tb-go.xyz Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tb-go.xyz/
Submission: On November 29 via api (November 29th 2024, 3:25:22 pm UTC) from US — Scanned from NL

Summary HTTP 81 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 13 domains to perform 81 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is tb-go.xyz.
TLS certificate: Issued by WE1 on November 29th 2024. Valid for: 3 months.

This is the only time tb-go.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UPS (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
61	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2.19.225.116 2.19.225.116	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.102.85 18.66.102.85	16509 (AMAZON-02) (AMAZON-02)
1	18.173.205.127 18.173.205.127	16509 (AMAZON-02) (AMAZON-02)
1	52.214.247.153 52.214.247.153	16509 (AMAZON-02) (AMAZON-02)
1	13.33.187.116 13.33.187.116	16509 (AMAZON-02) (AMAZON-02)
1	2.23.196.132 2.23.196.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.201.253.231 23.201.253.231	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.161.82.90 3.161.82.90	16509 (AMAZON-02) (AMAZON-02)
1	52.207.131.128 52.207.131.128	14618 (AMAZON-AES) (AMAZON-AES)
1	2.19.216.168 2.19.216.168	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	13.107.246.45 13.107.246.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	216.58.206.78 216.58.206.78	15169 (GOOGLE) (GOOGLE)
81	17

61 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

tb-go.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.225.116 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-225-116.deploy.static.akamaitechnologies.com

www.ups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-85.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.205.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-127.fra56.r.cloudfront.net

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.247.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-247-153.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-116.fra60.r.cloudfront.net

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.196.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-196-132.deploy.static.akamaitechnologies.com

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.253.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-253-231.deploy.static.akamaitechnologies.com

akamai.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-90.fra56.r.cloudfront.net

aap-p.ups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.131.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-131-128.compute-1.amazonaws.com

ups.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.216.168 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-168.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

6451349.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media-us1.digital.nuance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	tb-go.xyz tb-go.xyz	2 MB
4	ups.com www.ups.com — Cisco Umbrella Rank: 8941 aap-p.ups.com — Cisco Umbrella Rank: 12072	146 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	13 KB
2	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 960 match.adsrvr.org — Cisco Umbrella Rank: 377	255 B
2	doubleclick.net 1 redirects 6451349.fls.doubleclick.net — Cisco Umbrella Rank: 13786	771 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1652 c.go-mpulse.net — Cisco Umbrella Rank: 782	53 KB
2	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1341 akamai.tiqcdn.com — Cisco Umbrella Rank: 12141	109 KB
2	company-target.com s.company-target.com — Cisco Umbrella Rank: 1549 api.company-target.com — Cisco Umbrella Rank: 4358	1008 B
1	nuance.com media-us1.digital.nuance.com — Cisco Umbrella Rank: 10586	7 KB
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 262	808 B
1	demandbase.com tag-logger.demandbase.com — Cisco Umbrella Rank: 5387	419 B
1	blueconic.net ups.blueconic.net — Cisco Umbrella Rank: 15776 Failed	725 B
0	rlcdn.com Failed id.rlcdn.com Failed
81	13

	Domain	Requested by
61	tb-go.xyz	tb-go.xyz
3	www.ups.com	tb-go.xyz
2	www.youtube.com	tb-go.xyz www.youtube.com
2	6451349.fls.doubleclick.net	1 redirects tb-go.xyz
1	media-us1.digital.nuance.com	tb-go.xyz
1	match.adsrvr.org	tb-go.xyz
1	insight.adsrvr.org	1 redirects
1	c.go-mpulse.net	s.go-mpulse.net
1	aap-p.ups.com	tb-go.xyz
1	akamai.tiqcdn.com	tb-go.xyz
1	s.go-mpulse.net	tb-go.xyz
1	tags.tiqcdn.com	tb-go.xyz
1	dpm.demdex.net	tb-go.xyz
1	tag-logger.demandbase.com	tb-go.xyz
1	ups.blueconic.net	tb-go.xyz
1	api.company-target.com	tb-go.xyz
1	s.company-target.com	tb-go.xyz
0	id.rlcdn.com Failed	tb-go.xyz
81	18

This site contains links to these domains. Also see Links.

Domain
adm.upserv-vn.top
www.ups.com

Subject Issuer	Validity	Valid
tb-go.xyz WE1	`2024-11-29` - `2025-02-27`	3 months	crt.sh
www.ups.com COMODO ECC Organization Validation Secure Server CA	`2024-10-14` - `2025-10-14`	a year	crt.sh
*.company-target.com R10	`2024-10-14` - `2025-01-12`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-13` - `2025-09-14`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2024-11-05` - `2025-11-04`	a year	crt.sh
aap-p.ups.com Amazon RSA 2048 M02	`2024-07-04` - `2025-08-03`	a year	crt.sh
*.blueconic.net Amazon RSA 2048 M02	`2024-10-11` - `2025-11-09`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-16` - `2025-10-14`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://tb-go.xyz/
Frame ID: 59F8F8E864C5D5E3C3BBFCE767444829
Requests: 76 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 29BAFBCCAD730FF329DDE9C41FE57CD5
Requests: 1 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
Frame ID: 9BD25E35E8440D67C5785C9AFDCBD30B
Requests: 2 HTTP requests in this frame

Frame: https://tb-go.xyz/
Frame ID: 81CBF7EAC6D4FFA990E9D8AE331CFB19
Requests: 1 HTTP requests in this frame

Frame: https://tb-go.xyz/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0
Frame ID: E405FAE8886BE9CB268AD378038C68EE
Requests: 1 HTTP requests in this frame

Frame: https://6451349.fls.doubleclick.net/activityi;dc_pre=CM2i9fLsgYoDFe-4_QcdNaoa6A;src=6451349;type=sitev;cat=upsal0;ord=5236928768305;npa=0;auiddc=1791588719.1714961806;gdid=dYmQxMT;uaa=arm;uab=64;uafvl=Chromium%3B124.0.6367.119%7CGoogle%2520Chrome%3B124.0.6367.119%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=macOS;uapv=13.4.0;uaw=0;pscdl=noapi;gtm=45fe4510v9179590599za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page
Frame ID: 644EFC573C553D70085EE354D61071A7
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0
Frame ID: 8D327CD3CFBAE5506D970ACB633793F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home Page

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

81
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

17
IPs

5
Countries

2877 kB
Transfer

5900 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://adm.upserv-vn.top/
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.ups.com/us/en/help-center/legal-terms-conditions/privacy-notice.page
Title: Privacy Notice

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://6451349.fls.doubleclick.net/activityi;src=6451349;type=sitev;cat=upsal0;ord=5236928768305;npa=0;auiddc=1791588719.1714961806;gdid=dYmQxMT;uaa=arm;uab=64;uafvl=Chromium%3B124.0.6367.119%7CGoogle%2520Chrome%3B124.0.6367.119%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=macOS;uapv=13.4.0;uaw=0;pscdl=noapi;gtm=45fe4510v9179590599za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page HTTP 302
https://6451349.fls.doubleclick.net/activityi;dc_pre=CM2i9fLsgYoDFe-4_QcdNaoa6A;src=6451349;type=sitev;cat=upsal0;ord=5236928768305;npa=0;auiddc=1791588719.1714961806;gdid=dYmQxMT;uaa=arm;uab=64;uafvl=Chromium%3B124.0.6367.119%7CGoogle%2520Chrome%3B124.0.6367.119%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=macOS;uapv=13.4.0;uaw=0;pscdl=noapi;gtm=45fe4510v9179590599za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page

Request Chain 76

https://insight.adsrvr.org/track/up?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0

81 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tb-go.xyz/ 457 KB
106 KB 576ms
400ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d496395275738e3818ebf44cd1dd9844663d906bde6add6be72ac8e944b10f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8ea39bf93cbbb76c-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 29 Nov 2024 15:25:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bByUg2nNyBm3EQcbK%2B7QvP9ds8WbcvHpblU57bDnj4PFJ3fvGBaHWppCwiaFyE7RJRjQt6pF4wOPt3rbfhDpsV6nGhGJGXdtu5fo8ZrdnxgPSou1ZMj0yaUvHdg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=12898&min_rtt=11355&rtt_var=3540&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3981&recv_bytes=2308&delivery_rate=361543&cwnd=249&unsent_bytes=0&cid=785418dff40517c6&ts=513&x=0"
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 latest.js Show response
tb-go.xyz/datalayer/v4/ 43 KB
14 KB 578ms
571ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/datalayer/v4/latest.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b604f1e389d668b8535edb53e650780275dfa02e874ecc98c8f72c38662799f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-aa37"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TrpDXmNjLZj1H3X3YVjIlG1xPtbxXwx3KU87DVpKg8SyhQv6NQbJ3651%2BQsCSdbhpvledNXx6S%2BX9taYhqsp%2Fzn0P40LWJCTM2pP9yZTZ0vwTPQkoNPWyK1BLvo%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=13089&min_rtt=11226&rtt_var=259&sent=308&recv=174&lost=0&retrans=0&sent_bytes=304601&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=1090&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbef58b76c-AMS
server: cloudflare

GET
H2 200 286726385262010 Show response
tb-go.xyz/signals/config/ 72 KB
73 KB 389ms
382ms Script
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/signals/config/286726385262010

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b51cc7ac6b354d1705835d0d66855798c0b4a3d602fc56ac971bcbc9928a28c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: DYNAMIC
etag: "66c85d01-12175"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqdGHoI8YgT0deYFHB%2Fk8cHNpYN3zv9lO%2FAntDcEXivweiTwoT4o3TVzLMH%2B1xMim7QaJTlaiFBNBs26yONp07FOOtkwlm1HoiKtMYlETu8mfqoSr1hWQng8Os4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=14284&min_rtt=11355&rtt_var=3718&sent=125&recv=67&lost=0&retrans=0&sent_bytes=99231&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=917&x=0"
date: Fri, 29 Nov 2024 15:25:15 GMT
content-type: application/octet-stream
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbef5ab76c-AMS
accept-ranges: bytes
content-length: 74101
server: cloudflare

GET
H2 200 fbevents.js Show response
tb-go.xyz/en_US/ 218 KB
65 KB 579ms
577ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/en_US/fbevents.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-369f5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2xRoHT4DwijvDfcVrar2G%2BksiiGXzw3sg6Smj5NcDemFcxzRH2XHFBj%2FqU87%2BI1hFC5IsSmANW2m3o5J5SfKWr24jo38HzxcRirX4%2FiEQMRd5%2FiUNrSSngdaQ0%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26654&min_rtt=11226&rtt_var=249&sent=549&recv=255&lost=0&retrans=0&sent_bytes=607983&recv_bytes=5305&delivery_rate=7321316&cwnd=301&unsent_bytes=0&cid=785418dff40517c6&ts=1117&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfc0f6bb76c-AMS
server: cloudflare

GET
H2 200 www-widgetapi.js Show response
tb-go.xyz/s/player/7d1f7724/www-widgetapi.vflset/ 215 KB
86 KB 567ms
565ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/s/player/7d1f7724/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fab1dbe30e8ff5b2b88f3175638cee6011f8c5ec952a555216436ca3045cd5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-35ddb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QEyxzIujMxCM%2BtZLFBWZO1q3UgnmVnKBJGOb2as8p9kIC%2BjumjSGszoZc6cgIXr0pThhaijMz2GyGzGH37Xd88IVecwIakn2xa2H08zLXSITx1g8uqrqXNOpr2k%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16971&min_rtt=11226&rtt_var=506&sent=450&recv=213&lost=0&retrans=0&sent_bytes=482625&recv_bytes=5305&delivery_rate=7321316&cwnd=259&unsent_bytes=0&cid=785418dff40517c6&ts=1103&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfc0f6db76c-AMS
server: cloudflare

GET
H2 200 fs.js Show response
tb-go.xyz/s/ 270 KB
100 KB 567ms
565ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/s/fs.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

714e572d89d556563c1364be11abf53243e01bec73dcec44bf812fa77059b385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-436bd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FvwVwZtgsajAoVnneshAM8Bk%2FDZ4reJFJSgFsjk6KdD8TrtHHbPgKqToILwxigNTr8ZMyDUPflULXB8hO%2BOR0qpalscQ8lcbWPpi7AxwmCKsVj%2FuTG9fo7%2B57Q%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16971&min_rtt=11226&rtt_var=506&sent=462&recv=213&lost=0&retrans=0&sent_bytes=497474&recv_bytes=5305&delivery_rate=7321316&cwnd=259&unsent_bytes=0&cid=785418dff40517c6&ts=1103&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfc0f6eb76c-AMS
server: cloudflare

GET
H2 200 up_loader.1.1.0.js Show response
tb-go.xyz/ 10 KB
5 KB 369ms
367ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/up_loader.1.1.0.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a95689e90e588b166f7b3ecd334959a2d6a3da1d73d557c8fb72fa10cf465dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-27af"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kY2vZEdktnnBFYzQaXVIrmnXw2%2BemMMl4zFwJ19e57iDKanVOz3ROs7Sc6AJT9JBNxfSRYwVxjBQPfUxU8DbYWqeBVl9LOdq5CWZ29iTAJw8xnUX6MRpvcxESzU%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12260&min_rtt=11355&rtt_var=885&sent=139&recv=79&lost=0&retrans=0&sent_bytes=113383&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=929&x=0"
date: Fri, 29 Nov 2024 15:25:15 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfc0f6fb76c-AMS
server: cloudflare

GET
H2 200 DZlgJRFL.min.js Show response
tb-go.xyz/ 98 KB
31 KB 572ms
571ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/DZlgJRFL.min.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f935413246aa9088aefdf7f3700b5b30403f6ebd213f04aeb5639e91044ebe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-18914"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nGe4g4ZcGi%2BfRKFlJtq4EmOqYFyLJNmTSNw6tBlRc3inwSC6xBsucCmpnLYIsDgYdp%2B6bCeg9yuK%2BtWC2XNSdmsTPVbADja%2FMDHCzwCzYnieafo3fVEIeke5ovk%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=19716&min_rtt=11226&rtt_var=2432&sent=523&recv=220&lost=0&retrans=0&sent_bytes=576316&recv_bytes=5305&delivery_rate=7321316&cwnd=266&unsent_bytes=0&cid=785418dff40517c6&ts=1108&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfc0f71b76c-AMS
server: cloudflare

GET
H2 200 js Show response
tb-go.xyz/gtag/ 207 KB
208 KB 370ms
369ms Script
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/gtag/js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50e444f8e583f317127ff039f7725bf4b7bb762c902794ab3581549daddd6ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: DYNAMIC
etag: "66c85d01-33ba9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WCcjaaeGiTRKs40ispScBgZi3evj9wQaVWh6A879D3eP6k5x1opPTlAE6Skxm3x08W7b3BOHOH1VndIYpEbbIeCTqsX5yGAuRBpTMacIds5MqGeNAguKpE8YFKQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12222&min_rtt=11355&rtt_var=740&sent=146&recv=80&lost=0&retrans=0&sent_bytes=118202&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=930&x=0"
date: Fri, 29 Nov 2024 15:25:15 GMT
content-type: application/octet-stream
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfc0f72b76c-AMS
accept-ranges: bytes
content-length: 211881
server: cloudflare

GET
H2 200 iframe_api Show response
tb-go.xyz/ 1 KB
2 KB 372ms
366ms Script
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/iframe_api

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

786246b1f2d93e093aedaae29e417e119d5cad0e033a908b12e0f5840f202b82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: DYNAMIC
etag: "66c85d01-41f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylpDhFGUcGcU6Qdzpyf8vpuaKlCuspl4g%2BglWHqrmginL3%2BG%2F8R6%2BphkCH0HBtm%2B%2BmHw2ljyiI8V%2BHcxYzI5XkM1%2F%2FILVy%2FIz1342OD0vm0UwjWGAWeZu7KIOlQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=18187&min_rtt=11355&rtt_var=10202&sent=122&recv=57&lost=0&retrans=0&sent_bytes=97465&recv_bytes=5305&delivery_rate=2942776&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=898&x=0"
date: Fri, 29 Nov 2024 15:25:15 GMT
content-type: application/octet-stream
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbdf37b76c-AMS
accept-ranges: bytes
content-length: 1055
server: cloudflare

GET
H2 200 script.js Show response
tb-go.xyz/ 143 KB
49 KB 561ms
561ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/script.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10e7a69355297c553ad1d4ad6e23ed4aa81bd23e3d0a6f41a580d2d8dba3f6d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-23aaa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2F3Di5oD%2B5twUo25B8c7HyM9D9kjDxNEqZkbVrUHuiivTMNVCFeXzd1dlIrZAk7P0z36hkTwFp%2B1nYCcIsSdmKU2io7ve6gKel%2F1u7ANR22Zrv11WFYqPUCVYC0%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16971&min_rtt=11226&rtt_var=506&sent=396&recv=213&lost=0&retrans=0&sent_bytes=415204&recv_bytes=5305&delivery_rate=7321316&cwnd=259&unsent_bytes=0&cid=785418dff40517c6&ts=1101&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfc0f73b76c-AMS
server: cloudflare

GET
H2 200 utag.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 470 KB
128 KB 569ms
568ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccf6bafadbccca28f49ffdb6a2c2515a101a27bfa277f8bd822226e8625441b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-7571b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyFWypTHOFC4bYUgV72BlIH7HJFABG7jdanqh7OZ8euBsPqhdtKTUtP%2FSTE%2FZNT7JIH1P3XU6gxe%2FwLk4p6ZKV2Oov1%2FRoIAIMdOTw3H2dajSnEVm%2FJLeswzDZw%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16971&min_rtt=11226&rtt_var=506&sent=487&recv=213&lost=0&retrans=0&sent_bytes=528695&recv_bytes=5305&delivery_rate=7321316&cwnd=259&unsent_bytes=0&cid=785418dff40517c6&ts=1105&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfc0f74b76c-AMS
server: cloudflare

GET
H2 404 ruxitagentjs_ICA7NVfgqrux_10289240325103055.js
tb-go.xyz/ 0
0 417ms
411ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb-go.xyz/ruxitagentjs_ICA7NVfgqrux_10289240325103055.js
Requested by: Host: tb-go.xyz
URL: https://tb-go.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cmtGl%2BA%2FnHS1QSEc7K6EWwEy8YRURReJLxR%2FdOuISGslzxyc9kOpFo%2F6bMRKWSzYoEom9i9F2ddk%2Ba1UlKh%2FRE7gPCMsMlKR1h112AFVZOQxZgi2nmc82FsrNZs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbdf3ab76c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=11620&min_rtt=11292&rtt_var=63&sent=163&recv=98&lost=0&retrans=0&sent_bytes=133126&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=944&x=0"
date: Fri, 29 Nov 2024 15:25:15 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Roboto-Light.ttf
tb-go.xyz/assets/resources/webcontent/styles/fonts/ 163 KB
164 KB 720ms
713ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/fonts/Roboto-Light.ttf

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2835b358aaaa329f9a4bb47936c96687202ca24774a2e1c78251a596f2b01fa5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-28c58"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2SpSzJpqBec3UENeOWenHRVPWUPKWBCIjalt4NLyXnWhbcyrW6C0ArT5NKC7G%2B4A5V0QJVCQgIVBx%2FEll6TGY9RjE%2FZgAqPt8Gj6CrNpYgvatvbtuZaaf6hejFc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=13021&min_rtt=11226&rtt_var=1383&sent=669&recv=487&lost=0&retrans=0&sent_bytes=765669&recv_bytes=5305&delivery_rate=9806948&cwnd=372&unsent_bytes=0&cid=785418dff40517c6&ts=1246&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/octet-stream
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbdf3bb76c-AMS
accept-ranges: bytes
content-length: 167000
server: cloudflare

GET
H2 200 Roboto-Regular.woff
tb-go.xyz/assets/resources/webcontent/styles/fonts/ 26 KB
26 KB 547ms
542ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/fonts/Roboto-Regular.woff

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

444b94c2f00b433b4297bc32a247be7d30db791abb13d9d77bbec032c141eb46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-6628"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f11V4yFWzPf6hlG0m54bzO7VE7bCZyb0o6fRtS7hd01B5o%2Fqb5tj42wdb55Li%2F7epb4SsW1zWPZpickbDqBQJ4RiZ9fff4sTV8V8awfUePtq3PJn1V3A1nqA%2BdA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=11612&min_rtt=11226&rtt_var=117&sent=216&recv=119&lost=0&retrans=0&sent_bytes=190644&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=1075&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: font/woff
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbdf3db76c-AMS
accept-ranges: bytes
content-length: 26152
server: cloudflare

GET
H2 200 Roboto-Regular.woff2
tb-go.xyz/assets/resources/webcontent/styles/fonts/ 19 KB
20 KB 540ms
535ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/fonts/Roboto-Regular.woff2

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c54a730394f47a040134beab422547426e7c7cd516a4d8865d2abc4871f6cbca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-4bc0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ku7N1NiS7tTC5DU1FM5NdaGYXT5AtR9eWbU%2Bwyj3NQer2ghhm22bsiWIkWYb02JM1EjgkssWiCnt0GPDM3eyJS34kFMF%2F5VZMOAgSbcpuSSMusDtEefuUTIcqUk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=11612&min_rtt=11226&rtt_var=117&sent=182&recv=119&lost=0&retrans=0&sent_bytes=150465&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=1070&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: font/woff2
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbdf3fb76c-AMS
accept-ranges: bytes
content-length: 19392
server: cloudflare

GET
H2 200 Roboto-Regular.ttf
tb-go.xyz/assets/resources/webcontent/styles/fonts/ 167 KB
168 KB 720ms
716ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/fonts/Roboto-Regular.ttf

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-29d08"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJuK%2BMvjDir2eznETTHzq8kUknESNF2pcavZ7IFUM0n29HfNIyiZ963yZnFm%2B%2Fp1nO4dQHosr1oH3K9inM8vpwqN4yhPyKjwha6CJbtdW%2Fun3D9e5VK5DcR3eOY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12653&min_rtt=11226&rtt_var=43&sent=693&recv=529&lost=0&retrans=0&sent_bytes=796838&recv_bytes=5305&delivery_rate=9806948&cwnd=372&unsent_bytes=0&cid=785418dff40517c6&ts=1250&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/octet-stream
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbdf41b76c-AMS
accept-ranges: bytes
content-length: 171272
server: cloudflare

GET
H2 200 Roboto-Medium.woff
tb-go.xyz/assets/resources/webcontent/styles/fonts/ 92 KB
93 KB 702ms
698ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/fonts/Roboto-Medium.woff

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f543ad26c42709ef00a1921f7dd1aa27a1930a354ecb353196665e43dac3706

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-1709c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QqCM5Xmd6VDpvjISOxT3VWewk4CUzdMTz9yG1vyGaDINbod0zQlbIXXPSLswK5uUKxUxv5GZzsg2ljYFAhgCf3IdbfaNSw6AyMpc%2Fsl%2BFi1tbiBeCXBHQ3y6JDU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=34323&min_rtt=11226&rtt_var=150&sent=573&recv=462&lost=0&retrans=0&sent_bytes=639160&recv_bytes=5305&delivery_rate=9806948&cwnd=364&unsent_bytes=0&cid=785418dff40517c6&ts=1233&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: font/woff
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbdf42b76c-AMS
accept-ranges: bytes
content-length: 94364
server: cloudflare

GET
H2 200 Roboto-Medium.woff2
tb-go.xyz/assets/resources/webcontent/styles/fonts/ 19 KB
19 KB 541ms
537ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/fonts/Roboto-Medium.woff2

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9be050cd531fa9a5f06f2e209829ea95edae28a8425908462ef55fd82979a89

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-4c20"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BoOA00p2sOWzy3QGtG2PWcsY13oa3PgKR7hDzrWaR%2FymhMXTTXvwKYp80OXhuNbDonVo8wCjSR%2Bwll3qb4HGRhR%2FBVujTYQzTv3E5ZlMutbuTdH5Nfbzb48zDk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=11612&min_rtt=11226&rtt_var=117&sent=199&recv=119&lost=0&retrans=0&sent_bytes=170607&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=1072&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: font/woff2
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbdf44b76c-AMS
accept-ranges: bytes
content-length: 19488
server: cloudflare

GET
H2 200 Roboto-Medium.ttf
tb-go.xyz/assets/resources/webcontent/styles/fonts/ 168 KB
168 KB 712ms
709ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/fonts/Roboto-Medium.ttf

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-29e88"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRqFVm5d0hpc1i3Os4jO7a5UjnmimfW%2FJQo5KMW%2FjPv9rZTHOBGBN%2BxuWO1Vk6%2B5cIzksc%2FFxZkj8dw88bsypJR5fzyTvkRLPxL397w6JDul1NBjsz0aQpTPyIo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=34323&min_rtt=11226&rtt_var=150&sent=645&recv=462&lost=0&retrans=0&sent_bytes=734511&recv_bytes=5305&delivery_rate=9806948&cwnd=364&unsent_bytes=0&cid=785418dff40517c6&ts=1244&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/octet-stream
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbef4fb76c-AMS
accept-ranges: bytes
content-length: 171656
server: cloudflare

GET
H2 200 Roboto-Bold.woff
tb-go.xyz/assets/resources/webcontent/styles/fonts/ 26 KB
26 KB 555ms
552ms Font
font/woff 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/fonts/Roboto-Bold.woff

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fce1e38ce56a7e63a78d5811e54679dba8cd15d6455cf312f4d2bd886e42d36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-67c4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1L%2F6ezqYf99KgkM5csKROSd08pKeNAAwmHxpCZ6b8E3allt0Ni76CaM%2B8FVC9H%2BKMDoLOGDvAtR6prwUFda0x7HhTM1v%2Fdjd5x1e2L0QG5IalGSqqYLiluY%2Ff7Y%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=11612&min_rtt=11226&rtt_var=117&sent=255&recv=119&lost=0&retrans=0&sent_bytes=237667&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=1082&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: font/woff
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbef51b76c-AMS
accept-ranges: bytes
content-length: 26564
server: cloudflare

GET
H2 200 Roboto-Bold.woff2
tb-go.xyz/assets/resources/webcontent/styles/fonts/ 19 KB
20 KB 546ms
543ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/fonts/Roboto-Bold.woff2

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b54b79ee86c7b666f57df9ff19d0f3483ae330b18d0aebc3dcc053d0ee8e0e02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-4ccc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GKTP2scBUVU4XEEUmJQba2QcGu28rXYivuALluMCgKbRpor2ybivNBSH85PHrj3zlBTsvgVcyOPoIKDDKHCra8ztqRHVsW9mOu9Pc3ZMowq22gkSjR7frj0rpJs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=11612&min_rtt=11226&rtt_var=117&sent=238&recv=119&lost=0&retrans=0&sent_bytes=217465&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=1076&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: font/woff2
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbef52b76c-AMS
accept-ranges: bytes
content-length: 19660
server: cloudflare

GET
H2 200 Roboto-Bold.ttf
tb-go.xyz/assets/resources/webcontent/styles/fonts/ 166 KB
167 KB 749ms
746ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/fonts/Roboto-Bold.ttf

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-2996c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIahjMipaHC2Znnd1tz%2B%2FfGjF4ABv56mq%2BwL3k7HKx%2BLID1vzUuZywZ1UE71RN7Iylli%2FKm1VQtTWiXgNT2HCmufMEZhBA6kC4kUTbNNoS2MDYo%2FAqNKR%2B0XfGU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=12249&min_rtt=11226&rtt_var=58&sent=1011&recv=708&lost=0&retrans=0&sent_bytes=1213021&recv_bytes=5305&delivery_rate=12898441&cwnd=433&unsent_bytes=0&cid=785418dff40517c6&ts=1277&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/octet-stream
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbef54b76c-AMS
accept-ranges: bytes
content-length: 170348
server: cloudflare

GET
H2 200 ups.vendor.cf1e21.js Show response
tb-go.xyz/assets/resources/webcontent/scripts/vendor/ 306 KB
80 KB 574ms
571ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/scripts/vendor/ups.vendor.cf1e21.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

814cb5cf0bb1729c47a4669cc27c141fd845f969f955574361120c39a12f5608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-4c71b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aujLKKB9Kjb4ghEm%2BMEdWe8fjocjYLpnLlXkXg7OZGOdKUlGxSKbX0A2%2BlOnGXHSJg%2BfzqIpkPJra%2FRiql73LeitVDw%2BfyR%2B%2F4UiE83ZEjzTw8ZlOLj9NP8bLsQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=13525&min_rtt=11226&rtt_var=486&sent=320&recv=180&lost=0&retrans=0&sent_bytes=318826&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=1090&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbef56b76c-AMS
server: cloudflare

GET
H2 200 ups.vendor.161a0d161a0d.css
tb-go.xyz/assets/resources/webcontent/styles/ 108 KB
21 KB 592ms
590ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/ups.vendor.161a0d161a0d.css

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a549adbd193f091a69c8995eb7b34c5ec73ef15f098af300cb297f78254e1013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-1b0df"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hr1%2BNJUNjYaeZpWDrFezaNZlcxNkOt4SMpj1aiOSDrJ5EANL%2BnYhM6P72XVvb7M%2Bg2e010PVodGGDpw%2BRbv70Phgd3nExcFGjx2AxgMeEJ86ZqU8Qk2fe9RklFk%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16971&min_rtt=11226&rtt_var=506&sent=421&recv=213&lost=0&retrans=0&sent_bytes=444138&recv_bytes=5305&delivery_rate=7321316&cwnd=259&unsent_bytes=0&cid=785418dff40517c6&ts=1102&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: text/css
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbdf33b76c-AMS
server: cloudflare

GET
H2 200 ups.styles.950028cc0d3c.css
tb-go.xyz/assets/resources/webcontent/styles/ 306 KB
61 KB 570ms
568ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/styles/ups.styles.950028cc0d3c.css

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84f130d7425f3ca758137acc3a45d7242fafca33f67f212b03277cbf6774917b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-4c7ef"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QqSbGQgQVNz61uGfmpE6Fa4cCQhm0kgW4g7sWTlmtO0ftjURxlliuXVm8nWB0p5XKc56s8ar6TqlDr%2FHsD3yKTQV%2F%2BiYUByMt%2BsVytbrqaL9wsDsJ4jlFtL4YA%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=13089&min_rtt=11226&rtt_var=259&sent=284&recv=174&lost=0&retrans=0&sent_bytes=273300&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=1089&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: text/css
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbdf35b76c-AMS
server: cloudflare

GET
H2 200 utag.sync.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 169 KB
61 KB 578ms
576ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.sync.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e047153357fbf19a10b87948423fc7ad140ab7a6ef58367b8fdc9af543ca5473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-2a43b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLJJuuNA1zefbOTRUCgRE2Gn3fhVfSPM4VXcoMC%2F8MREq7tsHeO7MmNlkv5Kq6x4ajs4S2aKmrH9I2Jdpj19S%2FL1glMPcUgRpln6K8d99ikPPZpGXEvKhfKO2sI%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=14211&min_rtt=11226&rtt_var=435&sent=359&recv=191&lost=0&retrans=0&sent_bytes=369828&recv_bytes=5305&delivery_rate=5002519&cwnd=258&unsent_bytes=0&cid=785418dff40517c6&ts=1092&x=0"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbef57b76c-AMS
server: cloudflare

GET
H2 404 ShipAbandon.css
tb-go.xyz/assets/resources/webcontent/styles/ 0
0 410ms
408ms Stylesheet
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb-go.xyz/assets/resources/webcontent/styles/ShipAbandon.css
Requested by: Host: tb-go.xyz
URL: https://tb-go.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7T5bF2J2QSZe%2FK1%2BgBcvJKaLyWya0Bt8ksEVJcjzcpvripT96G5LSuOGzmiuAAaQ3qzq9c5ddej%2B9Z8IGVoTWWrxFx1xYuQoA4nRXe8tNw7g3Wbm570QLibM2A%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbef5bb76c-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=11620&min_rtt=11292&rtt_var=63&sent=160&recv=98&lost=0&retrans=0&sent_bytes=132372&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=943&x=0"
date: Fri, 29 Nov 2024 15:25:15 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 UPS_Smart_Banner.1.2.1.js Show response
tb-go.xyz/assets/resources/webcontent/scripts/ 514 B
786 B 412ms
411ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/scripts/UPS_Smart_Banner.1.2.1.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f66b7ccbef28fbffe4a0726a2336bd80e8e4ed6daf08784f77761d9b35bf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66c85d01-202"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FcImNlYY91kwSZCWNUgSCfrk87ruNhPhYKIStV8DGX8lxlEcLtRu8bvhabi5goKaH%2FD1xHFv9yA4Pe1EINMZCAlISetalKvfujJ55yPD5O%2B%2FwmBTJJhV6q0jZW4%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=11620&min_rtt=11292&rtt_var=63&sent=166&recv=98&lost=0&retrans=0&sent_bytes=133765&recv_bytes=5305&delivery_rate=4463634&cwnd=253&unsent_bytes=0&cid=785418dff40517c6&ts=945&x=0"
date: Fri, 29 Nov 2024 15:25:15 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfbef5cb76c-AMS
server: cloudflare

GET
H3 200 utag.90.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 15 KB
6 KB 370ms
369ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.90.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3566b2b6a3c342320820be8e5d92fa8efd9b9085fd5c8110457a509eec0828c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-3c0a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7d1HFBie3CGqpFtFYQG1Sh61NzBWBf8eJ8oq4%2BcpSgm%2BQ1elU3NJt9LhBZxDMH%2F1OmFdCOKsDFkQz57Feb9Cm61dMsiZ7fmE9flwNAiTq1C8OujBrOc0hSEVq%2FQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12484&min_rtt=12009&rtt_var=2198&sent=18&recv=27&lost=0&retrans=0&sent_bytes=4414&recv_bytes=19763&delivery_rate=746&cwnd=12000&unsent_bytes=0&cid=c9525328f6812236&ts=517&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfcd9e2669a-AMS
server: cloudflare

GET
H3 200 utag.89.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 148 KB
44 KB 533ms
530ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.89.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4ea3ebba116eb9aff5e6d39c3e930e0282c2c238a1d78f35d816dceef1fe2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-25020"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGphlBJ%2Bb7BMmBKfAtRcLv3mJqZrwXIpFWY3xTtyGfYcPuc%2BbZqzcQ26U4IOCAEWw%2BeGh2jHjfA7rcX%2BZHLLf6rgJDNXzT1kor4p9CbJkObPbLluFhe9Q5gNO7w%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19500&min_rtt=11691&rtt_var=4611&sent=79&recv=56&lost=0&retrans=0&sent_bytes=68305&recv_bytes=23570&delivery_rate=1627598&cwnd=30000&unsent_bytes=0&cid=c9525328f6812236&ts=680&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfcd9e4669a-AMS
server: cloudflare

GET
H3 200 utag.114.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 36 KB
8 KB 376ms
373ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.114.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

588116a2e863ba8710eb7f5f996ff4cca491ed57f87e986ad06f9c2870d78f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-9147"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FD5OV3hvPmu%2BCC%2BpYV2tQD9FT7NVIZV7obtDyYJhzC8UOpBVYcr7U2KKyg98hwY9GivS5iaauGEdZnfXsY4SgjCUunZPaCEKA1C8D67h9M4e7MHmhZN8YVDFH2s%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12484&min_rtt=12009&rtt_var=2198&sent=25&recv=27&lost=0&retrans=0&sent_bytes=12524&recv_bytes=19763&delivery_rate=746&cwnd=12000&unsent_bytes=0&cid=c9525328f6812236&ts=523&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfcd9e5669a-AMS
server: cloudflare

GET
H3 200 utag.98.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 2 KB
2 KB 385ms
381ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.98.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

227db6f793cfa2f4a48ff5b82417440b6b7b14c1f925e126b9771955ac8cc63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-9b7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0ZKI16scPMfCnvZVY9vUHYpfLjXVxRConPr5osQCmFUREE7f9Gve9645MZzPqOY3cKhWvxyeP6S5izlJWn4u%2F%2BESFllq%2BURBd5hDIjsgl5WGDFnBhSgkYzLRF0%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12484&min_rtt=12009&rtt_var=2198&sent=29&recv=27&lost=0&retrans=0&sent_bytes=16414&recv_bytes=19763&delivery_rate=746&cwnd=12000&unsent_bytes=0&cid=c9525328f6812236&ts=525&x=1", cfHdrFlush;dur=4
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfcd9e7669a-AMS
server: cloudflare

GET
H3 200 utag.96.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 3 KB
2 KB 392ms
389ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.96.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c87576f2113d5c9fd03fad504cbdc97880428fb1aa2645fd47af0a50be8ff82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-d41"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i0wd5dvtFRP6Yf%2BPABJDuXzR7ijWfkXgTAHUNZob%2BetwMkAEzm9Jr97ZxR9iJxjuHx9K35y8CHBezktCoQWZgLfXNm24kGwFKQkWxzJuRKH6rk0PS4JUIEDWNCA%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14282&min_rtt=12009&rtt_var=3312&sent=35&recv=33&lost=0&retrans=0&sent_bytes=22772&recv_bytes=20865&delivery_rate=32682&cwnd=16800&unsent_bytes=0&cid=c9525328f6812236&ts=536&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfcd9e8669a-AMS
server: cloudflare

GET
H3 200 utag.111.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 3 KB
2 KB 374ms
371ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.111.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6516d57a0c50cdd4ad3afc1ab656cf35a72163d4a6019dd54f4fc5ed5bc2fa69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-dd0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QGKO972koa8RMIXeAPHkMc5Mn1UPuIfgZpx3LlmaAi0NxTKVBKVYul6uPfPXGdUBnW7GOaJWfp8VaPgEz1B6NMJ6Jc9ESM6ZfnTZHTIJ0MNSyM1l5%2Fuyy%2BTM9YI%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12484&min_rtt=12009&rtt_var=2198&sent=23&recv=27&lost=0&retrans=0&sent_bytes=10273&recv_bytes=19763&delivery_rate=746&cwnd=12000&unsent_bytes=0&cid=c9525328f6812236&ts=521&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfcd9ea669a-AMS
server: cloudflare

GET
H3 200 utag.100.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 4 KB
2 KB 447ms
444ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.100.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e9b1ad7766539407fa65dac1d7504cf1ef41aaa2dfc1c7c0e01dbbc382ad516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-11a8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aeGlJJwzvXEGsW6caH4XibbBsLGPWA5wfj0sl%2BVmszIZWjEFcYZcQ1r4wRgg%2FbxrFkf9Rou2JJWUwjwfQjWyUhH2%2BCPhKeB52mVzNXbyqm3%2FIC6RyyO9T3JCiJM%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15000&min_rtt=12009&rtt_var=3153&sent=38&recv=38&lost=0&retrans=0&sent_bytes=25161&recv_bytes=22787&delivery_rate=20512&cwnd=16800&unsent_bytes=0&cid=c9525328f6812236&ts=570&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfd1a32669a-AMS
server: cloudflare

GET
H3 200 utag.105.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 6 KB
3 KB 456ms
454ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.105.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb7b06120ce8d71bfd4824c6d4d20f3f47195cb927c4a60dcb05c1b27f4aab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-1884"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vWWJdSGszPXzSBwHA2Clt8l3JLMUrLWf0R8YvLHhVg9P6FVR0UOdKs9s68LR9Ctgwy%2FeDrNGK4%2BT2kh4jEYIlLlh%2FKfNZLOMSLP1NQEJxiQGcEyWUEMNDZP%2BQ2Q%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15917&min_rtt=12009&rtt_var=4199&sent=47&recv=39&lost=0&retrans=0&sent_bytes=34774&recv_bytes=22831&delivery_rate=91472&cwnd=16800&unsent_bytes=0&cid=c9525328f6812236&ts=586&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfd3a47669a-AMS
server: cloudflare

GET
H3 200 utag.106.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 29 KB
7 KB 449ms
447ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.106.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f260cdb2c6d555f0e2b0aba0d2373224f98ec96b1daf87482c9f1fa1d3f84974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-731c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9kcQCpROD46XmPB7v31gzRKHWvayobJwAeI%2FewsP9Fr4BrRSSUS%2Fv7aODSGKHPMbinCcAofTHQ64ss5XdiihuCUiGTo7yXvAZ9YrBZU8JeY2QPkYc%2FHv0%2Bafzd0%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15000&min_rtt=12009&rtt_var=3153&sent=41&recv=38&lost=0&retrans=0&sent_bytes=27725&recv_bytes=22787&delivery_rate=20512&cwnd=16800&unsent_bytes=0&cid=c9525328f6812236&ts=574&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfd3a4a669a-AMS
server: cloudflare

GET
H3 200 utag.115.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 8 KB
4 KB 461ms
459ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.115.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c18138136419bd7a223ac54f1bf1d4536cb58950eb2359a01dbff8c3bd5f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-2062"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVRMLw%2BeQN%2F7A8qL68frFpi3xuFttAfKbvtJnD4zKOLOjQLiKjcPXXWsUWGEHDpJNBS%2FQIxzlzI%2F%2FEUw2FQPVbHKBhTFEIXSk3UNj%2FsG6Ev06Bj6k8pXdpPoTxc%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15917&min_rtt=12009&rtt_var=4199&sent=54&recv=39&lost=0&retrans=0&sent_bytes=41961&recv_bytes=22831&delivery_rate=91472&cwnd=16800&unsent_bytes=0&cid=c9525328f6812236&ts=601&x=1", cfHdrFlush;dur=8
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfd4a84669a-AMS
server: cloudflare

GET
H3 200 utag.120.js Show response
tb-go.xyz/utag/ups/yoda/prod/ 30 KB
11 KB 456ms
455ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/ups/yoda/prod/utag.120.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d956606238423fa46ef6e1d5936408f718db051480adeeb00ca4d9f19747254b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-79df"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfih8auFFV9%2BEX3NR3drIyPS4YoS92Gbl2pX1Pdm0HPoYsI3DySVznXukWGGHPBrLJYHpVSIjgO%2BvTIZAnoedoB5QpB50tDtF55PMrp4hIFdHUbsXjzrPBfhD78%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15917&min_rtt=12009&rtt_var=4199&sent=51&recv=39&lost=0&retrans=0&sent_bytes=38653&recv_bytes=22831&delivery_rate=91472&cwnd=16800&unsent_bytes=0&cid=c9525328f6812236&ts=597&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfd4a86669a-AMS
server: cloudflare

GET
H3 200 utag.v.js Show response
tb-go.xyz/utag/tiqapp/ 2 B
655 B 455ms
454ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/utag/tiqapp/utag.v.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R1W09ggNUNpPZsXmgQ1tGor1A88GMQip5NZwEHA195cEYtp6tDhp0KVSj55qN26nYtrEKAqU16OL8ngMsILCVtyyVOo0%2BUGF4v9ElkSR8i733l221zdwypxYNOk%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:15 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15917&min_rtt=12009&rtt_var=4199&sent=50&recv=39&lost=0&retrans=0&sent_bytes=37975&recv_bytes=22831&delivery_rate=91472&cwnd=16800&unsent_bytes=0&cid=c9525328f6812236&ts=590&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfd4a89669a-AMS
accept-ranges: bytes
content-length: 2
server: cloudflare

GET
H3 200 integrations Show response
tb-go.xyz/rec/ 19 KB
20 KB 469ms
468ms Script
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/rec/integrations

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d1202fa85766379376e3dea69a32aca8ffb3ac4cfd8652f174582fadaca544

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: DYNAMIC
etag: "66c85d01-4ded"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z96o426zAZOuN%2Fhd%2BHQnL%2FOzGfXx9I20BWj87y2qDfTHkulXoy62J3xfzXikYV89ATK3p8g%2F3fe4s2fryWGgRp5WK8GCK%2F%2B4o%2BshLtXHOOJSOiG7bKUaVDn1oRA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24644&min_rtt=12009&rtt_var=8593&sent=65&recv=46&lost=0&retrans=0&sent_bytes=53627&recv_bytes=23132&delivery_rate=346289&cwnd=24000&unsent_bytes=0&cid=c9525328f6812236&ts=619&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/octet-stream
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfd4a8b669a-AMS
accept-ranges: bytes
content-length: 19949
server: cloudflare

GET
H3 200 locator.a14ab7.js Show response
tb-go.xyz/assets/resources/webcontent/scripts/applications/locator/ 144 KB
35 KB 537ms
536ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/scripts/applications/locator/locator.a14ab7.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5b868316ff626fd5a5be49dea43d922ea29c38d0114770820b16da1ea41f005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-23f35"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7pUQALZqoLkJturYrVv%2BLAenQsWdL4WxFjC4npakUjE6Eo8mxLlTlG6mqqa5voZx7oaI2gNJMxsAk1S%2B5mZLNeqwbz5aALxgr5m0gqd8lLeG%2FKX0l%2FNNmnw6M0%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13701&min_rtt=11691&rtt_var=2111&sent=149&recv=72&lost=0&retrans=0&sent_bytes=146092&recv_bytes=24285&delivery_rate=489891&cwnd=34800&unsent_bytes=0&cid=c9525328f6812236&ts=1009&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfedc3e669a-AMS
server: cloudflare

GET
H3 200 ups-logo.svg
tb-go.xyz/assets/resources/webcontent/images/ 2 KB
2 KB 391ms
390ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-go.xyz/assets/resources/webcontent/images/ups-logo.svg

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f5ae3f644595dc6c5aa69ae618a108102bb62e1a38a50b89fd7af1b8ffe5eae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-7ac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjNTOrFmAHXvSnoUAYDYZRYKsmuKqBk%2FeAzT2lIFKEqeFoC5MvZQoY9Uipb1%2BVpW3J8DyIHLRGUlOiMNYGKwNmiug8PiOWcPUy2e1ayczm0hf2k%2BWqvQBbr1GMI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14682&min_rtt=11691&rtt_var=2506&sent=139&recv=68&lost=0&retrans=0&sent_bytes=135270&recv_bytes=24105&delivery_rate=1273484&cwnd=34800&unsent_bytes=0&cid=c9525328f6812236&ts=862&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: image/svg+xml
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfedc42669a-AMS
server: cloudflare

GET
H2 200 icp.gif
www.ups.com/img/ 43 B
436 B 247ms
54ms Image
image/gif 2.19.225.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ups.com/img/icp.gif

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.225.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-225-116.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache
pragma: no-cache
referrer-policy: same-origin
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 15:25:16 GMT
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1732893916114_389993730_86662611_64_17845_33_65_182";dur=1
content-length: 43
date: Fri, 29 Nov 2024 15:25:16 GMT
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Apr 2015 19:29:01 GMT
content-type: image/gif
server: Apache
x-frame-options: SAMEORIGIN

GET
H3 200 inqChatLaunch10005649.js Show response
tb-go.xyz/chatskins/launch/ 5 KB
3 KB 373ms
372ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/chatskins/launch/inqChatLaunch10005649.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f452fe511b40b92936b114a654e2e87ea44c99c642433db45fe78d1a1d55557a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-13dd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08VHgHEl8hN2YtNES68O7O7R33lYAcZvvc8x7nvLX27Fg1v3CPJpojuuKuEvoC%2BFNFxmCzmfPwwNV37vnbD9lRJtOkDPG0wVg1lxtoQehUETJx1PFP%2BUJfwrsUs%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15172&min_rtt=11691&rtt_var=2945&sent=113&recv=66&lost=0&retrans=0&sent_bytes=106825&recv_bytes=24011&delivery_rate=420112&cwnd=34800&unsent_bytes=0&cid=c9525328f6812236&ts=844&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfedc44669a-AMS
server: cloudflare

GET
H3 200 ups.scripts.8dbb05.js Show response
tb-go.xyz/assets/resources/webcontent/scripts/ 86 KB
27 KB 549ms
548ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/assets/resources/webcontent/scripts/ups.scripts.8dbb05.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16350a55bf86fc28abcdec9b484e6ee835b67d471bdc9f2ae91e1255ea7cd88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-156c8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ev21sG3gR2gaZdLvqXW8TCXm9g07Qj7reGCfhkv4o4WNhOqvXVfIPcAG%2BSGYNtR75oqJ4YmLU%2BiOxUkhUKVJD51Hu2rQSyw6ewmbyzCeiS8aYkQUxx9wG%2Bt6lvU%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13701&min_rtt=11691&rtt_var=2111&sent=179&recv=72&lost=0&retrans=0&sent_bytes=180892&recv_bytes=24285&delivery_rate=489891&cwnd=34800&unsent_bytes=0&cid=c9525328f6812236&ts=1015&x=1", cfHdrFlush;dur=7
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfedc49669a-AMS
server: cloudflare

GET
H3 200 gvIgQB Show response
tb-go.xyz/Mqr2fn/i99hV/nKplo/Wg/N7YGLbYf1X/PxVSYg/Ty0cAE/ 213 KB
213 KB 383ms
382ms Script
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/Mqr2fn/i99hV/nKplo/Wg/N7YGLbYf1X/PxVSYg/Ty0cAE/gvIgQB

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2db9c3ca14fbcef6183b08fb1fdfc90d6c3c29fa70c611925259839df49070b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: DYNAMIC
etag: "66c85d01-35221"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bb5bhaS%2F3tUpjJOwdvbtHTBQLlYBZ7VZAw1pUqvr4N9LCYhIzr2lN3%2F6eWXVwcDRew5N5d0%2FJgevK5FToOX769pfs1Fu4k9jXbY4bLSZwK9YQ9q2wwlRydiKBWQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15172&min_rtt=11691&rtt_var=2945&sent=128&recv=66&lost=0&retrans=0&sent_bytes=123475&recv_bytes=24011&delivery_rate=420112&cwnd=34800&unsent_bytes=0&cid=c9525328f6812236&ts=856&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/octet-stream
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfedc4a669a-AMS
accept-ranges: bytes
content-length: 217633
server: cloudflare

GET
H3 200 chatLoader.min.js Show response
tb-go.xyz/media/launch/ 22 KB
8 KB 418ms
417ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/media/launch/chatLoader.min.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b55d57c97138bdc965fe2214cfa5101f06fac526e7e3400e76ebc12472b0780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-5768"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYdAlsBml478lUsUTje73y53rO7Wt7EOoLux5hgX0gbU%2FG%2FYBigsJC3fEud9NwsnaJAYGCCraDTcVD7on42ml0ZwZWUhtF1yx4aFk3Rozi1s%2F3DeJBEB6%2FlDI7I%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14197&min_rtt=11691&rtt_var=2228&sent=141&recv=70&lost=0&retrans=0&sent_bytes=137143&recv_bytes=24195&delivery_rate=665876&cwnd=34800&unsent_bytes=0&cid=c9525328f6812236&ts=890&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bff1c98669a-AMS
server: cloudflare

GET
H3 200 464526.gif
tb-go.xyz/ 62 B
716 B 433ms
432ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-go.xyz/464526.gif

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ca6c5d894e72297c1021cee75b151ddb41083f3b07e2ec479b609267d3c1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

cf-cache-status: MISS
etag: "66c85d01-3e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J4UkhYO8ZpgZ1DekSqwi0dYN5CIF8xxuJX6qo%2F7eiF5AKWoqnrkRNEfWp%2B%2FQwB%2FRHS8q9wgDp%2FvaVFhxKYbiC3FLvtXEnnk4Xgcq3OprmncZeFwVEzmhKJJ8I0A%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 29 Dec 2024 15:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14197&min_rtt=11691&rtt_var=2228&sent=148&recv=70&lost=0&retrans=0&sent_bytes=145352&recv_bytes=24195&delivery_rate=665876&cwnd=34800&unsent_bytes=0&cid=c9525328f6812236&ts=904&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: image/gif
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bff3cae669a-AMS
accept-ranges: bytes
content-length: 62
server: cloudflare

GET
H3 200 site_10005649_default_helper.js Show response
tb-go.xyz/media/launch/ 93 KB
19 KB 613ms
612ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/media/launch/site_10005649_default_helper.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

888318b870d2be563e7a01a5c7a98cbc31010300fa71b9c834f9264ef5aa4529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-17402"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACrp%2FeqazmcK9Ue%2FrT0QTKv56AdCDhuNLy82Edw0bzIRfjti2xRb7aif4U0b2QYQ5B6MqyB105aS5x3i2w0rMAJuLW0Erk6hTzY9ak3oBMy6Em0VkEhFXrtVHBE%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 30 Nov 2024 03:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13846&min_rtt=11691&rtt_var=1039&sent=232&recv=81&lost=0&retrans=0&sent_bytes=241706&recv_bytes=24688&delivery_rate=3869818&cwnd=69600&unsent_bytes=0&cid=c9525328f6812236&ts=1082&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bff3caf669a-AMS
server: cloudflare

GET
H2 200 sync
s.company-target.com/s/ Frame 29BA 0
0 150ms
103ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.company-target.com/s/sync?exc=lr

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/DZlgJRFL.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

22.71.96.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tb-go.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Fri, 29 Nov 2024 15:25:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET 464526.gif
id.rlcdn.com/ 0
0

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 483 B
1008 B 136ms
61ms XHR
application/json 18.66.102.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Ftb-go.xyz%2F&page_title=Home%20Page

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/DZlgJRFL.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-85.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

45c979925759aa59839f35d4ece495959ef664ba3acf9cf25cdd156f3479ab59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://tb-go.xyz/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: 9e92340e-1f1c-4249-afb5-f3286ce55c47
expires: Thu, 28 Nov 2024 15:25:16 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: Du6p85hgOvlvGgUMt53BwkRdmF1I6pQr8YLDP6EZ3P6j5NtGfQ4f5A==
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v2
access-control-allow-credentials: true
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
access-control-allow-origin: https://tb-go.xyz
x-amz-cf-pop: FRA56-P2
server: nginx

POST 500
ups.blueconic.net/DG/DEFAULT/rest/rpc/ 0
0

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
419 B 194ms
118ms XHR
text/html 18.173.205.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=Du6p85hgOvlvGgUMt53BwkRdmF1I6pQr8YLDP6EZ3P6j5NtGfQ4f5A==&api-version=v2
Requested by: Host: tb-go.xyz
URL: https://tb-go.xyz/DZlgJRFL.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-127.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 26800
x-cache: Error from cloudfront
x-amz-cf-id: sPVanpoAYZTB0mSS-BoPW5l5SDjTSiCFSmc3LcmNL-6lk4p4wsuIWQ==
date: Fri, 29 Nov 2024 07:58:40 GMT
content-type: text/html
vary: accept-encoding
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
via: 1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: FRA56-P12
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 id Show response
dpm.demdex.net/ 212 B
808 B 146ms
31ms XHR
application/json 52.214.247.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=036784BD57A8BB277F000101%40AdobeOrg&d_nsid=0&ts=1732893916288

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/utag/ups/yoda/prod/utag.sync.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.214.247.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-247-153.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b9100de7c62e6b4b8d2b2fd365942720bd8532b7f932833326e16bba8610f804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://tb-go.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v069-0b0020d8d.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: lnW/yXIUSF8=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://tb-go.xyz
content-length: 207
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/json;charset=utf-8
vary: Origin

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/ups/yoda/prod/ 488 KB
108 KB 100ms
19ms Script
application/javascript 13.33.187.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ups/yoda/prod/utag.js
Requested by: Host: tb-go.xyz
URL: https://tb-go.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-116.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: beff422234e38299d7e64d2aa38291004fbc2acb460dc39178f87df9d4ede9cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"60f7da70f91231490e44df9d6142439a"
x-amz-version-id: Fl727YSSZpwtujXPzxH_OflyEfJ2PyJp
age: 78
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 2CesWZBhLLtqVbajYQxVQAWtHmTz8o4NGchKxDOCgYz6iYvNiWYVRw==
date: Fri, 29 Nov 2024 15:23:59 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 04:21:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 TADEN-6MDCS-UHH5M-YHPKQ-2GBH3 Show response
s.go-mpulse.net/boomerang/ Frame 9BD2 214 KB
52 KB 131ms
36ms Script
application/javascript 2.23.196.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
Requested by: Host: tb-go.xyz
URL: https://tb-go.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.196.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-196-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aaa3677440f44dc9c11249cf6291644c13c1b0eeb7ba01325ed493178f7a10a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

cache-control: max-age=604800
timing-allow-origin: *
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
content-length: 53410
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 01 Jul 2024 23:24:29 GMT
vary: Accept-Encoding

GET
H3 200 ups-logo.svg
tb-go.xyz/assets/resources/webcontent/images/ 2 KB
0 31ms
31ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-go.xyz/assets/resources/webcontent/images/ups-logo.svg

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f5ae3f644595dc6c5aa69ae618a108102bb62e1a38a50b89fd7af1b8ffe5eae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-7ac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjNTOrFmAHXvSnoUAYDYZRYKsmuKqBk%2FeAzT2lIFKEqeFoC5MvZQoY9Uipb1%2BVpW3J8DyIHLRGUlOiMNYGKwNmiug8PiOWcPUy2e1ayczm0hf2k%2BWqvQBbr1GMI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14682&min_rtt=11691&rtt_var=2506&sent=139&recv=68&lost=0&retrans=0&sent_bytes=135270&recv_bytes=24105&delivery_rate=1273484&cwnd=34800&unsent_bytes=0&cid=c9525328f6812236&ts=862&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: image/svg+xml
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfedc42669a-AMS
server: cloudflare

GET
H/1.1 200
OK location.js Show response
akamai.tiqcdn.com/location/ 18 B
562 B 175ms
40ms XHR
application/x-javascript 23.201.253.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.tiqcdn.com/location/location.js
Requested by: Host: tb-go.xyz
URL: https://tb-go.xyz/utag/ups/yoda/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.201.253.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-253-231.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

X-EdgeScape-Location: country_code=NL,region_code=0,city=AMSTERDAM,areacode=0,zip=0,bandwidth=5000
Cache-Control: max-age=1296000
Access-Control-Expose-Headers: X-EdgeScape-Location
ETag: "6c98be5fda77913799e8ef24b86a7abd:1525129759"
Connection: keep-alive
Expires: Sat, 14 Dec 2024 15:25:16 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 18
Date: Fri, 29 Nov 2024 15:25:16 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 30 Apr 2018 23:09:19 GMT
Server: AkamaiNetStorage

GET
H2 200 script.js Show response
aap-p.ups.com/ 143 KB
143 KB 455ms
19ms Script
text/javascript 3.161.82.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aap-p.ups.com/script.js

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/utag/ups/yoda/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-90.fra56.r.cloudfront.net

Software

- /

Resource Hash

3082755151bd0822c4f86b18da668a85e03ef9c05e4a8251f7b013e1d7b277a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

x-robots-tag: noindex, nofollow
etag: a139af56c2f090859852c87a8c70e2d2
age: 335
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 15:29:41 GMT
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: AsR6FcBMGa5BRrcqFccIhxQmGuw1Bo0AQCE1dltw22nCDWwv2m-Axg==
date: Fri, 29 Nov 2024 15:19:41 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 26 Nov 2024 15:19:19 GMT
cache-control: public, no-cache="Set-Cookie", max-age=600
via: 1.1 54458302557dcee9766f255184a02288.cloudfront.net (CloudFront)
content-length: 146167
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: -

GET
H2 200 locationups.png
www.ups.com/assets/resources/webcontent/icons/ 290 B
670 B 90ms
89ms Image
image/png 2.19.225.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ups.com/assets/resources/webcontent/icons/locationups.png

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/assets/resources/webcontent/styles/ups.styles.950028cc0d3c.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.225.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-225-116.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

027d74a942f3639c57c98d115b7311e515300fa610e2b7143d7a51dba2ab6a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: private, no-transform, max-age=43200
x-content-type-options: nosniff
expires: Sat, 30 Nov 2024 03:25:16 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1732893916567_389993730_86662909_67_17942_33_0_146";dur=1
content-length: 290
date: Fri, 29 Nov 2024 15:25:16 GMT
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Dec 2022 10:45:59 GMT
content-type: image/png
server: Akamai Image Manager
x-frame-options: SAMEORIGIN

GET
H2 200 ups-icon-alert-warning.svg
www.ups.com/assets/resources/webcontent/images/ 2 KB
1 KB 56ms
55ms Image
image/svg+xml 2.19.225.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ups.com/assets/resources/webcontent/images/ups-icon-alert-warning.svg

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/assets/resources/webcontent/styles/ups.styles.950028cc0d3c.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.225.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-225-116.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

498ca541f7c0adcaadd0d5e274a8891e5ceec8bb191228f675533ae4e94aff50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 15:25:16 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1732893916567_389993730_86662910_64_16391_33_0_146";dur=1
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 25 Nov 2024 02:50:47 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
referrer-policy: same-origin
accept-ranges: bytes
content-length: 686
x-xss-protection: 1; mode=block
server: Akamai Resource Optimizer

GET
DATA 200
OK truncated
/ 476 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bee6952e3c65ca306993ac329e88cd15ae16205a3562085177910f666820232

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa46059acb86b732f7ed3585dbc301fe4259f1e3bd72d2e7e69c2fa685c9cbdf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://tb-go.xyz
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 weekend-pickup-delivery-appteaser-B-1219678-Q421.png
tb-go.xyz/assets/resources/webcontent/images/ 22 KB
23 KB 543ms
542ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-go.xyz/assets/resources/webcontent/images/weekend-pickup-delivery-appteaser-B-1219678-Q421.png

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd66ca1b4859745b29607380018c62602103e1edc1c05deb09405e4de0f86b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-59f0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUftH3N4CAUw%2FqYBpq2SeDxtRhVOvJGbweg0PAtKHfiM7vm7o9hVp4Ysdow81TV4Ik%2FlKwKEIgtYRJw6RVsu2TJw9f1zKVruytpD%2Fycv%2B1%2Fycbekkp6vGQzdKjA%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 29 Dec 2024 15:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12804&min_rtt=11691&rtt_var=502&sent=413&recv=115&lost=0&retrans=0&sent_bytes=443831&recv_bytes=36925&delivery_rate=458217&cwnd=92400&unsent_bytes=0&cid=c9525328f6812236&ts=1619&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:17 GMT
content-type: image/png
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39c02a8c3669a-AMS
server: cloudflare

GET
H3 200 APAC-TH-small-business-G-1134483717-Q422-flipped.jpg
tb-go.xyz/assets/resources/webcontent/images/ 35 KB
36 KB 557ms
554ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-go.xyz/assets/resources/webcontent/images/APAC-TH-small-business-G-1134483717-Q422-flipped.jpg

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b62f2bee3449c4f82802754b45e374e93c12198404f5b912321e8d3a7ba1621b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-8c1b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KTIX3PIerLGHzpTNYAkblYpvq6WloHU9X0zP5P20M%2F2udTjuQKrGGDVR02JuGplTp04naN7HCuDFmzEzDZyyQuQxSqP0AKssBXvY6Ndpf3d8CaQEjFWNVeKirj0%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 29 Dec 2024 15:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12686&min_rtt=11691&rtt_var=486&sent=434&recv=117&lost=0&retrans=0&sent_bytes=467991&recv_bytes=37013&delivery_rate=358338&cwnd=92400&unsent_bytes=0&cid=c9525328f6812236&ts=1633&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:17 GMT
content-type: image/jpeg
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39c02a8c5669a-AMS
server: cloudflare

GET
H3 200 summer-shipping-promo-G-1317277259-Q322.jpg
tb-go.xyz/assets/resources/webcontent/images/ 31 KB
32 KB 582ms
579ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-go.xyz/assets/resources/webcontent/images/summer-shipping-promo-G-1317277259-Q322.jpg

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

499d4e7f4cfb77015daaf7c5c7afa55bc7998e66eef588220918f16443668edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-7ba9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7N5fO9ZdHBidN%2B%2B7dC5Ppce5SIdmjdvuTcXSZFb4PN4eswv1NMAidIo7ZIlKhW8yiDjqqHX9X4gekD%2FawFkXvzcXtmMlxVEGJDdy6afF4kZEA46s26XbiHeMylI%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 29 Dec 2024 15:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12960&min_rtt=11691&rtt_var=575&sent=466&recv=122&lost=0&retrans=0&sent_bytes=505358&recv_bytes=37235&delivery_rate=554676&cwnd=92400&unsent_bytes=0&cid=c9525328f6812236&ts=1657&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:17 GMT
content-type: image/jpeg
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39c02e903669a-AMS
server: cloudflare

GET
H3 200 About-PH-Air-APAC-2Q24.jpg
tb-go.xyz/assets/resources/webcontent/images/ 28 KB
29 KB 619ms
616ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-go.xyz/assets/resources/webcontent/images/About-PH-Air-APAC-2Q24.jpg

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af8decde58d97accbd26f601aaac5977eee25daf58a4532a73b4caccfdd1cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-70d4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AadPUAt3RPS4zhGPRUBmgTVjh2rMgsP%2Flbd%2BSv7E1J%2BU0IIxFFntDAXTqSuUfwsfHrDjJmBOE9nKikaKBtyCIouMBQaWX7%2BlIKvuKk3ghu3IxW2s3Yo4ngqYfiw%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 29 Dec 2024 15:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12871&min_rtt=11691&rtt_var=670&sent=521&recv=125&lost=0&retrans=0&sent_bytes=570423&recv_bytes=37371&delivery_rate=2652605&cwnd=92400&unsent_bytes=0&cid=c9525328f6812236&ts=1695&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:17 GMT
content-type: image/jpeg
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39c030920669a-AMS
server: cloudflare

GET
H3 200 About-Solar-Panels-APAC-2Q24.jpg
tb-go.xyz/assets/resources/webcontent/images/ 41 KB
42 KB 607ms
605ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-go.xyz/assets/resources/webcontent/images/About-Solar-Panels-APAC-2Q24.jpg

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a05dd977a6fd10bfc5787c4b4d335bf711d8bc34fb90cfa58d006c2afbd3f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-a3e7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZhTSIvnyU%2F%2FniGiNNvgtBx%2BLqskd%2B9XRcjupgzlSPtwhKwZyMMs6eMnGm3heH9aVxpzt9zks1CmcdRzt4ls51hBYBaCFutUNCnwhp4EdWNYTOHss8Zpc4acLURk%3D"}],"group":"cf-nel","max_age":604800}
expires: Sun, 29 Dec 2024 15:25:16 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12871&min_rtt=11691&rtt_var=670&sent=494&recv=125&lost=0&retrans=0&sent_bytes=538410&recv_bytes=37371&delivery_rate=2652605&cwnd=92400&unsent_bytes=0&cid=c9525328f6812236&ts=1684&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:17 GMT
content-type: image/jpeg
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39c030922669a-AMS
server: cloudflare

GET
H2 200 / Show response
ups.blueconic.net/DG/DEFAULT/rest/rpc/ 14 B
725 B 108ms
105ms Script
text/javascript 52.207.131.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.blueconic.net/DG/DEFAULT/rest/rpc/?requests=%5B%7B%22method%22%3A%22getProfile%22%2C%22params%22%3A%22null%22%2C%22id%22%3A%221732893916246%22%7D%2C%7B%22method%22%3A%22setProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22language%5C%22%3A%5B%5C%22nl%5C%22%5D%2C%5C%22currentscreenwidth%5C%22%3A%5B1600%5D%2C%5C%22currentscreenheight%5C%22%3A%5B1200%5D%2C%5C%22currentresolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%2C%5C%22entrypage%5C%22%3A%5B%5C%22https%3A%2F%2Ftb-go.xyz%2F%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22language%5C%22%2C%5C%22currentscreenwidth%5C%22%2C%5C%22currentscreenheight%5C%22%2C%5C%22currentresolution%5C%22%2C%5C%22entrypage%5C%22%5D%7D%7D%22%2C%22id%22%3A%221732893916248%22%7D%2C%7B%22method%22%3A%22addProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22resolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22resolution%5C%22%5D%7D%7D%22%2C%22id%22%3A%221732893916249%22%7D%2C%7B%22method%22%3A%22createEvent%22%2C%22params%22%3A%22%7B%5C%22type%5C%22%3A%5B%5C%22PAGEVIEW%5C%22%5D%2C%5C%22referrer%5C%22%3A%5B%5C%22%5C%22%5D%2C%5C%22profile%5C%22%3A%5B%5D%7D%22%2C%22id%22%3A%221732893916250%22%7D%5D&referer=https%3A%2F%2Ftb-go.xyz%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-11-29T16%3A25%3A16%2B01%3A00&callback=bc_json501

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.207.131.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-131-128.compute-1.amazonaws.com

Software

- /

Resource Hash

ff4424e09f2259d2a4dada8bd2fb9be5531f778ee4aa64d7b1679e5a9a541c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

x-robots-tag: noindex, nofollow
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-encoding: gzip
accept-ch: sec-ch-ua-platform-version
pragma: no-cache
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 34
p3p: policyref="", CP="DSP"
date: Fri, 29 Nov 2024 15:25:16 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8
server: -

GET
H2 403 config.json Show response
c.go-mpulse.net/api/ Frame 9BD2 98 B
261 B 274ms
201ms XHR
application/json 2.19.216.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=TADEN-6MDCS-UHH5M-YHPKQ-2GBH3&d=tb-go.xyz&t=5776313&v=1.792.0&if=&sl=0&si=13cccc1d-4503-4276-9c85-9e57691bb12a-snpxi3&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,BFCache,LOGN&acao=&ak.ai=265833
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.216.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-216-168.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9329217c097881a1332452dd3b0c08235636b4acfe5bb721af7e6d087210c29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
content-length: 98
alt-svc: h3=":443"; ma=93600
timing-allow-origin: *
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: application/json

GET
H3 200 ups-logo.svg
tb-go.xyz/assets/resources/webcontent/images/ 2 KB
0 1ms
1ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-go.xyz/assets/resources/webcontent/images/ups-logo.svg

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f5ae3f644595dc6c5aa69ae618a108102bb62e1a38a50b89fd7af1b8ffe5eae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-7ac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjNTOrFmAHXvSnoUAYDYZRYKsmuKqBk%2FeAzT2lIFKEqeFoC5MvZQoY9Uipb1%2BVpW3J8DyIHLRGUlOiMNYGKwNmiug8PiOWcPUy2e1ayczm0hf2k%2BWqvQBbr1GMI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14682&min_rtt=11691&rtt_var=2506&sent=139&recv=68&lost=0&retrans=0&sent_bytes=135270&recv_bytes=24105&delivery_rate=1273484&cwnd=34800&unsent_bytes=0&cid=c9525328f6812236&ts=862&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:16 GMT
content-type: image/svg+xml
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39bfedc42669a-AMS
server: cloudflare

GET
H3 200 /
tb-go.xyz/ Frame 81CB 0
0 227ms
226ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tb-go.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8ea39c059c77669a-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 29 Nov 2024 15:25:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2mmY6%2BH4r3yNGsPpACUaushDCDNL90ViD4Pa5pg0iPQauYuSNPLnT6%2Bgf249VyQ5dmz4m9IYy%2F37kwA5TVQQR3VpPvXxfHPOY1Zu1PGE790vr5lx2VYbCyrRp0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=12876&min_rtt=11691&rtt_var=607&sent=547&recv=131&lost=0&retrans=0&sent_bytes=600641&recv_bytes=37643&delivery_rate=5073922&cwnd=92400&unsent_bytes=0&cid=c9525328f6812236&ts=1778&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H3 404 nuance-chat.html Show response
tb-go.xyz/nuance/ Frame E405 548 B
741 B 236ms
236ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tb-go.xyz/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0
Requested by: Host: tb-go.xyz
URL: https://tb-go.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://tb-go.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ea39c059c79669a-AMS
content-encoding: zstd
content-type: text/html
date: Fri, 29 Nov 2024 15:25:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9PvrF%2BxjcomWYVybQPiWHqBj1hPCZbM23gusYfNvmLVGLUtem5F7Vao4u2swcV2Uk%2FKcZjO4PcPJb6QmLcTDhTtjN%2BFw3lXR%2FnZsG9%2BYHaV3r015HlGEhboAIE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=12876&min_rtt=11691&rtt_var=607&sent=563&recv=131&lost=0&retrans=0&sent_bytes=616621&recv_bytes=37643&delivery_rate=5073922&cwnd=92400&unsent_bytes=0&cid=c9525328f6812236&ts=1789&x=1" cfHdrFlush;dur=0

GET
H2

200

activityi;dc_pre=CM2i9fLsgYoDFe-4_QcdNaoa6A;src=6451349;type=sitev;cat=upsal0;ord=5236928768305;npa=0;auiddc=1791588719.1714961806;gdid=dYmQxMT;uaa=arm;uab=64;uafvl=Chromium%3B124.0.6367.119%7CGoog...
6451349.fls.doubleclick.net/ Frame 644E
Redirect Chain

https://6451349.fls.doubleclick.net/activityi;src=6451349;type=sitev;cat=upsal0;ord=5236928768305;npa=0;auiddc=1791588719.1714961806;gdid=dYmQxMT;uaa=arm;uab=64;uafvl=Chromium%3B124.0.6367.119%7CGo...
https://6451349.fls.doubleclick.net/activityi;dc_pre=CM2i9fLsgYoDFe-4_QcdNaoa6A;src=6451349;type=sitev;cat=upsal0;ord=5236928768305;npa=0;auiddc=1791588719.1714961806;gdid=dYmQxMT;uaa=arm;uab=64;ua...

0
0

32ms
31ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6451349.fls.doubleclick.net/activityi;dc_pre=CM2i9fLsgYoDFe-4_QcdNaoa6A;src=6451349;type=sitev;cat=upsal0;ord=5236928768305;npa=0;auiddc=1791588719.1714961806;gdid=dYmQxMT;uaa=arm;uab=64;uafvl=Chromium%3B124.0.6367.119%7CGoogle%2520Chrome%3B124.0.6367.119%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=macOS;uapv=13.4.0;uaw=0;pscdl=noapi;gtm=45fe4510v9179590599za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page?

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tb-go.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 586
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 15:25:17 GMT
expires: Fri, 29 Nov 2024 15:25:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 15:25:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6451349.fls.doubleclick.net/activityi;dc_pre=CM2i9fLsgYoDFe-4_QcdNaoa6A;src=6451349;type=sitev;cat=upsal0;ord=5236928768305;npa=0;auiddc=1791588719.1714961806;gdid=dYmQxMT;uaa=arm;uab=64;uafvl=Chromium%3B124.0.6367.119%7CGoogle%2520Chrome%3B124.0.6367.119%7CNot-A.Brand%3B99.0.0.0;uamb=0;uam=;uap=macOS;uapv=13.4.0;uaw=0;pscdl=noapi;gtm=45fe4510v9179590599za200;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame 8D32
Redirect Chain

https://insight.adsrvr.org/track/up?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0

0
0

46ms
30ms

Document
text/html

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0
Requested by: Host: tb-go.xyz
URL: https://tb-go.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://tb-go.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Fri, 29 Nov 2024 15:25:17 GMT
server: Kestrel

Redirect headers

content-length: 40
date: Fri, 29 Nov 2024 15:25:17 GMT
location: https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Fus%2Fen%2FHome.page&upid=3xdvk81&upv=1.1.0
server: Kestrel

GET
H2 200 chatLoader.min.js Show response
media-us1.digital.nuance.com/media/launch/ 22 KB
7 KB 183ms
15ms Script
application/javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1712813166773

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/chatskins/launch/inqChatLaunch10005649.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b0f4f51d8a7784e0b8da57b950a394bcc4cf577f43ae32ef4d35351c88b72cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
cache-control: public, max-age=3600
content-encoding: gzip
etag: W/"22376-1728603030000"
x-fd-int-roxy-purgeid: 78075890
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 22:58:22 GMT
access-control-allow-origin: *
x-cache: TCP_HIT
date: Fri, 29 Nov 2024 15:25:17 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Thu, 10 Oct 2024 23:30:30 GMT
vary: accept-encoding
x-azure-ref: 20241129T152517Z-16c84996b8cw5v6ghC1AMSv68c000000030000000000gxc5

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 82ms
35ms Script
text/javascript 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/utag/ups/yoda/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f14.1e100.net

Software

ESF /

Resource Hash

95202acb1dba479b44d42a18e4cc5cea755d755d6bfba29a6ebb9a46c63b7804

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Fri, 29 Nov 2024 15:25:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
date: Fri, 29 Nov 2024 15:25:17 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-vFfqNHvuFEvb5xZCnmhr_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H3 200 ups-use-my-location.svg
tb-go.xyz/assets/resources/webcontent/images/ 2 KB
2 KB 374ms
372ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tb-go.xyz/assets/resources/webcontent/images/ups-use-my-location.svg

Requested by

Host: tb-go.xyz
URL: https://tb-go.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

495be0d879464b7a8ad01011b69da704496a43a9cc2f4a8edb92a414527bd113

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"66c85d01-937"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTtZJEP0NwLsYXDCmW2Y%2BNfgPTK2Za5tHVaVg1mgmng5O%2BYrd0AD438Rrq%2BpIrp0fxl4ld32W0uBSy9jt7vEtt%2Bm0KosabCdJmzR5Zaew1S7DzsKkHfBoNQVKFw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12687&min_rtt=11691&rtt_var=405&sent=576&recv=135&lost=0&retrans=0&sent_bytes=629014&recv_bytes=37830&delivery_rate=907895&cwnd=92400&unsent_bytes=0&cid=c9525328f6812236&ts=1953&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:17 GMT
content-type: image/svg+xml
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39c05ccb3669a-AMS
server: cloudflare

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/b46bb280/www-widgetapi.vflset/ 30 KB
10 KB 23ms
17ms Script
text/javascript 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b46bb280/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f14.1e100.net

Software

sffe /

Resource Hash

14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: br
age: 1320
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 15:03:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 15:03:17 GMT
last-modified: Mon, 25 Nov 2024 05:12:10 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10165
x-xss-protection: 0
server: sffe

GET
H3 200 favicon.ico
tb-go.xyz/ 2 KB
2 KB 387ms
386ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tb-go.xyz/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca2236bb4ec1714e173cecb6bcc95c82e12df204c7d4c87fe4b9f01135efce8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://tb-go.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"66c85d01-8be"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQcUKN97scjYED5xYEGna2OHl4epa9qIdb%2BUtYaTs0aqkSOU20oaqA%2FoLsf6iR9A5rviStsh943NH5uZXuj%2B%2Fx2%2FcFIyVRStuKyFgCYdeiUfPMqPILNJt5p3J5g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12661&min_rtt=11691&rtt_var=475&sent=671&recv=152&lost=0&retrans=0&sent_bytes=727659&recv_bytes=41649&delivery_rate=2654&cwnd=92400&unsent_bytes=0&cid=c9525328f6812236&ts=2831&x=1", cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 15:25:18 GMT
content-type: image/x-icon
last-modified: Fri, 23 Aug 2024 09:57:21 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ea39c0b2b8c669a-AMS
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id.rlcdn.com
URL: https://id.rlcdn.com/464526.gif

Domain: ups.blueconic.net
URL: https://ups.blueconic.net/DG/DEFAULT/rest/rpc/500?referer=https%3A%2F%2Ftb-go.xyz%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-11-29T16%3A25%3A16%2B01%3A00&ts=1732893916247

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UPS (Transportation)

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.company-target.com/	1970-01-21 10:57:33	Name: tuuid Value: 5f9f8c24-2445-4848-9838-f4198bcd7e8a
.company-target.com/	1970-01-21 10:57:33	Name: tuuid_lu Value: 1732893916\|ix:0\|mctv:0\|rp:0
.casalemedia.com/	1970-01-21 10:07:09	Name: CMID Value: Z0nc3FVbLJgAAHBzAuvnGQAA
.casalemedia.com/	1970-01-21 03:31:09	Name: CMPS Value: 3310
.casalemedia.com/	1970-01-21 03:31:09	Name: CMPRO Value: 3310
.demdex.net/	1970-01-21 05:40:45	Name: demdex Value: 55204461819335967622179618999569862818
.tb-go.xyz/	1970-01-21 10:07:09	Name: CONSENTMGR Value: consent:true%7Cts:1732893916450
.tb-go.xyz/	1970-01-21 10:07:09	Name: utag_main Value: v_id:01937886bd1800233949631476b405065001205d00b08$_sn:1$_se:1$_ss:1$_st:1732895716440$ses_id:1732893916440%3Bexp-session$_pn:1%3Bexp-session$fs_sample_user:false%3Bexp-session
.tb-go.xyz/	1969-12-31 23:59:59	Name: AMCVS_036784BD57A8BB277F000101%40AdobeOrg Value: 1
.tb-go.xyz/	1970-01-21 10:57:33	Name: AMCV_036784BD57A8BB277F000101%40AdobeOrg Value: -2121179033%7CMCIDTS%7C20057%7CMCMID%7C54931271822093459502204685134265645414%7CMCAAMLH-1733498716%7C6%7CMCAAMB-1733498716%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1732901116s%7CNONE%7CvVersion%7C5.3.0
.tremorhub.com/	1970-01-21 10:07:30	Name: tvid Value: 557f97d6084b4299a669a2410bc733f9
.tremorhub.com/	1970-01-21 10:57:33	Name: tv_UIDM Value: 5f9f8c24-2445-4848-9838-f4198bcd7e8a
ups.blueconic.net/	1970-01-21 01:31:38	Name: AWSALBCORS Value: s2lpF/KGyZCFeP9JbnXmBjZfZhi0IzCKoaA2YnD2/NzHYANMQV1PEdDlentQEJ3zDkeeUyxAGvjj3T44bR2bskY5SPqzU5fNOODaOXvTfiTfnPZfSuCjh92GPrRE
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: LmU6jOIgRvM
.youtube.com/	1970-01-21 05:40:45	Name: VISITOR_INFO1_LIVE Value: qs7dHepsPH8
.youtube.com/	1970-01-21 05:40:45	Name: VISITOR_PRIVACY_METADATA Value: CgJHQhIEGgAgUg%3D%3D
.adsrvr.org/	1970-01-21 10:07:09	Name: TDID Value: 9840b0ac-2080-4036-a19d-bf6da97447ac
.doubleclick.net/	1970-01-21 05:40:45	Name: receive-cookie-deprecation Value: 1
tb-go.xyz/	1970-01-21 01:21:41	Name: XSRF-TOKEN Value: eyJpdiI6IjBKR3MxNWRMcFFXNHIwbUYyMWxEa1E9PSIsInZhbHVlIjoicjF5Tm9DQnk3S3gwU2ZLQzRjYVZMWWxVRVpWVUZUMmttSjBBMzlwTE1xWTYrUEZuckxBZXRLbWJMOHZxTWlwbDlqSnBSRDUvektrRUEvVUtFV3pROXdwODFhNXk0M3FmWkpKVUdHUFpqZFJ0azBEa0VlcE1vWVJPNFQzV2ZOcUQiLCJtYWMiOiIxNWQ0MjRhZjliZTgxMGYzN2Y3YWZlZTlkMjMwNmNiYmY3ZjA4Y2Q4NzlhMjhhZTc1ZmJmMDM3M2Y4ZjRiNmQ4IiwidGFnIjoiIn0%3D
tb-go.xyz/	1970-01-21 01:21:41	Name: laravel_session Value: eyJpdiI6ImxwSEVWK0V0cEx2Z1JLRjd6Yk9nb2c9PSIsInZhbHVlIjoiclNKaFdqbVVqWkU2OFBwM2dXcnZ6WThpNmZQaEJkd3lSS21XZGF4ZWFJZXdUeU01NHhmWTc2VmNhbHNOb2VONmIzZUY0R0dJTWRuLzRmK3BCaGp3Qkk2cEt2UHlFbkVCcWNxTGxGSW9CblRxSzR0Sjl1NEFCL1Qxdkx5aDZEUE8iLCJtYWMiOiI4MDUxNDRkZWVmNWIyNDZkNGQ1ZGNhNmM2MzM4ZmM4NTVkYTdhNTdjOGEzNWEzNmYxOGE3MzJiYmU1OWYyN2NhIiwidGFnIjoiIn0%3D
.doubleclick.net/	1970-01-21 10:43:09	Name: IDE Value: AHWqTUlHZj5le2ImEp2DtJXrNOdF6J-GOyWkWgkoqUdyYCRK_2o1ZicSsO829m5C
.adsrvr.org/	1970-01-21 10:07:09	Name: TDCPM Value: CAEYBSgDMgsIoOO6rJilyD0QBUIWIhQIARIQCgxzdXBwbHl2ZW5kb3IQAVoHYmhpcGMzcmAB

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://tb-go.xyz/ Message: Refused to execute script from 'https://tb-go.xyz/iframe_api' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://tb-go.xyz/assets/resources/webcontent/styles/ShipAbandon.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tb-go.xyz/ruxitagentjs_ICA7NVfgqrux_10289240325103055.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://tb-go.xyz/ Message: Refused to execute script from 'https://tb-go.xyz/signals/config/286726385262010' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://tb-go.xyz/ Message: Refused to execute script from 'https://tb-go.xyz/rec/integrations' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
javascript	error	URL: https://tb-go.xyz/ Message: Access to XMLHttpRequest at 'https://ups.blueconic.net/DG/DEFAULT/rest/rpc/500?referer=https%3A%2F%2Ftb-go.xyz%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-11-29T16%3A25%3A16%2B01%3A00&ts=1732893916247' from origin 'https://tb-go.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ups.blueconic.net/DG/DEFAULT/rest/rpc/500?referer=https%3A%2F%2Ftb-go.xyz%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-11-29T16%3A25%3A16%2B01%3A00&ts=1732893916247 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://tb-go.xyz/ Message: Refused to execute script from 'https://tb-go.xyz/gtag/js' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://c.go-mpulse.net/api/config.json?key=TADEN-6MDCS-UHH5M-YHPKQ-2GBH3&d=tb-go.xyz&t=5776313&v=1.792.0&if=&sl=0&si=13cccc1d-4503-4276-9c85-9e57691bb12a-snpxi3&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,BFCache,LOGN&acao=&ak.ai=265833 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://tb-go.xyz/ Message: Refused to execute script from 'https://tb-go.xyz/Mqr2fn/i99hV/nKplo/Wg/N7YGLbYf1X/PxVSYg/Ty0cAE/gvIgQB' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://tb-go.xyz/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6451349.fls.doubleclick.net
aap-p.ups.com
akamai.tiqcdn.com
api.company-target.com
c.go-mpulse.net
dpm.demdex.net
id.rlcdn.com
insight.adsrvr.org
match.adsrvr.org
media-us1.digital.nuance.com
s.company-target.com
s.go-mpulse.net
tag-logger.demandbase.com
tags.tiqcdn.com
tb-go.xyz
ups.blueconic.net
www.ups.com
www.youtube.com
id.rlcdn.com
ups.blueconic.net
13.107.246.45
13.33.187.116
142.250.185.134
18.173.205.127
18.66.102.85
188.114.96.3
2.19.216.168
2.19.225.116
2.23.196.132
216.58.206.78
23.201.253.231
3.161.82.90
34.96.71.22
52.207.131.128
52.214.247.153
52.223.40.198
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
027d74a942f3639c57c98d115b7311e515300fa610e2b7143d7a51dba2ab6a28
10e7a69355297c553ad1d4ad6e23ed4aa81bd23e3d0a6f41a580d2d8dba3f6d0
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
16350a55bf86fc28abcdec9b484e6ee835b67d471bdc9f2ae91e1255ea7cd88d
18f66b7ccbef28fbffe4a0726a2336bd80e8e4ed6daf08784f77761d9b35bf1c
1cd66ca1b4859745b29607380018c62602103e1edc1c05deb09405e4de0f86b9
21c18138136419bd7a223ac54f1bf1d4536cb58950eb2359a01dbff8c3bd5f60
227db6f793cfa2f4a48ff5b82417440b6b7b14c1f925e126b9771955ac8cc63e
2835b358aaaa329f9a4bb47936c96687202ca24774a2e1c78251a596f2b01fa5
2b55d57c97138bdc965fe2214cfa5101f06fac526e7e3400e76ebc12472b0780
2cb7b06120ce8d71bfd4824c6d4d20f3f47195cb927c4a60dcb05c1b27f4aab2
3082755151bd0822c4f86b18da668a85e03ef9c05e4a8251f7b013e1d7b277a3
3566b2b6a3c342320820be8e5d92fa8efd9b9085fd5c8110457a509eec0828c3
3a95689e90e588b166f7b3ecd334959a2d6a3da1d73d557c8fb72fa10cf465dd
3b604f1e389d668b8535edb53e650780275dfa02e874ecc98c8f72c38662799f
3e9b1ad7766539407fa65dac1d7504cf1ef41aaa2dfc1c7c0e01dbbc382ad516
444b94c2f00b433b4297bc32a247be7d30db791abb13d9d77bbec032c141eb46
45c979925759aa59839f35d4ece495959ef664ba3acf9cf25cdd156f3479ab59
495be0d879464b7a8ad01011b69da704496a43a9cc2f4a8edb92a414527bd113
498ca541f7c0adcaadd0d5e274a8891e5ceec8bb191228f675533ae4e94aff50
499d4e7f4cfb77015daaf7c5c7afa55bc7998e66eef588220918f16443668edd
4bee6952e3c65ca306993ac329e88cd15ae16205a3562085177910f666820232
4f543ad26c42709ef00a1921f7dd1aa27a1930a354ecb353196665e43dac3706
4fab1dbe30e8ff5b2b88f3175638cee6011f8c5ec952a555216436ca3045cd5b
588116a2e863ba8710eb7f5f996ff4cca491ed57f87e986ad06f9c2870d78f0e
5a05dd977a6fd10bfc5787c4b4d335bf711d8bc34fb90cfa58d006c2afbd3f1e
5ccf6bafadbccca28f49ffdb6a2c2515a101a27bfa277f8bd822226e8625441b
5fce1e38ce56a7e63a78d5811e54679dba8cd15d6455cf312f4d2bd886e42d36
6516d57a0c50cdd4ad3afc1ab656cf35a72163d4a6019dd54f4fc5ed5bc2fa69
6af8decde58d97accbd26f601aaac5977eee25daf58a4532a73b4caccfdd1cc7
714e572d89d556563c1364be11abf53243e01bec73dcec44bf812fa77059b385
786246b1f2d93e093aedaae29e417e119d5cad0e033a908b12e0f5840f202b82
814cb5cf0bb1729c47a4669cc27c141fd845f969f955574361120c39a12f5608
84f130d7425f3ca758137acc3a45d7242fafca33f67f212b03277cbf6774917b
888318b870d2be563e7a01a5c7a98cbc31010300fa71b9c834f9264ef5aa4529
95202acb1dba479b44d42a18e4cc5cea755d755d6bfba29a6ebb9a46c63b7804
9ca2236bb4ec1714e173cecb6bcc95c82e12df204c7d4c87fe4b9f01135efce8
9f5ae3f644595dc6c5aa69ae618a108102bb62e1a38a50b89fd7af1b8ffe5eae
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3ca6c5d894e72297c1021cee75b151ddb41083f3b07e2ec479b609267d3c1d6
a549adbd193f091a69c8995eb7b34c5ec73ef15f098af300cb297f78254e1013
a6d1202fa85766379376e3dea69a32aca8ffb3ac4cfd8652f174582fadaca544
a9be050cd531fa9a5f06f2e209829ea95edae28a8425908462ef55fd82979a89
aa46059acb86b732f7ed3585dbc301fe4259f1e3bd72d2e7e69c2fa685c9cbdf
aaa3677440f44dc9c11249cf6291644c13c1b0eeb7ba01325ed493178f7a10a6
b0f4f51d8a7784e0b8da57b950a394bcc4cf577f43ae32ef4d35351c88b72cc9
b51cc7ac6b354d1705835d0d66855798c0b4a3d602fc56ac971bcbc9928a28c0
b54b79ee86c7b666f57df9ff19d0f3483ae330b18d0aebc3dcc053d0ee8e0e02
b62f2bee3449c4f82802754b45e374e93c12198404f5b912321e8d3a7ba1621b
b9100de7c62e6b4b8d2b2fd365942720bd8532b7f932833326e16bba8610f804
beff422234e38299d7e64d2aa38291004fbc2acb460dc39178f87df9d4ede9cc
c54a730394f47a040134beab422547426e7c7cd516a4d8865d2abc4871f6cbca
c87576f2113d5c9fd03fad504cbdc97880428fb1aa2645fd47af0a50be8ff82d
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
d2db9c3ca14fbcef6183b08fb1fdfc90d6c3c29fa70c611925259839df49070b
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d496395275738e3818ebf44cd1dd9844663d906bde6add6be72ac8e944b10f82
d4ea3ebba116eb9aff5e6d39c3e930e0282c2c238a1d78f35d816dceef1fe2c8
d5b868316ff626fd5a5be49dea43d922ea29c38d0114770820b16da1ea41f005
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
d956606238423fa46ef6e1d5936408f718db051480adeeb00ca4d9f19747254b
e047153357fbf19a10b87948423fc7ad140ab7a6ef58367b8fdc9af543ca5473
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50e444f8e583f317127ff039f7725bf4b7bb762c902794ab3581549daddd6ae
f260cdb2c6d555f0e2b0aba0d2373224f98ec96b1daf87482c9f1fa1d3f84974
f452fe511b40b92936b114a654e2e87ea44c99c642433db45fe78d1a1d55557a
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
f9329217c097881a1332452dd3b0c08235636b4acfe5bb721af7e6d087210c29
f935413246aa9088aefdf7f3700b5b30403f6ebd213f04aeb5639e91044ebe6e
ff4424e09f2259d2a4dada8bd2fb9be5531f778ee4aa64d7b1679e5a9a541c6b

tb-go.xyz Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

98 %HTTPS

0 %IPv6

13 Domains

18 Subdomains

17 IPs

5 Countries

2877 kBTransfer

5900 kBSize

22 Cookies

2 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tb-go.xyz Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

17
IPs

5
Countries

2877 kB
Transfer

5900 kB
Size

22
Cookies

81 HTTP transactions
2 data transactions