-v3/ Frame 095A 68 KB
68 KB 254ms
84ms Font
application/font-woff 2606:4700:20::ac43:48f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpcrunch.com/fonts/widget-v3/Inter-Regular.woff
Requested by: Host: lendplusza.widget.helpcrunch.com
URL: https://lendplusza.widget.helpcrunch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604a1aec3d12a88e3782e988ddbe071e0ef64474b9d04ddc1518d27071976769

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lendplus.co.za
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"67500c24-110dc"
age: 250186
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUzB6ra6s0WKeSTpwTo0fO220GxzjOpJRQMAUXTe9V0fzdYyTQB3CgcHsYSYAc2LOtZPHLwcQ6SD3oEl3lKRlr2aDc2%2FMSYS7sIH6T6zxxBqL4J9Jic1F9L%2FNlID23s1TVAUJ8v3x%2Fg5Dt9H"}],"group":"cf-nel","max_age":604800}
expires: Sat, 29 Nov 2025 09:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=70939&min_rtt=70835&rtt_var=15114&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4217&recv_bytes=2486&delivery_rate=54602&cwnd=252&unsent_bytes=0&cid=d29aee2dcd2938e8&ts=92&x=0"
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/font-woff
last-modified: Wed, 04 Dec 2024 08:00:36 GMT
vary: Accept-Encoding
cache-control: max-age=30758400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f036ec639cef7c5-LAX
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Inter-Medium.woff
helpcrunch.com/fonts/widget-v3/ Frame 095A 71 KB
71 KB 739ms
570ms Font
application/font-woff 2606:4700:20::ac43:48f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpcrunch.com/fonts/widget-v3/Inter-Medium.woff
Requested by: Host: lendplusza.widget.helpcrunch.com
URL: https://lendplusza.widget.helpcrunch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb69e0f3ab5a802c43bfac1203237f079fdced4ac1a073ce3a8d173d17ecfc93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lendplus.co.za
Referer

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"67500c24-11d80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9k6PT8Pecujl9fanBazuZT%2BnELkuBAmijYf%2FClAu6CvkGMrrMQOyXDd7Sew8E%2F4z0Avp3XcpgpWrUbaqIepAWubuC3Rz7MX8%2Fc3mv8p6peAdLWVLJYgeo3oTDjKKF7yBv5tUm%2FNU%2BmKrrjs"}],"group":"cf-nel","max_age":604800}
expires: Tue, 02 Dec 2025 06:31:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=70990&min_rtt=70614&rtt_var=161&sent=184&recv=72&lost=0&retrans=0&sent_bytes=220449&recv_bytes=2517&delivery_rate=1094514&cwnd=257&unsent_bytes=1405&cid=d29aee2dcd2938e8&ts=576&x=0"
date: Wed, 11 Dec 2024 06:31:37 GMT
content-type: application/font-woff
last-modified: Wed, 04 Dec 2024 08:00:36 GMT
vary: Accept-Encoding
cache-control: max-age=30758400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f036ec639d2f7c5-LAX
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Inter-SemiBold.woff
helpcrunch.com/fonts/widget-v3/ Frame 095A 71 KB
71 KB 733ms
565ms Font
application/font-woff 2606:4700:20::ac43:48f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpcrunch.com/fonts/widget-v3/Inter-SemiBold.woff
Requested by: Host: lendplusza.widget.helpcrunch.com
URL: https://lendplusza.widget.helpcrunch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6000e760ed9103684d286734efab2c2a0ae3ac8ce86bdb3287d4adf239710e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lendplus.co.za
Referer

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"67500c24-11cfc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcqKy21gaUbqgF4%2BeFfXqnxCH5fof8v96WIp4d%2F2roOMnXSfQsyYkJBuZJja%2BJRy1gZ7dAcQ%2FMN8hspF6yAqy%2B4iB1xOAIxi6FitQFxpbem3V88pOPDvlStpl34YIFN23eg9vCcJagmEgEvk"}],"group":"cf-nel","max_age":604800}
expires: Tue, 02 Dec 2025 06:31:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=70990&min_rtt=70614&rtt_var=161&sent=127&recv=72&lost=0&retrans=0&sent_bytes=148826&recv_bytes=2517&delivery_rate=1094514&cwnd=257&unsent_bytes=0&cid=d29aee2dcd2938e8&ts=573&x=0"
date: Wed, 11 Dec 2024 06:31:37 GMT
content-type: application/font-woff
last-modified: Wed, 04 Dec 2024 08:00:36 GMT
vary: Accept-Encoding
cache-control: max-age=30758400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f036ec639d7f7c5-LAX
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Inter-Bold.woff
helpcrunch.com/fonts/widget-v3/ Frame 095A 71 KB
71 KB 325ms
156ms Font
application/font-woff 2606:4700:20::ac43:48f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpcrunch.com/fonts/widget-v3/Inter-Bold.woff
Requested by: Host: lendplusza.widget.helpcrunch.com
URL: https://lendplusza.widget.helpcrunch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1c23e749153a1832a113ba39b2e38a7043950e229bb635a2508cc59518ea50f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lendplus.co.za
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"67500c24-11d9c"
age: 250186
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5hZxfPNieIBfidVs7%2B6tj8S%2BDDDMkMXiceWQDF2HyXwBij2%2BrcbIQXPv6zZGhNMBpP3rG5HrzeeEmKKtJT7bMMghdRbKBYK7U9McibO6dJusyC7QQKsfkwNFJnupT3c9yd1aUCpXNUONxYn%2F"}],"group":"cf-nel","max_age":604800}
expires: Sat, 29 Nov 2025 09:01:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=70939&min_rtt=70835&rtt_var=15114&sent=41&recv=13&lost=0&retrans=0&sent_bytes=43013&recv_bytes=2486&delivery_rate=54602&cwnd=252&unsent_bytes=32222&cid=d29aee2dcd2938e8&ts=93&x=0"
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/font-woff
last-modified: Wed, 04 Dec 2024 08:00:36 GMT
vary: Accept-Encoding
cache-control: max-age=30758400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f036ec639c7f7c5-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 1159053395399860 Show response
connect.facebook.net/signals/config/ 31 KB
5 KB 219ms
218ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1159053395399860?v=2.9.178&r=stable&domain=lendplus.co.za&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C135%2C164%2C198%2C200%2C123%2C146%2C152%2C130%2C236%2C117%2C199%2C127%2C128%2C147%2C174%2C160%2C119%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

15879f79f04670662867bf5e6b63157947efc77abcd731f903016648ce932556

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-j3doJdIh' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-j3doJdIh' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=136, rtx=0, c=95, mss=1232, tbw=93536, tp=89, tpl=0, uplat=82, ullat=0
pragma: public
x-fb-debug: +58Wk/ViRSaZFfX8/P/k62weG/06RPnGgpDSPMZIl+ZAu1iBt/DwoZwx+zRV0fVdixZjzlMYzVuDkfOGwldkXA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 280ms
137ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=306290219027025&ev=PageView&dl=https%3A%2F%2Flendplus.co.za&rl=&if=false&ts=1733898696635&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.2.1733898696631.160303001301024949&cs_est=true&pm=1&hrl=2d3683&ler=empty&cdl=API_unavailable&it=1733898696399&coo=false&cs_cc=1&cas=8937094203008782%2C8353978838047765%2C26138704725744643%2C25915449831437099%2C7833491443341820&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8315, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 376ms
233ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=306290219027025&ev=PageView&dl=https%3A%2F%2Flendplus.co.za&rl=&if=false&ts=1733898696635&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.2.1733898696631.160303001301024949&cs_est=true&pm=1&hrl=2d3683&ler=empty&cdl=API_unavailable&it=1733898696399&coo=false&cs_cc=1&cas=8937094203008782%2C8353978838047765%2C26138704725744643%2C25915449831437099%2C7833491443341820&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447038195822259886"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: LZoYleeMao+1Ba+xk5T+lLlZ1RSOy+Mwt89QjhR2tsmNHfvjYRB+PaaDoAIX9MJUtnZkpQIpsnrMU8qbfDcueg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447038195822259886", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8891, tp=20, tpl=0, uplat=96, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 140ms
139ms Script
application/javascript 23.48.224.105
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-224-105.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

x-cache: TCP_MEM_HIT from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
x-tt-trace-id: 00-24111505023471184E5894DE981AFF75-254B9EF354E335B6-00
content-length: 39341
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024111505023471184E5894DE981AFF75
server: nginx
x-akamai-request-id: 752d79cb
x-tt-trace-host: 019da7bd06e912e229762c12209c342f6f58e50ad7bb32fe20a2e042211cbf81b6167b1696ccc5587daa49b17901c60261589a5cb5b99f7bd0f7201fb25a01e22ad13c6208ed229f198109a7edd2b0f7be0e6bbceeeedb2517feb9edc4a5c7dd09

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 171ms
169ms Ping
text/plain 23.48.224.105
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-224-105.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 11 Dec 2024 06:31:36 GMT
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=9, origin; dur=24
x-cache: TCP_MISS from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Wed, 11 Dec 2024 06:31:36 GMT
x-akamai-request-id: 752d79fc
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01517621e153f4e6597b2abfd402ed4ae5b4a9cb7be1967acf161d94fc48198f9b9d6341616487042ea4ab4dd783d340192b42787f09072e49e661fb3dc1e89dcc38a6a9ad89f1f668f59bef7b6e900e674afbbf9dd2e9fa6c025a4d05393f4ece
x-origin-response-time: 25,23.195.36.71
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241211063136C4BBE5C1EED194119CC4-6C2DC72B93706DE2-00
content-length: 0
x-tt-logid: 20241211063136C4BBE5C1EED194119CC4
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
714 B 171ms
170ms Ping
text/plain 23.48.224.105
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-224-105.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 11 Dec 2024 06:31:36 GMT
server-timing: inner; dur=19, cdn-cache; desc=MISS, edge; dur=5, origin; dur=28
x-cache: TCP_MISS from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Wed, 11 Dec 2024 06:31:36 GMT
x-akamai-request-id: 752d79fd
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01517621e153f4e6597b2abfd402ed4ae5b4a9cb7be1967acf161d94fc48198f9ba2e2467501cdead8ff1e07c38e90834a7050b2585a3e42f12df8121ef6b9c2a9427e06643db18bc2c78a2f6f4930ca9cba83d64ed14d026801cad9021a5f9bc7
x-origin-response-time: 28,23.195.36.71
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2412110631362AA69BFCB0F7FC08B70E-137A47BF74FD718F-00
content-length: 0
x-tt-logid: 202412110631362AA69BFCB0F7FC08B70E
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 175ms
174ms Ping
text/plain 23.48.224.105
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-224-105.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 11 Dec 2024 06:31:36 GMT
server-timing: inner; dur=23, cdn-cache; desc=MISS, edge; dur=4, origin; dur=32
x-cache: TCP_MISS from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Wed, 11 Dec 2024 06:31:36 GMT
x-akamai-request-id: 752d7a0a
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01517621e153f4e6597b2abfd402ed4ae5b4a9cb7be1967acf161d94fc48198f9b129088cff9af9044eeb6f3ba33f325ca7037d1004d293597e450f1bdffdebcb750f45f45ead6b20045fc01f5a1dc93291fadb27fb9509aeacb007c39d5963f39
x-origin-response-time: 32,23.195.36.71
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241211063136D4E610D71D4CDE044EDB-73AFB708745A1106-00
content-length: 0
x-tt-logid: 20241211063136D4E610D71D4CDE044EDB
server: nginx

GET
H3 200 865149318461997 Show response
connect.facebook.net/signals/config/ 42 KB
7 KB 245ms
244ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/865149318461997?v=2.9.178&r=stable&domain=lendplus.co.za&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C135%2C164%2C198%2C200%2C123%2C146%2C152%2C130%2C236%2C117%2C199%2C127%2C128%2C147%2C174%2C160%2C119%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

c43499cf08ac06b10b37284092aa7e0f6172894afac9dac0239a5e0093fdaf8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-hAoaIX3A' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 11 Dec 2024 06:31:37 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-hAoaIX3A' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=100, mss=1232, tbw=99216, tp=96, tpl=0, uplat=105, ullat=0
pragma: public
x-fb-debug: W49crHa1Qo9rsWsLAyctp1p3DKdjWa4GoxVeUABDnaJ+fMtwIFfP5h0itcVPwpFSCvpviP6C6evDMuNNXFGX5A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 137ms
136ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1159053395399860&ev=PageView&dl=https%3A%2F%2Flendplus.co.za&rl=&if=false&ts=1733898696869&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12316&fbp=fb.2.1733898696631.160303001301024949&pm=1&hrl=58d6b2&ler=empty&cdl=API_unavailable&it=1733898696399&coo=false&cs_cc=1&cas=26138704725744643&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8731, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 181ms
181ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1159053395399860&ev=PageView&dl=https%3A%2F%2Flendplus.co.za&rl=&if=false&ts=1733898696869&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12316&fbp=fb.2.1733898696631.160303001301024949&pm=1&hrl=58d6b2&ler=empty&cdl=API_unavailable&it=1733898696399&coo=false&cs_cc=1&cas=26138704725744643&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447038194047206816"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 11 Dec 2024 06:31:36 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447038194047206816", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: n8GVU9tQ4t8SYGzAfZ+Nb/vxrZFeoJN8OaFbfMldjKdLTehT5MTe77VizzE82efWMzzemJtwpRkXj26pGTJjYQ==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=26, mss=1232, tbw=12287, tp=27, tpl=0, uplat=43, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

OPTIONS
H3 200 cb55c71c-f38f-49ee-93f7-af7122578ff7
lendplusza.helpcrunch.com/api/v2/applications/ Frame 0
0 782ms
681ms Preflight
text/html 172.67.72.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplusza.helpcrunch.com/api/v2/applications/cb55c71c-f38f-49ee-93f7-af7122578ff7

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.244 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://lendplus.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: AUTHORIZATION,CONTENT-TYPE
access-control-allow-methods: DELETE, GET, POST, PUT, PATCH
access-control-allow-origin: *
access-control-expose-headers: Date
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8f036ec98ef1db9e-LAX
content-encoding: br
content-security-policy: frame-ancestors 'none';
content-type: text/html; charset=UTF-8
date: Wed, 11 Dec 2024 06:31:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UcZLX%2FXF%2Bz4xLh%2F5i5u%2FIgQWSnTvrdhvNN%2F2gnN3maQlxjUbf6ygDCd%2FnBfxTY2TwBTiiXUk7oPjxsgeETVSKgK%2BOEKL4ldLgK8NoQtD2DkmbWyVqDj4FAvNwIwfAS86HmU%2FdEuIBCbIxd4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=71682&min_rtt=71450&rtt_var=11465&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4460&delivery_rate=288&cwnd=12000&unsent_bytes=0&cid=77ec6a8a90dc3f0e&ts=688&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding Accept-Encoding
x-powered-by: PHP/7.3.33
x-request-id: 675931c9aff53

GET
H3 200 widget-window.chunk.72bce63c321c23b54ea8.js
embed.helpcrunch.com/ Frame 095A 0
39 KB 85ms
85ms Other
application/javascript 172.67.72.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.helpcrunch.com/widget-window.chunk.72bce63c321c23b54ea8.js

Requested by

Host: embed.helpcrunch.com
URL: https://embed.helpcrunch.com/sdk-code.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.244 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"49a854d9cc6f5148850ddfff1e2a5025"
age: 6622
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ctvz5l3Ucbf9PSc0XMyFlPkqDBxH6jPaqBl%2Fl7zjImO8x5ycRemMhDCuQR4XBdU0b8EnjhcN3gBqxqiHy2CHi6rYr9%2BVKLUH6XL9d7lzY0NMweXBq%2ByLi3NuiCvbjahMUn75bD%2BkcA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74117&min_rtt=71018&rtt_var=4734&sent=444&recv=94&lost=0&retrans=0&sent_bytes=517922&recv_bytes=8667&delivery_rate=2568912&cwnd=272700&unsent_bytes=0&cid=9ff9633d05bea3c9&ts=950&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 06:31:37 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=4,i
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f036ec8dd7b528f-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 cb55c71c-f38f-49ee-93f7-af7122578ff7 Show response
lendplusza.helpcrunch.com/api/v2/applications/ Frame 095A 244 KB
45 KB 611ms
611ms Fetch
application/json 172.67.72.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplusza.helpcrunch.com/api/v2/applications/cb55c71c-f38f-49ee-93f7-af7122578ff7

Requested by

Host: embed.helpcrunch.com
URL: https://embed.helpcrunch.com/sdk-code.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.244 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.33

Resource Hash

38d94fa0a93474e97398cae4b23eef0c233c1a8504d5852609e91ea58f8b81a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';

Request headers

Authorization: Bearer product="75" secret="bf81448893613656a6cc7fb51b35718e7089c8ef79a850c7cb5c0f87e8977c5b"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

x-request-id: 675931ca23e17
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8WhqVwH6Yg8b74eVykxnCYk8GYO3a5aaXqzOSQsyWYHlDcS105BFgrNBnbOa3gfW0fL0WNFT1EjTwJYqRpUD2PuAKO5rrsXJL4yM%2FkcyQTLdAPZSQtmRSm8nmk05HTFna9c6IC6WqBFuJzk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71676&min_rtt=71450&rtt_var=8611&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5082&recv_bytes=4894&delivery_rate=11996&cwnd=12000&unsent_bytes=0&cid=77ec6a8a90dc3f0e&ts=1300&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 06:31:38 GMT
content-type: application/json
vary: Accept-Encoding, Accept-Encoding, Origin
priority: u=1,i
content-security-policy: frame-ancestors 'none';
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8f036ecdcd2edb9e-LAX
access-control-allow-origin: *
x-powered-by: PHP/7.3.33
server: cloudflare

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
716 B 177ms
174ms Ping
text/plain 23.48.224.105
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.105 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-224-105.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Wed, 11 Dec 2024 06:31:37 GMT
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=5, origin; dur=26
x-cache: TCP_MISS from a23-195-36-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Wed, 11 Dec 2024 06:31:37 GMT
x-akamai-request-id: 752d7ede
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01517621e153f4e6597b2abfd402ed4ae5b4a9cb7be1967acf161d94fc48198f9b90b27204b2d7f70bf026856fe17df3b61655fefef66a405db121ae9d8e74423f8dc7bb2121759e210e36c485cccf9f49e5a0ab3255058911ab73bc85eaefc995
x-origin-response-time: 26,23.195.36.71
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2412110631376D65AF54D85E1636B1B6-78CBCD3346C8FDA2-00
content-length: 0
x-tt-logid: 202412110631376D65AF54D85E1636B1B6
server: nginx

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 136ms
136ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=865149318461997&ev=PageView&dl=https%3A%2F%2Flendplus.co.za&rl=&if=false&ts=1733898697123&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12316&fbp=fb.2.1733898696631.160303001301024949&pm=1&hrl=b3294a&ler=empty&cdl=API_unavailable&it=1733898696399&coo=false&cs_cc=1&cas=8242769642494168%2C8532462396852793%2C9158369400854213%2C8559211820862555%2C8605064726272941%2C8575264905924979%2C8633146046742814%2C8755343601164928%2C7999221573534015%2C8453440874712202&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=138, rtx=0, c=30, mss=1232, tbw=13727, tp=33, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 11 Dec 2024 06:31:37 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 181ms
181ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=865149318461997&ev=PageView&dl=https%3A%2F%2Flendplus.co.za&rl=&if=false&ts=1733898697123&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12316&fbp=fb.2.1733898696631.160303001301024949&pm=1&hrl=b3294a&ler=empty&cdl=API_unavailable&it=1733898696399&coo=false&cs_cc=1&cas=8242769642494168%2C8532462396852793%2C9158369400854213%2C8559211820862555%2C8605064726272941%2C8575264905924979%2C8633146046742814%2C8755343601164928%2C7999221573534015%2C8453440874712202&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447038198304112712"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 11 Dec 2024 06:31:37 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 9h5pfTDRi7tx3bIjJ5lryqKzoACBw+TCuKHrnBMoaEbCZQmMFGbL498VEmXKmAurrcZ3G7mNnKkd+sYHs9oalQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447038198304112712", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=138, rtx=0, c=30, mss=1232, tbw=13919, tp=35, tpl=0, uplat=43, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10591.RJk4glTrDvdd8xo8FsIaNgTtxJ9Tt-Iw1fEhUBRMe0RNdIwElgrxF-Tj6V46cMXW.L2c0Z4Bz2ubq8fqIUXwkEIaMHPo%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10591.-KEQYTZev67hEBMHtdkZbX7rX8kOinB41Mo4igbaGujVskgsSavL2_xwIT8pxx-9ZOi8rcye5JL-pJ17PEscGQd84BQS69GyG-8TVD7LNizW53JE1WqhdWR3SY3KJqRc6QhvzjrtSh...

43 B
699 B

261ms
261ms

Image
image/gif

2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10591.-KEQYTZev67hEBMHtdkZbX7rX8kOinB41Mo4igbaGujVskgsSavL2_xwIT8pxx-9ZOi8rcye5JL-pJ17PEscGQd84BQS69GyG-8TVD7LNizW53JE1WqhdWR3SY3KJqRc6QhvzjrtShRCIxVbOJO10G3w2s7Z8nXwMXYVzphLz-2ESqfSbXxGCjbzF3A4RPZfQzD63AqRNmpmhtz750oKQdSLHtovd1xVtj1b4hxngzs%2C.8jvD0OZxRJ1zwDo0VVOg8y-2MfU%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
date: Wed, 11 Dec 2024 06:31:38 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
location: https://mc.yandex.com/sync_cookie_image_decide?token=10591.-KEQYTZev67hEBMHtdkZbX7rX8kOinB41Mo4igbaGujVskgsSavL2_xwIT8pxx-9ZOi8rcye5JL-pJ17PEscGQd84BQS69GyG-8TVD7LNizW53JE1WqhdWR3SY3KJqRc6QhvzjrtShRCIxVbOJO10G3w2s7Z8nXwMXYVzphLz-2ESqfSbXxGCjbzF3A4RPZfQzD63AqRNmpmhtz750oKQdSLHtovd1xVtj1b4hxngzs%2C.8jvD0OZxRJ1zwDo0VVOg8y-2MfU%2C
x-xss-protection: 1; mode=block
date: Wed, 11 Dec 2024 06:31:37 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
595 B 265ms
264ms Image
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
etag: "674f133a-2b"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Wed, 11 Dec 2024 07:31:37 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Wed, 11 Dec 2024 06:31:37 GMT
last-modified: Tue, 03 Dec 2024 14:18:34 GMT
content-type: image/gif

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 33A9 0
0 810ms
300ms Document
text/html 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://lendplus.co.za/user/registration/reg1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1473
content-type: text/html
date: Wed, 11 Dec 2024 06:31:38 GMT
etag: "674f133a-5c1"
expires: Wed, 11 Dec 2024 07:31:38 GMT
last-modified: Tue, 03 Dec 2024 14:18:34 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/96747482/
Redirect Chain

https://mc.yandex.com/watch/96747482?wmode=7&page-url=https%3A%2F%2Flendplus.co.za%2Fuser%2Fregistration%2Freg1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%...
https://mc.yandex.com/watch/96747482/1?wmode=7&page-url=https%3A%2F%2Flendplus.co.za%2Fuser%2Fregistration%2Freg1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zy...

623 B
918 B

260ms
260ms

Fetch
application/json

2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/96747482/1?wmode=7&page-url=https%3A%2F%2Flendplus.co.za%2Fuser%2Fregistration%2Freg1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1083691658638%3Ahid%3A955017316%3Az%3A-600%3Ai%3A20241210203137%3Aet%3A1733898697%3Ac%3A1%3Arn%3A384043660%3Arqn%3A1%3Au%3A1733898697784562285%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4555%3Awv%3A2%3Ads%3A1042%2C152%2C967%2C2%2C0%2C0%2C%2C1881%2C1%2C5112%2C5113%2C1%2C4413%3Aco%3A0%3Acpf%3A1%3Ans%3A1733898690816%3Agi%3AR0ExLjEuODE2MzkzNTg3LjE3MzM4OTg2OTY%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1733898698%3At%3AOnline%20loan%3A%20register%20and%20apply.%20LendPlus&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

a90bdde34b850049479f3ff9c64a49373ffafa251986dceadfc0a471eb0da6e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lendplus.co.za/user/registration/reg1

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 11-Dec-2024 06:31:38 GMT
access-control-allow-origin: https://lendplus.co.za
content-length: 623
x-xss-protection: 1; mode=block
date: Wed, 11 Dec 2024 06:31:38 GMT
content-type: application/json; charset=utf-8
last-modified: Wed, 11-Dec-2024 06:31:38 GMT

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/96747482/1?wmode=7&page-url=https%3A%2F%2Flendplus.co.za%2Fuser%2Fregistration%2Freg1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A1083691658638%3Ahid%3A955017316%3Az%3A-600%3Ai%3A20241210203137%3Aet%3A1733898697%3Ac%3A1%3Arn%3A384043660%3Arqn%3A1%3Au%3A1733898697784562285%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4555%3Awv%3A2%3Ads%3A1042%2C152%2C967%2C2%2C0%2C0%2C%2C1881%2C1%2C5112%2C5113%2C1%2C4413%3Aco%3A0%3Acpf%3A1%3Ans%3A1733898690816%3Agi%3AR0ExLjEuODE2MzkzNTg3LjE3MzM4OTg2OTY%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1733898698%3At%3AOnline%20loan%3A%20register%20and%20apply.%20LendPlus&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
expires: Wed, 11-Dec-2024 06:31:38 GMT
access-control-allow-origin: https://lendplus.co.za
x-xss-protection: 1; mode=block
date: Wed, 11 Dec 2024 06:31:38 GMT
last-modified: Wed, 11-Dec-2024 06:31:38 GMT

GET
H3 200 9881.js Show response
embed.helpcrunch.com/ Frame 095A 1003 B
1 KB 82ms
82ms Script
application/javascript 172.67.72.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.helpcrunch.com/9881.js

Requested by

Host: embed.helpcrunch.com
URL: https://embed.helpcrunch.com/sdk-code.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.244 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9e08fbae5c199f4e2769c146802c227b1f0de1b427a250e8801a3e9b4f927ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3695abcd3ff462b2f4f2c651c0a33321"
age: 5923
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyD%2BnoqpCD5sfygIAVNpb%2B8fd6Z%2Fl54rIn1XU4UH%2BwfMrfHcSCX9%2BbVHvYgEz5iRySBlrjxuEBp0%2Bdg7p%2BcclPyxSKLLpA%2BDVXL%2BW%2B0SSSm4CMCEc9XI1M2%2FMUyJxWXSjbPVSKWjproVqGORJ4R7aQuX4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73134&min_rtt=71018&rtt_var=2682&sent=480&recv=99&lost=0&retrans=0&sent_bytes=559225&recv_bytes=9088&delivery_rate=298314&cwnd=272700&unsent_bytes=0&cid=9ff9633d05bea3c9&ts=2548&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 11 Dec 2024 06:31:38 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f036ed2d874528f-LAX
access-control-allow-origin: *
server: cloudflare

GET
H2

200

/ Show response
lendplusza.crunch.help/api/sdk/browser/knowledgebase/ Frame 095A
Redirect Chain

https://lendplusza.crunch.help/api/sdk/browser/knowledgebase
https://lendplusza.crunch.help/api/sdk/browser/knowledgebase/

168 B
452 B

563ms
562ms

Fetch
application/json

65.109.111.60
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplusza.crunch.help/api/sdk/browser/knowledgebase/

Protocol

Server

65.109.111.60 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

static.60.111.109.65.clients.your-server.de

Software

nginx / PHP/7.3.33

Resource Hash

2762e3a7cda28ba70639fcbf62be69d5e46e71ed4a916b9fafcee7e6a96c14a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: noindex
cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 06:31:40 GMT
access-control-allow-origin: https://lendplus.co.za
date: Wed, 11 Dec 2024 06:31:40 GMT
content-type: application/json
vary: Accept-Encoding, Accept-Encoding
server: nginx
x-powered-by: PHP/7.3.33

Redirect headers

x-robots-tag: noindex
cache-control: max-age=0, must-revalidate, private
location: https://lendplusza.crunch.help/api/sdk/browser/knowledgebase/
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 06:31:39 GMT
access-control-allow-origin: https://lendplus.co.za
date: Wed, 11 Dec 2024 06:31:39 GMT
content-type: application/json
x-powered-by: PHP/7.3.33
server: nginx

OPTIONS
H2 200 knowledgebase
lendplusza.crunch.help/api/sdk/browser/ Frame 0
0 833ms
307ms Preflight
text/html 65.109.111.60
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplusza.crunch.help/api/sdk/browser/knowledgebase

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.109.111.60 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

static.60.111.109.65.clients.your-server.de

Software

nginx / PHP/7.3.33

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://lendplus.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: https://lendplus.co.za
access-control-max-age: 3600
cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 11 Dec 2024 06:31:39 GMT
expires: Wed, 11 Dec 2024 06:31:39 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding Accept-Encoding Origin
x-content-type-options: nosniff
x-powered-by: PHP/7.3.33
x-robots-tag: noindex

OPTIONS
H2 200 /
lendplusza.crunch.help/api/sdk/browser/knowledgebase/ Frame 0
0 302ms
301ms Preflight
text/html 65.109.111.60
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL

https://lendplusza.crunch.help/api/sdk/browser/knowledgebase/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.109.111.60 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

static.60.111.109.65.clients.your-server.de

Software

nginx / PHP/7.3.33

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://lendplus.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: https://lendplus.co.za
access-control-max-age: 3600
cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 11 Dec 2024 06:31:40 GMT
expires: Wed, 11 Dec 2024 06:31:40 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding Accept-Encoding Origin
x-content-type-options: nosniff
x-powered-by: PHP/7.3.33
x-robots-tag: noindex

POST 96747482
mc.yandex.com/webvisor/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lendplus.co.za
URL: blob:https://lendplus.co.za/eb5f9636-7823-4fa3-b249-b01f07844002

Domain: mc.yandex.com
URL: https://mc.yandex.com/webvisor/96747482?wv-part=1&wv-type=7&wmode=0&wv-hit=955017316&page-url=https%3A%2F%2Flendplus.co.za%2Fuser%2Fregistration%2Freg1&rn=209599579&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1733898701%3Aw%3A1600x1200%3Av%3A1541%3Az%3A-600%3Ai%3A20241210203141%3Au%3A1733898697784562285%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1733898701&t=gdpr(14)ti(1)

Domain: mc.yandex.com
URL: https://mc.yandex.com/webvisor/96747482?wv-part=1&wv-type=7&wmode=0&wv-hit=955017316&page-url=https%3A%2F%2Flendplus.co.za%2Fuser%2Fregistration%2Freg1&rn=209599579&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1733898701%3Aw%3A1600x1200%3Av%3A1541%3Az%3A-600%3Ai%3A20241210203141%3Au%3A1733898697784562285%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1733898701&t=gdpr(14)ti(2)

Domain: mc.yandex.com
URL: https://mc.yandex.com/webvisor/96747482?wv-part=1&wv-type=7&wmode=0&wv-hit=955017316&page-url=https%3A%2F%2Flendplus.co.za%2Fuser%2Fregistration%2Freg1&rn=140399823&browser-info=we%3A1%3Aet%3A1733898701%3Aw%3A1600x1200%3Av%3A1541%3Az%3A-600%3Ai%3A20241210203141%3Au%3A1733898697784562285%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1733898701&t=gdpr(14)ti(1)

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lendplus.co.za/	1970-01-21 02:21:30	Name: target_url Value: https://lendplus.co.za/?utm_source=direct&utm_medium=none&utm_campaign=direct
.lendplus.co.za/	1970-01-21 11:14:18	Name: current_language Value: en
lendplus.co.za/	1969-12-31 23:59:59	Name: current_language Value: en
.lendplus.co.za/	1970-01-21 11:14:18	Name: _ga_XVSN9GMWHN Value: GS1.1.1733898696.1.0.1733898696.60.0.0
.lendplus.co.za/	1970-01-21 11:14:18	Name: _ga Value: GA1.1.816393587.1733898696
.tiktok.com/	1970-01-21 10:59:54	Name: _ttp Value: 2q3kYvK20ryURIapsolR2h74i7Y
.lendplus.co.za/	1970-01-21 03:47:54	Name: _fbp Value: fb.2.1733898696631.160303001301024949
.doubleclick.net/	1970-01-21 01:38:19	Name: test_cookie Value: CheckForPermission
.lendplus.co.za/	1970-01-21 10:59:54	Name: _tt_enable_cookie Value: 1
.lendplus.co.za/	1970-01-21 10:59:54	Name: _ttp Value: B9ovY6KHCgBkkkt-mILhK2hWc6a.tt.2
.yandex.ru/	1970-01-21 11:14:18	Name: i Value: PTzkeQNeukhGJZK0p+ZTjYuuwfnYnHRVW/Hj8a+Jt4CZdvrw7dae13t7Cqref/e3W7R2HDCkiWZZzrJ5ErPDFzRYw7Q=
.yandex.ru/	1970-01-21 11:14:18	Name: yandexuid Value: 6103476931733898696
.yandex.ru/	1970-01-21 10:23:54	Name: yashr Value: 9573334701733898696
.lendplus.co.za/	1970-01-21 10:23:54	Name: _ym_uid Value: 1733898697784562285
.lendplus.co.za/	1970-01-21 10:23:54	Name: _ym_d Value: 1733898697
.mc.yandex.com/	1970-01-21 01:38:19	Name: sync_cookie_csrf Value: 802435332fake
.yandex.com/	1970-01-21 10:23:54	Name: yashr Value: 75652351733898697
.lendplus.co.za/	1970-01-21 01:39:30	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-21 01:38:19	Name: sync_cookie_csrf Value: 4185520328fake
.yandex.com/	1970-01-21 10:23:54	Name: yandexuid Value: 6103476931733898696
.yandex.com/	1970-01-21 10:23:54	Name: yuidss Value: 6103476931733898696
.yandex.com/	1970-01-21 11:14:18	Name: i Value: PTzkeQNeukhGJZK0p+ZTjYuuwfnYnHRVW/Hj8a+Jt4CZdvrw7dae13t7Cqref/e3W7R2HDCkiWZZzrJ5ErPDFzRYw7Q=
.yandex.com/	1970-01-21 11:14:18	Name: yp Value: 1733985098.yu.126116371733898697
.mc.yandex.com/	1970-01-21 01:39:45	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1251549531733898698
.yandex.com/	1970-01-21 10:23:54	Name: ymex Value: 1736490698.oyu.126116371733898697#1765434698.yrts.1733898698
.yandex.com/	1970-01-21 10:23:54	Name: receive-cookie-deprecation Value: 1
.lendplus.co.za/	1970-01-21 10:23:54	Name: device-source Value: https://lendplus.co.za/user/registration/reg1
.lendplus.co.za/	1970-01-21 10:23:54	Name: device-referrer Value:
.yandex.com/	1970-01-21 11:14:18	Name: bh Value: KgI/MGDK4+S6Bg==
.lendplus.co.za/	1970-01-21 01:38:20	Name: _ym_visorc Value: w

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https: wss:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
cdn.jsdelivr.net
connect.facebook.net
embed.helpcrunch.com
fonts.googleapis.com
fonts.gstatic.com
helpcrunch.com
lendplus.co.za
lendplusza.crunch.help
lendplusza.helpcrunch.com
lendplusza.widget.helpcrunch.com
mc.yandex.com
mc.yandex.ru
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.googletagmanager.com
lendplus.co.za
mc.yandex.com
142.251.41.3
157.240.241.1
172.67.72.244
23.48.224.105
2606:4700:20::ac43:48f4
2606:4700::6812:1f6a
2606:4700::6812:ba1f
2607:f8b0:4004:c17::61
2607:f8b0:4004:c1b::64
2607:f8b0:4004:c21::9a
2607:f8b0:4006:80b::200a
2607:f8b0:4006:820::2002
2a02:6b8::1:119
31.13.71.36
65.109.111.60
0a44464921ff88ab2addf9d4c3d8774c6c88564820f78e3d58d7736f5fbf8cf1
0e615b63d295364f6b864015b9895bd2f7c8358f0bfbfd116a423cbd334bd043
15879f79f04670662867bf5e6b63157947efc77abcd731f903016648ce932556
2762e3a7cda28ba70639fcbf62be69d5e46e71ed4a916b9fafcee7e6a96c14a1
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
3192805d2d1c45668573ba1bfdcee0f9eabdeda143181c16627c0a4e42816004
38d94fa0a93474e97398cae4b23eef0c233c1a8504d5852609e91ea58f8b81a5
3c0ecda6ee667be2425d09bb3c3c9c1a2ffa7c8db14d28a082b6dacd2c4e7088
413edc303ec89cd013ec16083060d412e98cfd3cc4bab019cd5dc628fa31e0f6
4877230dcad84a2a2cd80d306ccaf7c984ca213c5f082a0a7b048f6de9907e57
4bbf17561855e10e2a5e3bedccf92cf473cb862af92fc62d11569d920a63665a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
604a1aec3d12a88e3782e988ddbe071e0ef64474b9d04ddc1518d27071976769
679948e7b27b4125545999b99f595be8f42f08d75ba9eb7c3c605d406b4cb259
72612eb384802feedafaba5a13981b5b66ff45fab0a510d2c30ba725446e6cae
79adbe299e2e7e5375c5b508b16cdec573a72f032b8d3bb7ba9f1af7d49c0d9d
99dc3803d1f19c8103f79f834044b2afd4c8af5b7927efbd36b1052d528b40ae
9dd66c48001bcd93ec98fe20041e2d200074c31970cd9378870423018cdad633
a90bdde34b850049479f3ff9c64a49373ffafa251986dceadfc0a471eb0da6e0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bb69e0f3ab5a802c43bfac1203237f079fdced4ac1a073ce3a8d173d17ecfc93
c1c23e749153a1832a113ba39b2e38a7043950e229bb635a2508cc59518ea50f
c43499cf08ac06b10b37284092aa7e0f6172894afac9dac0239a5e0093fdaf8b
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c7ff5a3b62813ecb76c059e1d59e2de5cd4495b7c50f76b0c0981ccb21148cbd
d5e0d0276770686569ca2fa03afdcb9deb11209a35a9fc4ef34f43af76523df4
d9e08fbae5c199f4e2769c146802c227b1f0de1b427a250e8801a3e9b4f927ec
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f09ed467d6d2dae5836e2aa1c868a27305909341e08bdb95a9c8df55c766c9e9
f1b320afd8e31694c53f982f75b6bb3d8121c2cf66d4c1a6c2cf96c2f9ebe4ba
f6000e760ed9103684d286734efab2c2a0ae3ac8ce86bdb3287d4adf239710e4

lendplus.co.za Open in urlscan Pro 2606:4700::6812:1f6a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

85 %HTTPS

60 %IPv6

14 Domains

18 Subdomains

16 IPs

3 Countries

1938 kBTransfer

5938 kBSize

31 Cookies

0 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lendplus.co.za Open in urlscan Pro
2606:4700::6812:1f6a Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

85 %
HTTPS

60 %
IPv6

14
Domains

18
Subdomains

16
IPs

3
Countries

1938 kB
Transfer

5938 kB
Size

31
Cookies

54 HTTP transactions
0 data transactions