urlscan.io logo urlscan.io
SecurityTrails logo

ds1rdy0kgpa5r.cloudfront.net Open in urlscan Pro
18.66.102.70  Public Scan

Go To Rescan Add Verdict Report
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Submission: On December 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 64 HTTP transactions. The main IP is 18.66.102.70, located in United States and belongs to AMAZON-02, US. The main domain is ds1rdy0kgpa5r.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 30th 2024. Valid for: a year.
This is the only time ds1rdy0kgpa5r.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 18.66.102.70 16509 (AMAZON-02)
1 52.222.236.107 16509 (AMAZON-02)
1 13.32.121.48 16509 (AMAZON-02)
9 34.96.102.137 396982 (GOOGLE-CL...)
1 142.250.186.106 15169 (GOOGLE)
2 157.240.251.9 32934 (FACEBOOK)
3 104.22.0.247 13335 (CLOUDFLAR...)
4 35.190.88.7 15169 (GOOGLE)
2 142.250.184.232 15169 (GOOGLE)
3 104.16.160.145 13335 (CLOUDFLAR...)
3 104.26.5.48 13335 (CLOUDFLAR...)
4 142.250.185.227 15169 (GOOGLE)
2 52.29.69.106 16509 (AMAZON-02)
4 157.240.251.35 32934 (FACEBOOK)
1 104.18.186.31 13335 (CLOUDFLAR...)
1 142.250.186.68 15169 (GOOGLE)
2 151.101.129.140 54113 (FASTLY)
5 2.16.1.235 20940 (AKAMAI-AS...)
1 18.66.112.57 16509 (AMAZON-02)
1 151.101.1.140 54113 (FASTLY)
1 151.101.65.140 54113 (FASTLY)
2 3.77.219.208 16509 (AMAZON-02)
1 3.72.218.152 16509 (AMAZON-02)
64 24
6    18.66.102.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-70.fra56.r.cloudfront.net
ds1rdy0kgpa5r.cloudfront.net
1    52.222.236.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-107.fra56.r.cloudfront.net
widget.trustpilot.com
1    13.32.121.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-48.fra60.r.cloudfront.net
scripts.doktorabc.com
9    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com
2    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
3    104.22.0.247 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.pushcrew.com
4    35.190.88.7 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com
sessions.bugsnag.com
2    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
3    104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
3    104.26.5.48 (None, )

ASN13335 (CLOUDFLARENET, US)
funnel-api.doktorabc.com
mp.doktorabc.com
4    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
2    52.29.69.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-69-106.eu-central-1.compute.amazonaws.com
events.doktorabc.com
4    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
1    104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
2    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
5    2.16.1.235 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-1-235.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    18.66.112.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-57.fra56.r.cloudfront.net
s.d.adup-tech.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    3.77.219.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-219-208.eu-central-1.compute.amazonaws.com
d.adup-tech.com
t.d.adup-tech.com
1    3.72.218.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-218-152.eu-central-1.compute.amazonaws.com
d.adup-tech.com
Apex Domain
Subdomains		 Transfer
9 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 3020
140 KB
6 doktorabc.com
scripts.doktorabc.com
funnel-api.doktorabc.com
events.doktorabc.com
mp.doktorabc.com
9 KB
6 cloudfront.net
ds1rdy0kgpa5r.cloudfront.net
656 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 799
140 KB
4 adup-tech.com
s.d.adup-tech.com — Cisco Umbrella Rank: 152191
d.adup-tech.com — Cisco Umbrella Rank: 44184
t.d.adup-tech.com — Cisco Umbrella Rank: 185915
17 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
425 B
4 gstatic.com
fonts.gstatic.com
52 KB
4 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 902
166 B
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5669
onesignal.com — Cisco Umbrella Rank: 1761
67 KB
3 pushcrew.com
cdn.pushcrew.com — Cisco Umbrella Rank: 59238
74 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2010
alb.reddit.com — Cisco Umbrella Rank: 1418
761 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1095
13 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
133 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
91 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5857
8 KB
0 healthy-guru.com Failed
trk.healthy-guru.com Failed
64 19
Domain Requested by
9 dev.visualwebsiteoptimizer.com ds1rdy0kgpa5r.cloudfront.net
dev.visualwebsiteoptimizer.com
6 ds1rdy0kgpa5r.cloudfront.net ds1rdy0kgpa5r.cloudfront.net
5 analytics.tiktok.com ds1rdy0kgpa5r.cloudfront.net
analytics.tiktok.com
4 www.facebook.com ds1rdy0kgpa5r.cloudfront.net
4 fonts.gstatic.com fonts.googleapis.com
4 sessions.bugsnag.com ds1rdy0kgpa5r.cloudfront.net
3 cdn.pushcrew.com dev.visualwebsiteoptimizer.com
cdn.pushcrew.com
2 d.adup-tech.com s.d.adup-tech.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 events.doktorabc.com scripts.doktorabc.com
2 funnel-api.doktorabc.com ds1rdy0kgpa5r.cloudfront.net
2 cdn.onesignal.com ds1rdy0kgpa5r.cloudfront.net
cdn.onesignal.com
2 www.googletagmanager.com ds1rdy0kgpa5r.cloudfront.net
www.googletagmanager.com
2 connect.facebook.net ds1rdy0kgpa5r.cloudfront.net
connect.facebook.net
1 mp.doktorabc.com ds1rdy0kgpa5r.cloudfront.net
1 t.d.adup-tech.com
1 alb.reddit.com ds1rdy0kgpa5r.cloudfront.net
1 pixel-config.reddit.com www.redditstatic.com
1 s.d.adup-tech.com www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 cdn.jsdelivr.net www.googletagmanager.com
1 onesignal.com cdn.onesignal.com
1 fonts.googleapis.com ds1rdy0kgpa5r.cloudfront.net
1 scripts.doktorabc.com ds1rdy0kgpa5r.cloudfront.net
1 widget.trustpilot.com ds1rdy0kgpa5r.cloudfront.net
0 trk.healthy-guru.com Failed ds1rdy0kgpa5r.cloudfront.net
64 26

This site contains links to these domains. Also see Links.

Domain
www.doktorabc.com
Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.trustpilot.com
Amazon RSA 2048 M02		 2024-12-03 -
2026-01-01		 a year crt.sh
scripts.doktorabc.com
Amazon RSA 2048 M02		 2024-10-01 -
2025-10-30		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-19 -
2024-12-18		 3 months crt.sh
pushcrew.com
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-20 -
2025-04-15		 a year crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.onesignal.com
WE1		 2024-10-31 -
2025-01-29		 3 months crt.sh
doktorabc.com
E6		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
onesignal.com
WE1		 2024-10-31 -
2025-01-29		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.adup-tech.com
Amazon RSA 2048 M03		 2024-06-17 -
2025-07-15		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh

This page contains 3 frames:

Primary Page: https://ds1rdy0kgpa5r.cloudfront.net/
Frame ID: AA0DFA4DEECA040F0C7F237CF00EC693
Requests: 60 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net
Frame ID: 98653666BD4EA324AA47BB179B812290
Requests: 1 HTTP requests in this frame

Frame: https://d.adup-tech.com/services/retargeting.html
Frame ID: E5031363499B3A85DBD32578E5BDBA5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DoktorABC

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • cdn\.pushcrew\.\w+
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

64
Requests

94 %
HTTPS

0 %
IPv6

19
Domains

26
Subdomains

24
IPs

3
Countries

1406 kB
Transfer

4943 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ds1rdy0kgpa5r.cloudfront.net/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-70.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83bae894301a1ac927ae8e6854531b8f81c494f2edee5d39c88c85a0479032c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1666
content-type
text/html; charset=UTF-8
date
Wed, 11 Dec 2024 18:06:31 GMT
etag
"e352dfde5ecdf54a718ef31078cec04e"
last-modified
Tue, 10 Dec 2024 22:34:30 GMT
server
AmazonS3
vary
Origin
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-id
xYVfsDUIyJ89ahLFOSNHtpEuNdFeZSxAcmGEXUYr0NRB-c0ZXXtKbA==
x-amz-cf-pop
FRA56-P2
x-amz-meta-etag
lszRUk1PTmYlQBlF8fXMcw==
x-amz-server-side-encryption
AES256
x-amz-version-id
yt_A2DFWUZQTsa69j8y.LIm3Ue5_St57
x-cache
Miss from cloudfront
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
gzip
etag
"7d4644d89e45fe92623bdd628e60e8dd"
age
57250
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ypJO36Yu5MdnXzET8DCzT5WItoARSSy8FFj7sZLxK7gG1cn2-YLBgQ==
date
Wed, 11 Dec 2024 02:12:21 GMT
content-type
application/x-javascript
last-modified
Wed, 09 Oct 2024 12:04:38 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=86400
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
7350
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
main.4d1840da.js
ds1rdy0kgpa5r.cloudfront.net/static/js/ 		2 MB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ds1rdy0kgpa5r.cloudfront.net/static/js/main.4d1840da.js
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-70.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8a6be1b7b84e57bc058941161bdc8e10235b67f5940e63b58a6c71cb246c598

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-amz-meta-etag
lszRUk1PTmYlQBlF8fXMcw==
content-encoding
gzip
etag
"b86d8c8e2590945240611536ba8c7d6f"
x-amz-version-id
NzjSLMEaJnKrnNSMAmOlc59uwWhGWw6m
x-cache
Miss from cloudfront
x-amz-cf-id
dBRfuGA9L9sCyCFslpp0XdJjbh2fdP5L2JKWdYvU4wg8EMZa3CzC2w==
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 22:34:31 GMT
vary
Origin
cache-control
no-cache, no-store, must-revalidate
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
509410
x-amz-cf-pop
FRA56-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
main.87bbdc60.css
ds1rdy0kgpa5r.cloudfront.net/static/css/ 		289 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ds1rdy0kgpa5r.cloudfront.net/static/css/main.87bbdc60.css
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-70.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e1abe4d97744d6e9c3d7409a4a19149017fe786029ad4f0cdbc6343946ee92a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-amz-meta-etag
Q18RbNXENonBX445+HRh2Q==
content-encoding
gzip
etag
"71b7730e1e26ee51188abd44a906b193"
x-amz-version-id
SufSpRdUWOtJHgilgx8SOZcubxKkIRRR
x-cache
Miss from cloudfront
x-amz-cf-id
gaD5JxpBYcaCZePRCJH1LBWwTc299KQbJUIUfeXu5V9PGPQlpFKGEg==
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 10 Dec 2024 22:24:50 GMT
vary
Origin
cache-control
no-cache, no-store, must-revalidate
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
45647
x-amz-cf-pop
FRA56-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
events.min.js
scripts.doktorabc.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.doktorabc.com/events.min.js
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
212993954a2ee514986d07fe8c31815aa842db31af6f4ea4afa9879532deff93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-amz-meta-etag
R8htU0iKdaHZ2p3VxXGmHQ==
content-encoding
gzip
etag
"47c86d53488a75a1d9da9dd5c571a61d"
x-amz-version-id
ulb4FiCSVoE7pTH653d_uDwMT2qdVsXN
x-cache
Miss from cloudfront
x-amz-cf-id
yO04N8gDVoxhx0MaZk28Uov-e3nkpJ10hTXeN6iWMYoZ_6SzThggoQ==
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sun, 03 Nov 2024 09:29:20 GMT
vary
Origin
cache-control
no-cache, no-store, must-revalidate
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
6122
x-amz-cf-pop
FRA60-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
j.php
dev.visualwebsiteoptimizer.com/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=377836&u=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net%2F&f=1&vn=1.5
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
7e01ebd25a601fc8dc0734a1db7dd8d91a533806c9b7dabe4497db2921990760

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
content-encoding
gzip
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 18:06:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
gfra1
tag-8d10848523c08c9d3c8f13f12e71c925br.js
dev.visualwebsiteoptimizer.com/cdn/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 		257 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/cdn/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-8d10848523c08c9d3c8f13f12e71c925br.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=377836&u=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net%2F&f=1&vn=1.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4e6424c29d19658529915185d43a0962585f8ad02271ac3018121bbac44ece42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=EkTNuA==, md5=CyK4fZE6oyywPN/7ygTixg==
etag
"0b22b87d913aa32cb03cdffbca04e2c6"
age
33571
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
73445
date
Wed, 11 Dec 2024 08:46:59 GMT
last-modified
Tue, 10 Dec 2024 11:53:16 GMT
content-type
text/javascript; charset=UTF-8
x-guploader-uploadid
AFiumC4iNGvMUuNpniaCPySjectW26n-Wwq8Tx21LTmaN6FLHjxEK_f742CmxTIYzN-3o2-N3rk5H0s
cdn_cache_status
hit
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733831596205740
content-length
73445
content-language
en
server
UploadServer
tag-ab1fbd5cdd0f8e107be1e392fe3c1afdbr.js
dev.visualwebsiteoptimizer.com/cdn/web/djIkYTo0LjA6Z3F1ZXJ5LHRyOjcuMA==/ 		175 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/cdn/web/djIkYTo0LjA6Z3F1ZXJ5LHRyOjcuMA==/tag-ab1fbd5cdd0f8e107be1e392fe3c1afdbr.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=377836&u=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net%2F&f=1&vn=1.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1c31d683daa148f4312c555d7306a49af5f67cbae068bb5635e0675d84af465c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=mYue0w==, md5=tWn6E9jU/dA0k/MCInNxuw==
etag
"b569fa13d8d4fdd03493f302227371bb"
age
91921
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
44976
date
Tue, 10 Dec 2024 16:34:29 GMT
last-modified
Tue, 10 Dec 2024 11:59:50 GMT
content-type
text/javascript; charset=UTF-8
x-guploader-uploadid
AFiumC76iBKachCEYBh3Dd3_ZNvC8TODApsl-tP1LrFdTJmQxKChT1Em9bjAK0b7KlTMY26H4e5RtVo
cdn_cache_status
hit
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733831990803603
content-length
44976
content-language
en
server
UploadServer
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=377836&d=ds1rdy0kgpa5r.cloudfront.net&u=DB6C632316CDDA0498F5E567996B98599&h=ed54930351ed3e7f1d0135ce37607868&t=false
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv01c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
public, max-age=43200
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Wed, 11 Dec 2024 18:06:29 GMT
content-type
image/gif
server
gnv01c
css2
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;600;700;800&family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/static/css/main.87bbdc60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
2dac5cde4558576e7506add46b22e20632daa2472bd6cf84f4c4e8ea454d3455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 18:06:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 18:06:30 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 11 Dec 2024 18:06:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
settings.js
dev.visualwebsiteoptimizer.com/ 		1 KB
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=377836&settings_type=3&vn=7.0&u=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net%2F&exc=3|4|5|1160|6|9|60|61|90|97|106|376|386|494|496|497|498|562|771|772|777|811|822
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/cdn/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-8d10848523c08c9d3c8f13f12e71c925br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
caa6c8d20c8d2b47e1b81d7bc4b9f879df60521d6a9ee0184ce37d6a679accc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
content-encoding
gzip
etag
W/"1733909855"
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 18:06:29 GMT
content-type
application/javascript; charset=UTF-8
server
gfra1
tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 		668 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/cdn/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-8d10848523c08c9d3c8f13f12e71c925br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
etag
"67595d4e-133"
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
307
date
Wed, 11 Dec 2024 18:06:29 GMT
content-type
text/javascript; charset=UTF-8
last-modified
Wed, 11 Dec 2024 09:37:18 GMT
server
gfra1
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-hx87st2a' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 18:06:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-hx87st2a' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4572, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
RpdWznioNcwPX0vKF8nKW2yenihoITjzHJs4HJzm/VVZjp10CoEt8lpFRrZu6jfQI9+yg+IpiDx59GjeNXdDAA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62212
x-xss-protection
0
origin-agent-cluster
?1
worker-70faafffa0475802f5ee03ca5ff74179br.js
dev.visualwebsiteoptimizer.com/cdn/analysis/4.0/ 		46 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/cdn/analysis/4.0/worker-70faafffa0475802f5ee03ca5ff74179br.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/cdn/web/djIkYTo0LjA6Z3F1ZXJ5LHRyOjcuMA==/tag-ab1fbd5cdd0f8e107be1e392fe3c1afdbr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
09b67475f266dbf552159ca9f6b44d9dc3ea04842b2bd6e8b09d74f6b21897d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=t9nekA==, md5=OTBW++nqbotSERjfhuer5A==
etag
"393056fbe9ea6e8b521118df86e7abe4"
age
38356
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
13401
date
Wed, 11 Dec 2024 07:27:14 GMT
last-modified
Tue, 10 Dec 2024 11:26:12 GMT
content-type
text/javascript; charset=UTF-8
x-guploader-uploadid
AFiumC4z_6v7dJYVcFMUeAuawXOcbDhu8BNET0b-XTN2TYFt3s_hYgdENxDfirrmTAroCrSrJQ
cdn_cache_status
hit
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1733829972685326
content-length
13401
content-language
en
server
UploadServer
515b7f186cf66cd345a61a73f527f2ed.js
cdn.pushcrew.com/js/ 		247 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/515b7f186cf66cd345a61a73f527f2ed.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.0.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d103c67e8d5f5b55476a5d968c371a67ebf3b4cedbda34e576744355a92c778
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"5ed4e984-3dd13"
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 18:36:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 01 Jun 2020 11:41:56 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=43200
via
1.1 google
cf-ray
8f0768b5d8de91d7-FRA
access-control-allow-origin
*
server
cloudflare
/
sessions.bugsnag.com/ 		21 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/static/js/main.4d1840da.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Bugsnag-Api-Key
ede7f2a2ce1328270b8545f36888d51f
Referer
https://ds1rdy0kgpa5r.cloudfront.net/
Bugsnag-Sent-At
2024-12-11T18:06:30.698Z
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
*
bugsnag-session-uuid
bdeedc40-105e-448d-b96d-da4288cced9f
content-length
21
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/json
gtm.js
www.googletagmanager.com/ 		447 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJMJLKM
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/static/js/main.4d1840da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dc8872fd9c60dc21ff07732086db07c2f5609d0629ca40f91c6e347dd471ce62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 11 Dec 2024 18:06:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135636
x-xss-protection
0
server
Google Tag Manager
OneSignalSDK.page.js
cdn.onesignal.com/sdks/web/v16/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/static/js/main.4d1840da.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c621d6faf0b6eadeffbae8461aa4068441e9b10c4dad24671214ed7dea673923
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"bab14b8e01bcfe9f374e42aa0e03c113"
age
655
expires
Sat, 14 Dec 2024 18:06:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
via
1.1 google
cf-ray
8f0768b6cff19019-FRA
server
cloudflare
utms
funnel-api.doktorabc.com/tracking/ 		416 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://funnel-api.doktorabc.com/tracking/utms
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/static/js/main.4d1840da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
726325df2491f36b4bc3f48c1de5da66edb577519acda4755f684876f623e204

Request headers

ts
1733940390703
Referer
https://ds1rdy0kgpa5r.cloudfront.net/
ref_page
https://ds1rdy0kgpa5r.cloudfront.net/
uid
20241211190630_u_4eb223f5f281
X-Amzn-Trace-Id
1733940390703_431610572
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
ver
3e3ec2a0acec0c7c96caa3fbb84e3b98de71fefe_2024-12-10_22-32
Content-Type
application/json

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"1a0-RBpm4MnsS2hNVAWXl7UIRns9nWo"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBq55udl8muIeCZyY3jIf7vLoPdsxByl0KFwyWJOuZfc7FPs73B8MuTDfQJ2wSoGpaIT0WAb%2FC6hbLfIRuyQDUEl%2FVZUsnqAVfVH5I%2BncN3nm5SZN9A7tV7KdyckZ7ZwDPuOYJd3GqRhZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0768b7a885dbfe-FRA
access-control-allow-origin
https://ds1rdy0kgpa5r.cloudfront.net
server-timing
cfL4;desc="?proto=TCP&rtt=3799&min_rtt=802&rtt_var=6056&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4202&recv_bytes=2748&delivery_rate=5183770&cwnd=254&unsent_bytes=0&cid=32d28a1d24b6dbcd&ts=84&x=0"
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
server
cloudflare
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Content-Length, Connection, Date, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, customer_id, token ,cart_id,cart_token ,order_id,X-XSRF-TOKEN,ref_page,uid,ts,ver,X-Amzn-Trace-Id
/
sessions.bugsnag.com/ 		21 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/static/js/main.4d1840da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Bugsnag-Api-Key
ede7f2a2ce1328270b8545f36888d51f
Referer
https://ds1rdy0kgpa5r.cloudfront.net/
Bugsnag-Sent-At
2024-12-11T18:06:30.723Z
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
*
bugsnag-session-uuid
8483dff1-67c9-4dd2-b42f-0a658e80ae80
content-length
21
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/json
truncated
/ 		674 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
884132bd957179ca7178357a5493a81a4c3e62a4c7fca303b689d6b7110c86bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
logo-dark.24b91fd2f851f61daba592ee3653554a.svg
ds1rdy0kgpa5r.cloudfront.net/static/media/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ds1rdy0kgpa5r.cloudfront.net/static/media/logo-dark.24b91fd2f851f61daba592ee3653554a.svg
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-70.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e1f6d174b3260c9187747e1660ade5c9e3f2b6d13a82abb6da175ea18adb0b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-amz-meta-etag
Q18RbNXENonBX445+HRh2Q==
content-encoding
gzip
etag
"988ede93624df9ef0393c4eb5b461882"
x-amz-version-id
RXbyjtMX5y8rpK.HxTmqPLa3uPCg01pZ
x-cache
Miss from cloudfront
x-amz-cf-id
OXqCwCZwbg0UD_H5hsLVZjFrZ_WejQ_x0iGg95pSZRqPUSL_hVsU8Q==
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Dec 2024 22:24:50 GMT
vary
Origin
cache-control
no-cache, no-store, must-revalidate
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1649
x-amz-cf-pop
FRA56-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
error-404.0155131b36f4ec548d75.jpg
ds1rdy0kgpa5r.cloudfront.net/static/media/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ds1rdy0kgpa5r.cloudfront.net/static/media/error-404.0155131b36f4ec548d75.jpg
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-70.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d41877474c270fc78297015f7a6033e63af2d24c5c7f8a7e58baa9b5edbcaf46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-amz-meta-etag
Q18RbNXENonBX445+HRh2Q==
etag
"6b1514e7e5084beb86becd875b95bc44"
x-amz-version-id
YK2M8DqvbN2zrH5oZZV9rOHTT8QvylHe
x-cache
Miss from cloudfront
x-amz-cf-id
-L27L2zApMYNNa2DE0Z6tjAEk_XEwLpcNT7C9HQzdHVfAaE7KuEXxw==
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
image/jpeg
vary
Origin
last-modified
Tue, 10 Dec 2024 22:24:50 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
109166
x-amz-cf-pop
FRA56-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
settings.js
dev.visualwebsiteoptimizer.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=377836&settings_type=2&vn=7.0&u=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net%2F&exc=3|4|5|1160|6|9|60|61|90|97|106|376|386|494|496|497|498|562|771|772|777|811|822
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/cdn/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-8d10848523c08c9d3c8f13f12e71c925br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
1b762f42d43fdcdddb6b0e62d668fe2896fcfa86c3b01b50f3672b714546fc6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
content-encoding
gzip
etag
W/"1733909855"
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 18:06:30 GMT
content-type
application/javascript; charset=UTF-8
server
gfra1
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;600;700;800&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Referer
https://fonts.googleapis.com/

Response headers

age
103669
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 13:18:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 13:18:42 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;600;700;800&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Referer
https://fonts.googleapis.com/

Response headers

age
119435
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 08:55:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 08:55:56 GMT
last-modified
Wed, 04 Dec 2024 06:53:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;600;700;800&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Referer
https://fonts.googleapis.com/

Response headers

age
118594
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:09:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:09:57 GMT
last-modified
Wed, 04 Dec 2024 06:53:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
1930855327060283
connect.facebook.net/signals/config/ 		220 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1930855327060283?v=2.9.178&r=stable&domain=ds1rdy0kgpa5r.cloudfront.net&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
8b54b65bdd46c8f1bab9fb5c5a451337c35c041d583abfe4227aa45dc1b426ff
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-GAqFbqa6' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-GAqFbqa6' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=75, mss=1232, tbw=71250, tp=69, tpl=0, uplat=236, ullat=0
pragma
public
x-fb-debug
PY+PvfAQI9ok8A6VlpTIC/Z/HmGkjS3iDJoXMA6DbQyIjCOeK18wNpT98WKUuJJOF+bkgvezV43MSZ908dgrNw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At, Bugsnag-Integrity
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 11 Dec 2024 18:06:31 GMT
via
1.1 google
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;300;400;500;600;700;800&family=Roboto:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Referer
https://fonts.googleapis.com/

Response headers

age
556462
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 05 Dec 2025 07:32:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 07:32:09 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
utms
funnel-api.doktorabc.com/tracking/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://funnel-api.doktorabc.com/tracking/utms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,ref_page,ts,uid,ver,x-amzn-trace-id
Access-Control-Request-Method
POST
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Content-Length, Connection, Date, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, customer_id, token ,cart_id,cart_token ,order_id,X-XSRF-TOKEN,ref_page,uid,ts,ver,X-Amzn-Trace-Id
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://ds1rdy0kgpa5r.cloudfront.net
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
8f0768b6fe98901c-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 11 Dec 2024 18:06:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUoNo9b2KuaNq4tkqVaZPGAbmQpMtMsaIfR8qkY4nl3aUlasOVUVdzTiWz5yB5Jn6zeFJktKY2UjTg2vHLqTOmHDBY48%2F4jgSLP3x7rybsqJdXjgYx1lyJmHOi%2FlFPRHNue44pCH2ZLItw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=2401&min_rtt=673&rtt_var=3494&sent=6&recv=11&lost=0&retrans=0&sent_bytes=4203&recv_bytes=2429&delivery_rate=5862348&cwnd=254&unsent_bytes=0&cid=8a74f0efeaa34a19&ts=784&x=0"
x-powered-by
Express
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://ds1rdy0kgpa5r.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At, Bugsnag-Integrity
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 11 Dec 2024 18:06:31 GMT
via
1.1 google
track
events.doktorabc.com/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.doktorabc.com/track
Requested by
Host: scripts.doktorabc.com
URL: https://scripts.doktorabc.com/events.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.69.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-69-106.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://ds1rdy0kgpa5r.cloudfront.net
content-length
0
date
Wed, 11 Dec 2024 18:06:31 GMT
x-powered-by
Express
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Content-Length, Connection, Date, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Prototype-Version, X-Mx-ReqToken, X_Json, X-Requested-With
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1930855327060283&ev=PageView&dl=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net&rl=&if=false&ts=1733940391451&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12316&fbp=fb.2.1733940391439.737621526877832920&pm=1&hrl=97fedb&ler=empty&cdl=API_unavailable&it=1733940390864&coo=false&cs_cc=1&cas=7367133776732435%2C7184020618393557%2C5900198800108182%2C4352076821514572%2C3783301955126396%2C2586678738124593&rqm=GET
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=5090, tp=16, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1930855327060283&ev=PageView&dl=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net&rl=&if=false&ts=1733940391451&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12316&fbp=fb.2.1733940391439.737621526877832920&pm=1&hrl=97fedb&ler=empty&cdl=API_unavailable&it=1733940390864&coo=false&cs_cc=1&cas=7367133776732435%2C7184020618393557%2C5900198800108182%2C4352076821514572%2C3783301955126396%2C2586678738124593&rqm=FGET
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447217273279146935"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
3J9vwfYpEOYIP9CrvZlfptIeEYa37KTJGMDR7mKn4IbxasKDDOEVD5ykyvLU2MrF8p55KCvou/VsZgy73epIHw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447217273279146935", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=24, mss=1232, tbw=5330, tp=19, tpl=0, uplat=118, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1930855327060283&ev=30s%20Visit&dl=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net&rl=&if=false&ts=1733940391473&sw=1600&sh=1200&v=2.9.178&r=stable&ec=1&o=12316&fbp=fb.2.1733940391439.737621526877832920&pm=1&hrl=f48073&ler=empty&cdl=API_unavailable&it=1733940390864&coo=false&cs_cc=1&cas=7184020618393557%2C7572476716177573%2C4959157384207804%2C6702049889838249%2C5900198800108182%2C3783301955126396%2C2586678738124593&rqm=GET
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4818, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1930855327060283&ev=30s%20Visit&dl=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net&rl=&if=false&ts=1733940391473&sw=1600&sh=1200&v=2.9.178&r=stable&ec=1&o=12316&fbp=fb.2.1733940391439.737621526877832920&pm=1&hrl=f48073&ler=empty&cdl=API_unavailable&it=1733940390864&coo=false&cs_cc=1&cas=7184020618393557%2C7572476716177573%2C4959157384207804%2C6702049889838249%2C5900198800108182%2C3783301955126396%2C2586678738124593&rqm=FGET
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447217273316091546"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x19141cfa118a04ba","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["8203254419698198"]},"debug_reporting":true,"debug_key":"2097944844705285279"}
date
Wed, 11 Dec 2024 18:06:32 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
aNHieQiWRl4E5fL2ATvGkkyxzMUKpDNZg3QoibxXOC8+SK2Ly7r/fpq7Fw5CBzuwdf5I1EHV+q9zlLFZ+5l+tw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447217273316091546", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=16, rtx=0, c=26, mss=1232, tbw=8146, tp=23, tpl=0, uplat=1145, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
OneSignalSDK.page.es6.js
cdn.onesignal.com/sdks/web/v16/ 		263 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160204
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ce9b5a668b125901362c53e5cfdb4eb9dda721b609f6d71d2eb4b17a4e4e7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e46b99a45f77e5783a5a7de8b9fb7fcd"
age
2916
expires
Sat, 14 Dec 2024 18:06:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
via
1.1 google
cf-ray
8f0768b7285f9019-FRA
server
cloudflare
web
onesignal.com/api/v1/sync/d2b62b17-89e0-419e-83e5-c9302653674e/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d2b62b17-89e0-419e-83e5-c9302653674e/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267dc875947dec076b686187053e948fa3ac88e71d14d29ab275ef5056fe445b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-request-id
cca76d04-e1e0-4128-9d2a-8bb0ad8c0d59
content-encoding
br
cf-cache-status
HIT
etag
W/"267dc875947dec076b686187053e948f"
age
3408
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 19:06:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
text/javascript; charset=utf-8
vary
Origin, Accept-Encoding
x-runtime
0.059571
priority
u=3,i=?0
access-control-allow-headers
SDK-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=3600
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 google
cf-ray
8f0768b8ed689299-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
search-insights@2.2.1
cdn.jsdelivr.net/npm/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/search-insights@2.2.1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJMJLKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0d2e872be145886fa21dbfb0bdd82a6dd87de09470f3b4dc8a93c9548f1d365
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"1ca9-LlYameQWGdStxvp0hGBoUXhf4ow"
age
652341
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vOpccUUj4ZpHLr3%2BowWDcvlp8WmnAM4d7nJ5vLOWlR4lcfR5z3GVobZwpQ1YQUNIi2tOiniIn8oFhWWDlzhu73a1Bp%2BPx2EPej4iWBvNbFVZf94uEmhkySYtdoGwAx52sEE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Wed, 11 Dec 2024 18:06:31 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220113-FRA, cache-lga21938-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f0768b99a4edc6e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2646
server
cloudflare
x-jsd-version
2.2.1
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=377785493.1733940392&auid=2129670600.1733940392&npa=1&gtm=45He4ca0v79933517za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&tft=1733940391844&tfd=1897&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJMJLKM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers
pixel.js
www.redditstatic.com/ads/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJMJLKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"1a001f3a066bff47a766099b87253911"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12220
date
Wed, 11 Dec 2024 18:06:31 GMT
last-modified
Mon, 18 Nov 2024 21:16:35 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
conversion.js
trk.healthy-guru.com/ 		0
0
conversion.js
trk.healthy-guru.com/ 		0
0
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFUVHNJC77UEE0VESCMG&lib=ttq
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-1-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5db74ee8fbbcf2884b30442c69e6e0a160761758c20c15b539dc618aa4df63fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
gzip
expires
Wed, 11 Dec 2024 18:06:32 GMT
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=3, origin; dur=104
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 11 Dec 2024 18:06:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
179834d
x-tt-trace-host
01832456fc1dac0eccdbc0978a29fd2569fd29c095e949b70e22176272bff385deaf02c1f5f8ae350aad683e230e310a11f85481697f5878087b3217753fdd7e87f9d08f45d5054b1474de22c571e97d878003f9e7d33e640fac92c127fc77153c
x-origin-response-time
105,2.16.1.135
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24121118063290C9D7E37C2B923385F4-64369B449C57131B-00
content-length
2039
x-tt-logid
2024121118063290C9D7E37C2B923385F4
server
nginx
retargeting.js
s.d.adup-tech.com/services/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.d.adup-tech.com/services/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJMJLKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-57.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8c0391a10dda9611de5242555391f7d4926bc0a4c9bace5bdc72d4106b64d54f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
max-age=3600
content-encoding
gzip
age
3312
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
expires
Wed, 11 Dec 2024 18:11:20 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
skTY3tmnyMKgpaA-N5zvGBiT9bvzp5iOTfv83OCGUQqsX9RRwpZOug==
date
Wed, 11 Dec 2024 17:11:20 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 05 Dec 2024 11:24:07 GMT
server
nginx
x-amz-cf-pop
FRA56-P5
vary
Accept-Encoding
conversion.gif
trk.healthy-guru.com/ 		0
0
conversion.gif
trk.healthy-guru.com/ 		0
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 9865 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fds1rdy0kgpa5r.cloudfront.net
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJMJLKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Dec 2024 18:06:31 GMT
expires
Thu, 11 Dec 2025 18:06:31 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
config
pixel-config.reddit.com/pixels/a2_fbtbo8eruund/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/a2_fbtbo8eruund/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Wed, 11 Dec 2024 18:06:32 GMT
content-type
application/json
a2_fbtbo8eruund_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_fbtbo8eruund_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Wed, 11 Dec 2024 18:06:32 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1733940391970&id=a2_fbtbo8eruund&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=2f32c4fc-b6ca-49a9-b498-1d42a27fa518&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_b192616d&dpm=&dpcc=&dprc=
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Wed, 11 Dec 2024 18:06:32 GMT
content-type
image/gif
server
Varnish
main.MWZiM2ZlMGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		351 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFUVHNJC77UEE0VESCMG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-1-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-cache
TCP_HIT from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=17
x-tt-trace-id
00-24121013344501701212D54B98BCA96D-5F19975C35BF4336-00
content-length
98539
date
Wed, 11 Dec 2024 18:06:32 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024121013344501701212D54B98BCA96D
server
nginx
x-akamai-request-id
1798467
x-tt-trace-host
01e38bb3d2529f8b8860e30c5236389c57209b0ac0302ecfa433d261b2224299f1c691c29a09451d629084f745e623b8bd8720cd49a3d1112cc88649c95ac747a9dc44228644b483dfa6aaa3bfdf2433defe374d6ed288e116aaa61f730a4716c6
identify_45dd5971.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-1-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-cache
TCP_MEM_HIT from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-24111505024546F13257ECFDB5798043-3DEEC1BD2389DEA2-00
content-length
39415
date
Wed, 11 Dec 2024 18:06:32 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024111505024546F13257ECFDB5798043
server
nginx
x-akamai-request-id
17985c2
x-tt-trace-host
010c5792b7a426219d03151ae2d8ff0f364fa3b1574f8c7b61c91dd89fb3551a0e411838b2c7c8bf3351061ced1b62e8b8cc97904829c6a880f9935a310c66064e193c58efd10071d94c73467a5ee8eb7b0afe201427d87e7f1981148b7e7c247e
pixel
analytics.tiktok.com/api/v2/ 		0
716 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-1-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 11 Dec 2024 18:06:32 GMT
server-timing
inner; dur=18, cdn-cache; desc=MISS, edge; dur=13, origin; dur=115
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 11 Dec 2024 18:06:32 GMT
x-akamai-request-id
17985f9
access-control-allow-headers
Authorization,*
x-tt-trace-host
01832456fc1dac0eccdbc0978a29fd2569fd29c095e949b70e22176272bff385de9ce8a7fc1cc6bad95fb1baf886d9e3740d7f124e7c90f2bd8969262518e28940bd868bf2a251661a0f4c4e715c422423bc6e71c14d70f02f1195bc56bc4e3912
x-origin-response-time
116,2.16.1.135
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241211180632BAB17E156BD176FBECFA-5C8E9AF299807A59-00
content-length
0
x-tt-logid
20241211180632BAB17E156BD176FBECFA
server
nginx
track
events.doktorabc.com/ 		0
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.doktorabc.com/track
Requested by
Host: scripts.doktorabc.com
URL: https://scripts.doktorabc.com/events.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.69.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-69-106.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://ds1rdy0kgpa5r.cloudfront.net
content-length
0
date
Wed, 11 Dec 2024 18:06:32 GMT
x-powered-by
Express
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Cache-Control, Content-Type, Content-Length, Connection, Date, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Prototype-Version, X-Mx-ReqToken, X_Json, X-Requested-With
act
analytics.tiktok.com/api/v2/pixel/ 		0
877 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.1.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-1-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-cache-remote
TCP_MISS from a23-220-105-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 11 Dec 2024 18:06:32 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=188, origin; dur=147, inner; dur=100
x-cache
TCP_MISS from a2-16-1-135.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date
Wed, 11 Dec 2024 18:06:32 GMT
x-akamai-request-id
74dd6b51.1798729
access-control-allow-headers
Authorization,*
x-tt-trace-host
01832456fc1dac0eccdbc0978a29fd25697c091155a3caed5deee58d77620f0f5224744edd76ba200e382d17282177ec185300ddcd31fb82da24e6f6034d93017dbe2eb20807e4a2e9664b1639f504138e411c0613162da1661d4281c2deea36f592516914098d8611c225837bb689bf6b
x-origin-response-time
147,23.220.105.73
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-241211180632DC919E2E3235C36C99F2-1800453E7A5F406B-00
content-length
0
x-parent-response-time
323,2.16.1.135
x-tt-logid
20241211180632DC919E2E3235C36C99F2
server
nginx
uid
d.adup-tech.com/t/ 		80 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adup-tech.com/t/uid
Requested by
Host: s.d.adup-tech.com
URL: https://s.d.adup-tech.com/services/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.219.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-219-208.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bc1b015cb1fd529773b4265073ebc73dd88e40fdb98749bef1f120afe0630aaa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
private, max-age=31536000
content-length
80
p3p
policyref="/w3c/p3p.xml", CP="OTC NOI DSP COR PSAo PSDo IVAo IVDo OTPo OUR IND"
date
Wed, 11 Dec 2024 18:06:33 GMT
etag
W/"DQWMiX6a6yDIBnWdSp4O"
content-type
application/javascript; charset=utf-8
server
nginx
retargeting.html
d.adup-tech.com/services/ Frame E503 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d.adup-tech.com/services/retargeting.html
Requested by
Host: s.d.adup-tech.com
URL: https://s.d.adup-tech.com/services/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.218.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-218-152.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ds1rdy0kgpa5r.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 11 Dec 2024 18:06:33 GMT
p3p
policyref="/w3c/p3p.xml", CP="OTC NOI DSP COR PSAo PSDo IVAo IVDo OTPo OUR IND"
server
nginx
httpFront-v4.css
cdn.pushcrew.com/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/css/httpFront-v4.css
Requested by
Host: cdn.pushcrew.com
URL: https://cdn.pushcrew.com/js/515b7f186cf66cd345a61a73f527f2ed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.0.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a61ef972cc356f3e373f34ac0128817eeacafd5e9724fd4d5fc1bbbfa73cdc9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6641e3cb-4c4b"
age
312
x-content-type-options
nosniff
expires
Wed, 11 Dec 2024 18:31:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Dec 2024 18:06:33 GMT
content-type
text/css
last-modified
Mon, 13 May 2024 09:56:27 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=43200
via
1.1 google
cf-ray
8f0768c47a80905b-FRA
access-control-allow-origin
*
server
cloudflare
1e639e09-1746-4eb1-a789-80d9fd021f7a.png
cdn.pushcrew.com/img/logos/515b7f186cf66cd345a61a73f527f2ed/ 		484 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pushcrew.com/img/logos/515b7f186cf66cd345a61a73f527f2ed/1e639e09-1746-4eb1-a789-80d9fd021f7a.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.0.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f740bec322db09273c8f659b6d6498f61cef8db1123317f127f4a7c0a26e306
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cf-bgj
imgq:85,h2pri
etag
"5e2ff9b0-696"
age
66641
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=1686
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Dec 2024 18:06:33 GMT
content-type
image/webp
content-disposition
inline; filename="1e639e09-1746-4eb1-a789-80d9fd021f7a.webp"
vary
Accept
last-modified
Tue, 28 Jan 2020 09:06:56 GMT
priority
u=3,i
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=1209600
via
1.1 google
cf-ray
8f0768c47a83905b-FRA
accept-ranges
bytes
content-length
484
server
cloudflare
logo.svg
ds1rdy0kgpa5r.cloudfront.net/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ds1rdy0kgpa5r.cloudfront.net/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-70.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08896e0fe578f365e1589a9abde23ffdfdde581181f4db03944ab78941445980

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

x-amz-meta-etag
Q18RbNXENonBX445+HRh2Q==
content-encoding
gzip
etag
"d4d30acf82bb7fa122271967b8271bb1"
x-amz-version-id
_TebJwVU2zTBpIzOvYjtPBAslLAnCFnQ
x-cache
Miss from cloudfront
x-amz-cf-id
IrUG7V0je19ZpPfXE2ZeJ8pysWkfs2XKAfKeuPK7DHsc8ngf0M_enA==
date
Wed, 11 Dec 2024 18:06:34 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Dec 2024 22:24:50 GMT
vary
Origin
cache-control
no-cache, no-store, must-revalidate
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
606
x-amz-cf-pop
FRA56-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
ret
t.d.adup-tech.com/t/ 		43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.d.adup-tech.com/t/ret?t=7b2276657273696f6e223a312c226163636f756e74223a2239323737222c2274797065223a22686f6d6570616765227d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.219.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-219-208.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
must-revalidate, no-cache, no-store
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="OTC NOI DSP COR PSAo PSDo IVAo IVDo OTPo OUR IND"
date
Wed, 11 Dec 2024 18:06:33 GMT
content-type
image/gif
server
nginx
settings.js
dev.visualwebsiteoptimizer.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=377836&settings_type=1&vn=7.0&exc=3|4|5|1160|6|9|60|61|90|97|106|376|386|494|496|497|498|562|771|772|777|811|822
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/cdn/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-8d10848523c08c9d3c8f13f12e71c925br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
6760a1cfbcb729df6976515e2036d4513134be878ca37e3bc234827958ff6553

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
content-encoding
gzip
etag
W/"1733909855"
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 18:06:34 GMT
content-type
application/javascript; charset=UTF-8
server
gfra1
/
mp.doktorabc.com/track/ 		25 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.doktorabc.com/track/?verbose=1&ip=1&_=1733940395632
Requested by
Host: ds1rdy0kgpa5r.cloudfront.net
URL: https://ds1rdy0kgpa5r.cloudfront.net/static/js/main.4d1840da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://ds1rdy0kgpa5r.cloudfront.net/

Response headers

access-control-max-age
1728000
access-control-expose-headers
X-MP-CE-Backoff
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iR80ZXTM2G0inFmJGxnheFAHDBExRczjDuDD6sms4cUtx0Rfa9frWuxup2k87Y7l2UeJDwxyrrniNUYhn6KrYUxKYrXn3bzVMFZEIa7mRdAXvkvd83Sly6ZQfKUHgC64irg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
server-timing
cfL4;desc="?proto=TCP&rtt=3501&min_rtt=802&rtt_var=5137&sent=14&recv=18&lost=0&retrans=0&sent_bytes=5540&recv_bytes=7688&delivery_rate=5183770&cwnd=257&unsent_bytes=0&cid=32d28a1d24b6dbcd&ts=4269&x=0"
date
Wed, 11 Dec 2024 18:06:35 GMT
content-type
application/json
access-control-allow-headers
X-Requested-With, Content-Type
strict-transport-security
max-age=604800; includeSubDomains
cache-control
no-cache, no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
via
1.1 google
cf-ray
8f0768d0cea6dbfe-FRA
access-control-allow-origin
https://ds1rdy0kgpa5r.cloudfront.net
content-length
25
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
trk.healthy-guru.com
URL
https://trk.healthy-guru.com/conversion.js?cid=OPTIONAL&et=open
Domain
trk.healthy-guru.com
URL
https://trk.healthy-guru.com/conversion.js?et=open
Domain
trk.healthy-guru.com
URL
https://trk.healthy-guru.com/conversion.gif?cid=OPTIONAL&et=open
Domain
trk.healthy-guru.com
URL
https://trk.healthy-guru.com/conversion.gif?et=open

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| settings_timer number| _vwo_settings_timer object| _vwo_code number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css object| _vwo_geo function| commonWrapper function| pushBasedCommonWrapper function| surveyDataCommonWrapper function| gcpfb string| _vwo_cookieDomain string| _vwo_uuid number| _vwo_library_timer string| _vis_opt_file string| _vis_opt_lib function| _vwo_err object| _VWO string| _vwo_mt object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa object| VWOOmni string| _vwo_cdn string| _vwo_worker_cb number| _vwo_clicks object| Trustpilot boolean| storageEnabled number| countOfEventsSent function| getLogFunc object| eventsSettings object| eventsCommon boolean| eventsCommonScriptLoaded object| eventsStorage boolean| eventsStorageScriptLoaded object| clientLogger boolean| clientLoggerScriptLoaded object| eventsTracking object| trackingV object| eventsTemporaryQueue boolean| eventsTrackingScriptLoaded object| clientHttp boolean| clientHttpScriptLoaded function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath string| pushcrewHash function| fbq function| _fbq object| __nls number| ___vwo object| _pcq object| webpackChunkfunnel_client object| regeneratorRuntime object| dataLayer function| OneSignalDeferred object| _hsq boolean| _pc_loaded object| PC function| bowser object| __pc object| _pushcrewDebuggingQueue object| _pc_u boolean| ecomEventsInit object| pctracker function| _pc_s number| __oneSignalSdkLoadCount function| OneSignal function| __jp0 object| google_tag_manager object| google_tag_data function| aa string| AlgoliaAnalyticsObject function| rdt string| TiktokAnalyticsObject object| ttq function| redditNormalizeEmail object| AlgoliaAnalytics function| AdUpRetargeting object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| pushcrew object| uAd_uid_timeout object| uAd_scripts

19 Cookies

Domain/Path Name / Value
.ds1rdy0kgpa5r.cloudfront.net/ Name: _vwo_uuid_v2
Value: DB6C632316CDDA0498F5E567996B98599|ed54930351ed3e7f1d0135ce37607868
.ds1rdy0kgpa5r.cloudfront.net/ Name: _vis_opt_s
Value: 1%7C
.ds1rdy0kgpa5r.cloudfront.net/ Name: _vis_opt_test_cookie
Value: 1
.ds1rdy0kgpa5r.cloudfront.net/ Name: _vwo_uuid
Value: DB6C632316CDDA0498F5E567996B98599
.ds1rdy0kgpa5r.cloudfront.net/ Name: _vwo_ds
Value: 3%241733940390%3A44.02864926%3A%3A
.ds1rdy0kgpa5r.cloudfront.net/ Name: _vwo_sn
Value: 0%3A2
.ds1rdy0kgpa5r.cloudfront.net/ Name: _fbp
Value: fb.2.1733940391439.737621526877832920
.onesignal.com/ Name: __cf_bm
Value: b5Vsqke88A5TCs7N369oD33p.b7pWGnuCE9agQp19jg-1733940391-1.0.1.1-ZCx4BLUVsxA5jyuNRQ.1dMrnXUqk6KWmtzRy1U5UsK8xb9KF5pOqCs7IUZrY8B0e3ybxPSbLRrb4Y_6oFWp_ow
ds1rdy0kgpa5r.cloudfront.net/ Name: _wingify_pc_uuid
Value: 6964e5851dd44986aa596098d7e4ed25
.ds1rdy0kgpa5r.cloudfront.net/ Name: _gcl_au
Value: 1.1.2129670600.1733940392
.ds1rdy0kgpa5r.cloudfront.net/ Name: _rdt_uuid
Value: 1733940391966.2f32c4fc-b6ca-49a9-b498-1d42a27fa518
ds1rdy0kgpa5r.cloudfront.net/ Name: _ALGOLIA
Value: anonymous-1476e8f2-e0a1-4f57-89b1-d4631c835869
.tiktok.com/ Name: _ttp
Value: 2q574e6VmN2GarWtEYvVlIQbykb
.ds1rdy0kgpa5r.cloudfront.net/ Name: _tt_enable_cookie
Value: 1
.ds1rdy0kgpa5r.cloudfront.net/ Name: _ttp
Value: G0PZzgmdHbF67jTL_wQprmhVyuu.tt.2
ds1rdy0kgpa5r.cloudfront.net/ Name: wingify_donot_track_actions
Value: 0
.d.adup-tech.com/ Name: uid_sec
Value: -ktn01MQKIDIBnWdSp7R
.d.adup-tech.com/ Name: sync_sec
Value: 5b226173222c22616e222c226463222c22796c225d
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.tiktok.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.pushcrew.com
connect.facebook.net
d.adup-tech.com
dev.visualwebsiteoptimizer.com
ds1rdy0kgpa5r.cloudfront.net
events.doktorabc.com
fonts.googleapis.com
fonts.gstatic.com
funnel-api.doktorabc.com
mp.doktorabc.com
onesignal.com
pixel-config.reddit.com
s.d.adup-tech.com
scripts.doktorabc.com
sessions.bugsnag.com
t.d.adup-tech.com
trk.healthy-guru.com
widget.trustpilot.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.redditstatic.com
trk.healthy-guru.com
104.16.160.145
104.18.186.31
104.22.0.247
104.26.5.48
13.32.121.48
142.250.184.232
142.250.185.227
142.250.186.106
142.250.186.68
151.101.1.140
151.101.129.140
151.101.65.140
157.240.251.35
157.240.251.9
18.66.102.70
18.66.112.57
2.16.1.235
3.72.218.152
3.77.219.208
34.96.102.137
35.190.88.7
52.222.236.107
52.29.69.106
08896e0fe578f365e1589a9abde23ffdfdde581181f4db03944ab78941445980
09b67475f266dbf552159ca9f6b44d9dc3ea04842b2bd6e8b09d74f6b21897d0
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35
1b762f42d43fdcdddb6b0e62d668fe2896fcfa86c3b01b50f3672b714546fc6d
1c31d683daa148f4312c555d7306a49af5f67cbae068bb5635e0675d84af465c
1e1abe4d97744d6e9c3d7409a4a19149017fe786029ad4f0cdbc6343946ee92a
212993954a2ee514986d07fe8c31815aa842db31af6f4ea4afa9879532deff93
267dc875947dec076b686187053e948fa3ac88e71d14d29ab275ef5056fe445b
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2dac5cde4558576e7506add46b22e20632daa2472bd6cf84f4c4e8ea454d3455
3f740bec322db09273c8f659b6d6498f61cef8db1123317f127f4a7c0a26e306
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e6424c29d19658529915185d43a0962585f8ad02271ac3018121bbac44ece42
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57ce9b5a668b125901362c53e5cfdb4eb9dda721b609f6d71d2eb4b17a4e4e7c
5db74ee8fbbcf2884b30442c69e6e0a160761758c20c15b539dc618aa4df63fc
6760a1cfbcb729df6976515e2036d4513134be878ca37e3bc234827958ff6553
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634
726325df2491f36b4bc3f48c1de5da66edb577519acda4755f684876f623e204
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e01ebd25a601fc8dc0734a1db7dd8d91a533806c9b7dabe4497db2921990760
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bae894301a1ac927ae8e6854531b8f81c494f2edee5d39c88c85a0479032c7
884132bd957179ca7178357a5493a81a4c3e62a4c7fca303b689d6b7110c86bf
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8b54b65bdd46c8f1bab9fb5c5a451337c35c041d583abfe4227aa45dc1b426ff
8c0391a10dda9611de5242555391f7d4926bc0a4c9bace5bdc72d4106b64d54f
8d103c67e8d5f5b55476a5d968c371a67ebf3b4cedbda34e576744355a92c778
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9a61ef972cc356f3e373f34ac0128817eeacafd5e9724fd4d5fc1bbbfa73cdc9
9e1f6d174b3260c9187747e1660ade5c9e3f2b6d13a82abb6da175ea18adb0b8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b8a6be1b7b84e57bc058941161bdc8e10235b67f5940e63b58a6c71cb246c598
bc1b015cb1fd529773b4265073ebc73dd88e40fdb98749bef1f120afe0630aaa
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c621d6faf0b6eadeffbae8461aa4068441e9b10c4dad24671214ed7dea673923
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa6c8d20c8d2b47e1b81d7bc4b9f879df60521d6a9ee0184ce37d6a679accc9
d41877474c270fc78297015f7a6033e63af2d24c5c7f8a7e58baa9b5edbcaf46
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215
dc8872fd9c60dc21ff07732086db07c2f5609d0629ca40f91c6e347dd471ce62
e0d2e872be145886fa21dbfb0bdd82a6dd87de09470f3b4dc8a93c9548f1d365
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629