www.ffcrarefund.com Open in urlscan Pro
63.35.51.142  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1721975038121&url=https%3A%2F%2Fwww.ffcrarefund.com%2F&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1721975038121&url=https%3A%2F%2Fwww.ffcrarefund.com%2F&tm=gtmv2&e_ipv6=AQLo4iRW0h0KqwAAAZDtteEV5R1J2JJ_pxO6z7p2r3mqjDgPK4m9AmSm1eJLAjMf5lpbbasJAd9gH8BWNTkpjLoJpOympg

Request Chain 68

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=75189739683C4DAE978590457210584A&RedC=c.clarity.ms&MXFR=18F8D3E4EE79696B3D54C72CEA7967AA HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=75189739683C4DAE978590457210584A&MUID=1781243516986C781CE930FD174A6DDE

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ffcrarefund.com/	91 KB 17 KB	1064ms 602ms	Document text/html	63.35.51.142 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 63.35.51.142 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-35-51-142.eu-west-1.compute.amazonaws.com Software / Resource Hash 051fc80e69bac28a71614e32090b4098e6c41504579d1739a2fad1be6424c652 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 0 content-encoding gzip content-length 16812 content-type text/html date Fri, 26 Jul 2024 06:23:56 GMT vary x-wf-forwarded-proto, Accept-Encoding x-cache MISS x-cache-hits 0 x-cluster-name eu-west-1-prod-hosting-red x-lambda-id f1d7385d-5362-4f41-ad35-8bbd9f5cbc6b x-served-by cache-dub4353-DUB x-timer S1721975036.330463,VS0,VE535
GET H2	200	adesso-3fedb4-652fc735a475537b9d94a90ca.webflow.4bab011f4.css assets-global.website-files.com/648a50629a9c4e569d3b3a54/css/	113 KB 21 KB	530ms 480ms	Stylesheet text/css	2600:9000:21f3:9600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/648a50629a9c4e569d3b3a54/css/adesso-3fedb4-652fc735a475537b9d94a90ca.webflow.4bab011f4.css Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 21412bc0f0dbb9730eeb425d13c8ac54f166788a771582def8489d927cc8cc24 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:58 GMT content-encoding gzip via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) x-amz-version-id cw0QV3KK4D4HhJcI7Pe39zw08xXycIEs x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 20790 last-modified Mon, 05 Feb 2024 20:54:52 GMT server AmazonS3 etag "7b70db43ebea1229ad24ad99c918357f" content-type text/css access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id svH4U9ztmNF90AbeH01WgciSdmgESEZXZ-778qCflbRFycrtUC-aaQ==
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	49ms 10ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 14:44:34 GMT content-encoding gzip x-content-type-options nosniff age 56362 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 25 Jul 2025 14:44:34 GMT
GET H3	200	weglot.min.js Show response cdn.weglot.com/	132 KB 46 KB	57ms 26ms	Script application/javascript	2606:4700::6812:620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.js Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79bad9a09456158f7afdd67c996513eb4c4eb1e69eff817751c35974812baf81 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:56 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT via 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 345 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 23 Jul 2024 13:33:33 GMT server cloudflare etag W/"407804c628e403aad6ed1567d7123def" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=1800 cf-ray 8a924dccf95e9290-FRA x-amz-cf-id SYHS9JJHlnvOkTNbiKeA7tB-2EzmWDExT1YE4xtX_KUQuHQGjrTHhw== expires Fri, 26 Jul 2024 06:53:56 GMT
GET H2	200	scrollreveal.min.js Show response unpkg.com/scrollreveal@4.0.0/dist/	16 KB 8 KB	67ms 29ms	Script application/javascript	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/scrollreveal@4.0.0/dist/scrollreveal.min.js Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9272231d83750052eb424ba589b26945e892c4a8541a1215521c74198b083e33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:56 GMT content-encoding gzip via 1.1 fly.io cf-cache-status HIT x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload age 11617353 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HRWM67GM75QDXV2CTXWFKX6R-fra server cloudflare etag "4009-olFGSVMkRiWLiX8td2OR9arAZMQ" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8a924dcd098a6919-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	325 KB 107 KB	51ms 27ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LQHXBMYWXW Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f9f883299e4ead8265aefa0f6cba2eeb0e7a5aabfa15c0d64cd4df642c725367 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:57 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 108960 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 26 Jul 2024 06:23:57 GMT
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 30 KB	47ms 9ms	Script application/javascript	18.244.20.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=648a50629a9c4e569d3b3a54 Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.20.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-20-109.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://www.ffcrarefund.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 07:57:00 GMT content-encoding br via 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront) age 80816 x-amz-cf-pop FRA56-P11 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary Accept-Encoding x-amz-cf-id bm35DEWOwe6f9Q11G9Zmr7FoaSK1Gf1nsaSHUJQUHIXMBQmTw2oA0g==
GET H2	200	webflow.9e1cf7472.js Show response assets-global.website-files.com/648a50629a9c4e569d3b3a54/js/	183 KB 67 KB	76ms 27ms	Script text/javascript	2600:9000:21f3:9600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/648a50629a9c4e569d3b3a54/js/webflow.9e1cf7472.js Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2701db8d7049f4b963c6d821cec39d257ba66420022991d3a246bb3f9c92b674 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 00:28:58 GMT content-encoding gzip via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) x-amz-version-id _ArhqLeakBM3RjvOYRi7BUX1Nm6JlELm age 21299 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 68516 last-modified Mon, 05 Feb 2024 20:54:52 GMT server AmazonS3 etag "31877efcdcdbd848a024cc16d68fc7e0" content-type text/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id uCyYsPpJ5tKknB4qHkhcBJjaegLK60WRbJHIGFbKrmPdlWiSh7IpPA==
GET H3	200	widget.js Show response referral-factory.com/assets/js/	20 KB 7 KB	82ms 45ms	Script application/javascript	2606:4700:3036::ac43:9406 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://referral-factory.com/assets/js/widget.js?code=szqa5p&title=Refer+Friends&color=ffffff&color_light=151265 Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9406 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89f119a16dc611524c0551bbd059cf06b6cd7788916372d62fe952e301be042f Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:56 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 29 Apr 2024 12:58:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"662f9976-5185" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m71aHJAhuqXRBbpw5BqxNypsni21Ho7Y%2BbfQELMTprOAebYP1uHHvjK%2F3lMYb5Q6UAJTVH9LWrwma7yCDxET2BqDQdMoMZtXMJ2wgdyyuIXDzuXxsT95eArf0EGjDUsX2VNxVlaagg8Ng8imbfMJmxm6Ug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=604800 cf-ray 8a924dcd0e5c9010-FRA alt-svc h3=":443"; ma=86400 expires Fri, 02 Aug 2024 06:23:56 GMT
GET H2	200	slick.min.js Show response cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/	42 KB 11 KB	58ms 20ms	Script application/javascript	2606:4700::6812:bb1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 7151270 x-jsd-version 1.8.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 10412 x-served-by cache-fra-eddf8230096-FRA, cache-lga21927-LGA x-jsd-version-type version server cloudflare etag W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPdJtJXIQKIXjJKW6mN4U2JsdmXTo5T2pUUekEHOkb%2FXtS2MztnYH6LhT2IMCQ87BacQM1dFO%2FflLlhGJ9LQelFYBXKmQdpFRlNZBlKXN3ezkb5sgGxIvxPOzmEUKsKylFHkZ98nkYvlzoqdPCI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin * cf-ray 8a924dcd0c551994-FRA
GET H2	200	adelphic_universal_pixel.js Show response js.ipredictive.com/	2 KB 2 KB	54ms 11ms	Script application/javascript	18.66.112.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.ipredictive.com/adelphic_universal_pixel.js Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-13.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 05:47:24 GMT via 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront) last-modified Wed, 08 May 2024 18:25:43 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 2197 x-amz-server-side-encryption AES256 etag "83b469155694c51d4c5581028a6788bc" vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Origin x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 2108 x-amz-cf-id 3OAyiOEwBKHnhWFmJkXIK9gtbLlao2NPRw-yNHfLMAIls8-FmAg0KQ==
GET H2	200	css fonts.googleapis.com/	37 KB 2 KB	122ms 18ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0320c821b3091f0bf7d80f7054a95ae880d408eba7dc1720f4f9f0a5ba27db41 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 26 Jul 2024 06:23:57 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 26 Jul 2024 06:23:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 Jul 2024 06:23:57 GMT
GET H3	200	16a1784e40a0afdbb1929636736a07287.json Show response cdn.weglot.com/projects-settings/	2 KB 1 KB	51ms 23ms	Fetch application/json	2606:4700::6812:620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/projects-settings/16a1784e40a0afdbb1929636736a07287.json Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce546db09aaf64a40e42d90ac771f26b72d86f24bca661c516bfe4d4d1fcd296 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:57 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT via 1.1 b0311c7e530c126dd286898583b59e4c.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop VIE50-C2 age 138407 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 last-modified Thu, 18 Jul 2024 15:38:12 GMT server cloudflare etag W/"275106257309b649da2c3d88a0d6511b" vary Accept-Encoding access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control public, max-age=60 cf-ray 8a924dd0fdf290fa-FRA x-amz-cf-id GaOFg1OIMgsz3DalFtPZHBoeSpRaBCKuc3A_b1TU2GhIb37CkftI2g== expires Fri, 26 Jul 2024 06:24:57 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	267 KB 93 KB	30ms 27ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-M494K7N Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cfce046e663416d24d6e9f9c7661a2aae5184a17bf6642761220882cf9142a79 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:57 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95529 x-xss-protection 0 last-modified Fri, 26 Jul 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 26 Jul 2024 06:23:57 GMT
GET H2	200	tag.js Show response d34r8q7sht0t9k.cloudfront.net/	2 KB 3 KB	487ms 401ms	Script text/javascript	2600:9000:275d:6a00:1b:e40d:4a00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d34r8q7sht0t9k.cloudfront.net/tag.js Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275d:6a00:1b:e40d:4a00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a93fd10ea129d3bc88f95641b9b3c09fd92ff501cc72cb5a6e6b1accd91fa98f Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:58 GMT via 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront) last-modified Tue, 18 Jun 2024 14:42:31 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 etag "88c0662d116e7f4c00601e31cb41ab74" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type text/javascript accept-ranges bytes content-length 2557 x-amz-cf-id w7wbUAqAHGla5GYmJW8y3vZzM8kKSlNoaNsEW_yGHFtOq-sRaE84AQ==
GET H2	200	648a50629a9c4e569d3b3a61_A360%201.png assets-global.website-files.com/648a50629a9c4e569d3b3a54/	17 KB 17 KB	26ms 25ms	Image image/png	2600:9000:21f3:9600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/648a50629a9c4e569d3b3a54/648a50629a9c4e569d3b3a61_A360%201.png Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1cff5ac5979e58cc43de2840b3abc33dc2b8e029f81e802f398c650f1741d97c Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 05:37:15 GMT x-amz-version-id D3eRO.rMYobkB1ihN0xqXbPgONEiYS5n via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) age 2803 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 16937 last-modified Wed, 14 Jun 2023 23:42:28 GMT server AmazonS3 etag "fee28bc9f1549b41430e5cf0d00b5a4a" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id olyxLi4G1Y3XDiWtqzBuFwWEaUa2lSu6NKS6wvytVrnG5Aj_fuBm9Q==
GET H2	200	648a50629a9c4e569d3b3a7b_AdobeStock_164346878_1-p-800.jpg assets-global.website-files.com/648a50629a9c4e569d3b3a54/	82 KB 82 KB	495ms 494ms	Image image/jpg	2600:9000:21f3:9600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/648a50629a9c4e569d3b3a54/648a50629a9c4e569d3b3a7b_AdobeStock_164346878_1-p-800.jpg Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 56d9cfdacfa806112cbcee726f204bcff890f3b3218d479d9a77072f1ca66e5e Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:58 GMT x-amz-version-id RtI4PIbrDG02EPMXazTdgrxwoJvmbBp5 via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Wed, 14 Jun 2023 23:42:28 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "0a2afb26a6b59b173f321fb428898043" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpg access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-length 83575 x-amz-cf-id TJ3IaNkkled9e8VRGsyl-JAH0G75TLt6P-uJ4wAErePZ6YfgygBDgA==
GET H2	200	648a50629a9c4e569d3b3a7c_IRS%20Internal%20Revenue%20Service%201.svg assets-global.website-files.com/648a50629a9c4e569d3b3a54/	8 KB 3 KB	27ms 27ms	Image image/svg+xml	2600:9000:21f3:9600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/648a50629a9c4e569d3b3a54/648a50629a9c4e569d3b3a7c_IRS%20Internal%20Revenue%20Service%201.svg Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash af43312bae6285ed7a1da7aa13091a4223d7fe7d2f56ca7f2d8c9706b5730a34 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 05:37:15 GMT x-amz-version-id xbAllO2fJrN9zVADy8GXHHva4FArUpPA content-encoding br via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) age 2803 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 14 Jun 2023 23:42:28 GMT server AmazonS3 etag W/"9e11d213da47e6ffd34ef9ed09701695" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id HMTMryjnBs8zqHCsIKd5jGTpv56KSuCpt6o-N0hMaxzcTYgvP3V4aA==
GET H2	200	648a50629a9c4e569d3b3a98_Adesso_Smartphone-Mockup%25201-p-800.png assets-global.website-files.com/648a50629a9c4e569d3b3a54/	137 KB 138 KB	27ms 27ms	Image image/png	2600:9000:21f3:9600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/648a50629a9c4e569d3b3a54/648a50629a9c4e569d3b3a98_Adesso_Smartphone-Mockup%25201-p-800.png Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b2cbaaea532d77ce41a5ac66dbe5ee9d2fef88755c21f44840ed9eb8511788bc Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 05:37:15 GMT x-amz-version-id H9BSEi7sliLPWID0y6r3GY_n_66ojvDP via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) age 2803 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING content-length 140203 last-modified Wed, 14 Jun 2023 23:42:28 GMT server AmazonS3 etag "91b1666d30d71a8c63f70c396409ed4f" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id Kfyy3V4sKcA6cT9TK70A7EnVzbCVJqEWhqgRM0IAL4Qodn3v2rqsJQ==
POST H2	204	collect region1.google-analytics.com/g/	0 0	41ms 16ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-LQHXBMYWXW&gtm=45je47o0v9119472093za200&_p=1721975037546&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1508808913.1721975038&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721975037&sct=1&seg=0&dl=https%3A%2F%2Fwww.ffcrarefund.com%2F&dt=Self-employed%20Tax%20Credits%20%7C%20FFCRA%20Tax%20Credits&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1905 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LQHXBMYWXW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 26 Jul 2024 06:23:57 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.ffcrarefund.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H3	200	widget js.referral-factory.com/szqa5p/ Frame	0 0	105ms 74ms	Preflight text/html	2606:4700:3032::6815:2995 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.referral-factory.com/szqa5p/widget Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:2995 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers access-control-allow-headers,access-control-allow-origin,content-type Access-Control-Request-Method POST Origin https://www.ffcrarefund.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-origin * allow POST alt-svc h3=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 8a924dd23ab890e2-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 26 Jul 2024 06:23:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UvSPBSArrK54nlW5UVWtkq9WWMGB2o0QZ3u8f%2FyTGI%2BoWQo4pXAnHpQ%2Bs6O2eZot9RrO%2B1MqUpwGUoCO9KG0GOPtNlOQMs3wPjyameK28bbiR%2FekI4XINQ8D5Vp9nrAzZr5jzomlKdDFETLonDWTtbqFSQ6O6A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
POST		widget js.referral-factory.com/szqa5p/	0 0
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	65ms 8ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 15:27:45 GMT x-content-type-options nosniff age 226572 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 15:27:45 GMT
GET H2	200	JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 fonts.gstatic.com/s/montserrat/v26/	33 KB 34 KB	54ms 44ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:55:56 GMT x-content-type-options nosniff age 228481 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34288 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:52:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 14:55:56 GMT
GET H2	200	S6u8w4BMUTPHh30AXC-q.woff2 fonts.gstatic.com/s/lato/v24/	21 KB 21 KB	47ms 37ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHh30AXC-q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 07:50:51 GMT x-content-type-options nosniff age 167586 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21508 x-xss-protection 0 last-modified Tue, 02 May 2023 15:29:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 24 Jul 2025 07:50:51 GMT
GET H2	200	S6u-w4BMUTPHjxsIPx-oPCI.woff2 fonts.gstatic.com/s/lato/v24/	17 KB 17 KB	33ms 24ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u-w4BMUTPHjxsIPx-oPCI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 00:03:59 GMT x-content-type-options nosniff age 281998 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17072 x-xss-protection 0 last-modified Tue, 02 May 2023 15:10:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 00:03:59 GMT
GET H2	200	S6u9w4BMUTPHh7USSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	73ms 64ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 09:46:17 GMT x-content-type-options nosniff age 247060 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23236 x-xss-protection 0 last-modified Tue, 02 May 2023 15:08:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 09:46:17 GMT
GET H2	200	S6u_w4BMUTPHjxsI9w2_Gwft.woff2 fonts.gstatic.com/s/lato/v24/	17 KB 17 KB	34ms 25ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:23 GMT x-content-type-options nosniff age 34 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17728 x-xss-protection 0 last-modified Tue, 02 May 2023 15:08:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 26 Jul 2025 06:23:23 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	41ms 32ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 15:02:44 GMT x-content-type-options nosniff age 228073 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 15:02:44 GMT
GET H2	200	S6u8w4BMUTPHjxsAXC-q.woff2 fonts.gstatic.com/s/lato/v24/	24 KB 24 KB	50ms 41ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:56:14 GMT x-content-type-options nosniff age 239263 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24408 x-xss-protection 0 last-modified Tue, 02 May 2023 15:14:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 11:56:14 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	26ms 18ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:58:29 GMT x-content-type-options nosniff age 239128 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23040 x-xss-protection 0 last-modified Tue, 02 May 2023 15:07:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 11:58:29 GMT
GET H2	200	S6u_w4BMUTPHjxsI5wq_Gwft.woff2 fonts.gstatic.com/s/lato/v24/	24 KB 24 KB	76ms 67ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:56:24 GMT x-content-type-options nosniff age 228453 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24448 x-xss-protection 0 last-modified Tue, 02 May 2023 15:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 14:56:24 GMT
GET H2	200	S6u9w4BMUTPHh50XSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/	22 KB 22 KB	35ms 26ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 14:54:32 GMT x-content-type-options nosniff age 228565 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22504 x-xss-protection 0 last-modified Tue, 02 May 2023 15:12:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 14:54:32 GMT
GET H2	200	S6u_w4BMUTPHjxsI3wi_Gwft.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	43ms 35ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI3wi_Gwft.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.ffcrarefund.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 12:17:16 GMT x-content-type-options nosniff age 238001 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23736 x-xss-protection 0 last-modified Tue, 02 May 2023 15:11:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 12:17:16 GMT
GET H3	200	weglot.min.css cdn.weglot.com/	28 KB 5 KB	29ms 28ms	Stylesheet text/css	2606:4700::6812:620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.css?v=6 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35638404c448909f695c198049e27b151876151b68f65e4f8d183ede75150e14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:57 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT via 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 1275466 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 09 Jul 2024 13:58:55 GMT server cloudflare etag W/"dca11c08c28cf77d8aa88274c8e81c5f" vary Accept-Encoding access-control-allow-methods GET content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8a924dd27d549290-FRA x-amz-cf-id AFEIzOMjIaGd4qcZd6eGONYUav1uJ4n2sNokbb1P_8fvkUId9CpyhA== expires Sat, 26 Jul 2025 06:23:57 GMT
GET H3	200	gb.svg cdn.weglot.com/flags/rectangle_mat/	607 B 824 B	33ms 31ms	Image image/svg+xml	2606:4700::6812:620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.weglot.com/flags/rectangle_mat/gb.svg Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 720d4a3364adb0f6dab95c8339fc8538a4388e302b8a8173d401e8471998ebf1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:57 GMT x-amz-version-id null via 1.1 04e9e9d9b90b8bb096dac156f847c1a6.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop DUS51-P3 age 11617368 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Fri, 16 Feb 2024 16:04:53 GMT server cloudflare etag W/"006007133f2f5769b083935b65c12e4e" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8a924dd29d6e9290-FRA x-amz-cf-id c14-dPtGRJug5FHGcVw-396hti5MFM-NFaaKh5cycisuBIxUbYQRqg== expires Sat, 26 Jul 2025 06:23:57 GMT
GET H3	200	es.svg cdn.weglot.com/flags/rectangle_mat/	89 KB 17 KB	34ms 32ms	Image image/svg+xml	2606:4700::6812:620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.weglot.com/flags/rectangle_mat/es.svg Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddc451027c83a11707ac910f223f84f7bc51f3881197223978e2a717efa64c57 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:57 GMT content-encoding gzip via 1.1 28b2547a012b744c90796693b582d83c.cloudfront.net (CloudFront) x-amz-version-id null cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop AMS58-P6 age 11617368 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 last-modified Fri, 16 Feb 2024 16:04:52 GMT server cloudflare etag W/"96b4be850a4d40bcea53825f0a5464ee" vary Accept-Encoding content-type image/svg+xml; charset=utf-8 cache-control public, max-age=31536000 cf-ray 8a924dd29d709290-FRA x-amz-cf-id poKDUEZtkjcslQZisLvc827jSeg-jyeDy-dFkcYZvD_d5KtVmZ8BSw== expires Sat, 26 Jul 2025 06:23:57 GMT
GET H3	200	cn.svg cdn.weglot.com/flags/rectangle_mat/	870 B 831 B	34ms 32ms	Image image/svg+xml	2606:4700::6812:620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.weglot.com/flags/rectangle_mat/cn.svg Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e07c80556b70af6bdc1478f2a424afe7a876db3b7de55b067625e7d776a7ef22 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:57 GMT via 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront) content-encoding gzip x-amz-version-id null cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P4 age 11622224 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Fri, 16 Feb 2024 16:04:52 GMT server cloudflare etag W/"7455bf10db798a12af88fab032be7fce" vary Accept-Encoding content-type image/svg+xml; charset=utf-8 cache-control public, max-age=31536000 cf-ray 8a924dd29d719290-FRA x-amz-cf-id 3-bXMzzLA7IBuyzgDJAWrnFaVUy2hh1CZlmmsY6NCeOgVB8Fu4WRnA== expires Sat, 26 Jul 2025 06:23:57 GMT
GET H/1.1	200 OK	event ad.ipredictive.com/d/track/ Frame 666D	0 0	428ms 101ms	Document text/plain	54.165.192.118 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ad.ipredictive.com/d/track/event?upid=108224&cache_buster=1721975037&url=https%3A%2F%2Fwww.ffcrarefund.com%2F&p1=%5BButton+Name%5D Requested by Host: js.ipredictive.com URL: https://js.ipredictive.com/adelphic_universal_pixel.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.165.192.118 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-165-192-118.compute-1.amazonaws.com Software / Resource Hash Request headers Referer https://www.ffcrarefund.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Date Fri, 26 Jul 2024 06:23:58 GMT X-CI-RTID c989da25-8197-4677-99ae-5c490080ac83
GET DATA	200 OK	truncated /	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	bat.js Show response bat.bing.com/	49 KB 14 KB	115ms 31ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M494K7N Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 26 Jul 2024 06:23:57 GMT last-modified Sat, 13 Jul 2024 20:42:16 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 98FE27A2F1A242BF805ECD570610D516 Ref B: FRAEDGE2016 Ref C: 2024-07-26T06:23:58Z etag "044982565d5da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 14183
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	82ms 4ms	Script application/javascript	2a02:26f0:480:15::213:7e63 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M494K7N Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:58 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 24 Jul 2024 05:33:09 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=82095 accept-ranges bytes content-length 14597
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	224 KB 60 KB	59ms 9ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 26 Jul 2024 06:23:58 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58677 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=2793, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug +H3wzTVdwEgKHfUJHKfoQM7FFMy0Ja39hEyNLAKN+l9+wqhl+c/V4zMvjTaPYmYjnqVvmvBASZsqHpCwMDqDVw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	255ms 182ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJVPLJ3C77U2Q32CH7J0&lib=ttq Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 09738e9e01789c21baabc42e384aa3442a1e7de60450a10841c31fb146fe4571 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-akamai-request-id ec3c6ee.f569cca date Fri, 26 Jul 2024 06:23:58 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240726062358E223604CCE8506E3C8A5-0138138ACEF6F002-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) x-parent-response-time 169,2.20.179.79 server-timing cdn-cache; desc=MISS, edge; dur=110, origin; dur=62, inner; dur=6 content-length 1875 pragma no-cache server nginx x-tt-logid 20240726062358E223604CCE8506E3C8A5 x-cache-remote TCP_MISS from a23-32-16-72.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 62,23.32.16.72 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4b904600e88fe23abc656ab007ef3101bd5736b07567d1059872d2843a78ef2f506a9abe5aaccff2abe2f2f3cb3290a272cacda3dd310fae0df17e253f91e8ec96fc0985d760ec5ee023b05e5c07c2aa549784845bfd9e351ddfd282c58f82c764 expires Fri, 26 Jul 2024 06:23:58 GMT
GET H2	200	/ Show response ipv4.podscribe.com/	23 B 223 B	329ms 107ms	Fetch application/json	54.175.208.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ipv4.podscribe.com/ Requested by Host: d34r8q7sht0t9k.cloudfront.net URL: https://d34r8q7sht0t9k.cloudfront.net/tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.175.208.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-208-27.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash 2abd946d237f21288137af4a3525461adeca9cfc56a43564b723b46e08109e4e Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-origin * date Fri, 26 Jul 2024 06:23:58 GMT server awselb/2.0 access-control-allow-headers * content-length 23 access-control-allow-methods OPTIONS, GET, POST content-type application/json
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 622 B	239ms 168ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 26 Jul 2024 06:23:57 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 5E3280FA4C3F4CE29D16F77D840EBCA9 Ref B: FRAEDGE1521 Ref C: 2024-07-26T06:23:58Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://www.ffcrarefund.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYeII53s5/7i+d/29bZOQ==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 812 B	161ms 101ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=5459932&time=1721975038121&url=https%3A%2F%2Fwww.ffcrarefund.com%2F&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept * Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:58 GMT content-encoding gzip x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 539AE20C7F00425CB0E2E2CC6C96B9CF Ref B: FRAEDGE1606 Ref C: 2024-07-26T06:23:58Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-lva1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYeII53KGBfIGEZDW6Bxw== x-fs-uuid 00061e208e7728605f2061190d6e81c7
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1721975038121&url=https%3A%2F%2Fwww.ffcrarefund.com%2F&tm=gtmv2 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1721975038121&url=https%3A%2F%2Fwww.ffcrarefund.com%2F&tm=gtmv2&e_ipv6=AQLo4iRW0h0KqwAAAZDtteEV5R1J2JJ_pxO6z7p2r3mqjDgPK4m9AmSm1eJLA...	0 481 B	176ms 101ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1721975038121&url=https%3A%2F%2Fwww.ffcrarefund.com%2F&tm=gtmv2&e_ipv6=AQLo4iRW0h0KqwAAAZDtteEV5R1J2JJ_pxO6z7p2r3mqjDgPK4m9AmSm1eJLAjMf5lpbbasJAd9gH8BWNTkpjLoJpOympg Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:58 GMT nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 7A7965FD9B0B4E409061BF6B7E88D94F Ref B: FRAEDGE1920 Ref C: 2024-07-26T06:23:58Z linkedin-action 1 report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} content-type application/javascript x-li-fabric prod-lva1 x-cache CONFIG_NOCACHE x-li-proto http/2 content-length 0 x-li-uuid AAYeII5555yKsTwc3x2nbg== Redirect headers date Fri, 26 Jul 2024 06:23:57 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 83201CCFC0524437A36B0D0BFFC3060B Ref B: FRAEDGE1521 Ref C: 2024-07-26T06:23:58Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5459932&time=1721975038121&url=https%3A%2F%2Fwww.ffcrarefund.com%2F&tm=gtmv2&e_ipv6=AQLo4iRW0h0KqwAAAZDtteEV5R1J2JJ_pxO6z7p2r3mqjDgPK4m9AmSm1eJLAjMf5lpbbasJAd9gH8BWNTkpjLoJpOympg x-li-proto http/2 content-length 0 x-li-uuid AAYeII53IcX4je7bOGkvIQ==
GET H2	200	343075543.js Show response bat.bing.com/p/action/	4 KB 2 KB	52ms 48ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/343075543.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4c8bd8e17557011ddfdb9130b882d5c7dedf707f3a8b5a1b19a0b7e887061a08 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Fri, 26 Jul 2024 06:23:57 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F4A15BC8826848948AB30CFFBE7F2665 Ref B: FRAEDGE2016 Ref C: 2024-07-26T06:23:58Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	200	3490847011234950 Show response connect.facebook.net/signals/config/	68 KB 14 KB	198ms 197ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3490847011234950?v=2.9.162&r=stable&domain=www.ffcrarefund.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a4cb92a34a0073a673bc206a8393ce54bea26695be5f53e9c0db75c31afce769 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 26 Jul 2024 06:23:58 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=65, mss=1328, tbw=64209, tp=-1, tpl=-1, uplat=184, ullat=0 pragma public x-fb-debug s2+S/fkN1yygJdr0ZNYeFmnMv/wnEO/peUWe2bTBCQaZQmRbZPdxekB8spZ/K4TDs5yT6KEPpeVSlyyIBv4H5Q== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	343075543 Show response www.clarity.ms/tag/uet/	817 B 1 KB	635ms 258ms	Script application/x-javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/343075543 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/343075543.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b7628da9295e7f6e0b300c5d0b2405b4287a10582951d9001e72789407e282bd Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers expires -1 date Fri, 26 Jul 2024 06:23:58 GMT x-azure-ref 20240726T062358Z-r185d5857fbpfkrm1zmhwzes2w0000000dm00000000131zf x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 817 request-context appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
GET H2	204	0 bat.bing.com/action/	0 178 B	37ms 34ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=343075543&tm=gtm002&Ver=2&mid=c709748a-0d7b-457e-a9a4-42a30806afc8&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Self-employed%20Tax%20Credits%20%7C%20FFCRA%20Tax%20Credits&p=https%3A%2F%2Fwww.ffcrarefund.com%2F&r=&lt=2004&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=651120 Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 26 Jul 2024 06:23:57 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8308DE3AC40746D49E7FD2CDD1AD594E Ref B: FRAEDGE2016 Ref C: 2024-07-26T06:23:58Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	main.MWE2Zjk5MjBkNA.js Show response analytics.tiktok.com/i18n/pixel/static/	347 KB 99 KB	16ms 14ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJVPLJ3C77U2Q32CH7J0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 5c46270d73b9b7d97414625bc39dd7842784f8427c8b8bdfe6558d215c78c086 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-akamai-request-id f569fca date Fri, 26 Jul 2024 06:23:58 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2024072511481988EA15CB38A3637A679E x-tt-trace-id 00-24072511481988EA15CB38A3637A679E-47211129E3E59848-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 0153d09809d7c2e8b0832ada0d9b3d7a8d82b1533b413952dc3e73bac6124c286b13ea6ecd00c9720783b1e62553e087b51db1d2061b9ec76a2ca06917ad2685a32ff6b48487cddb9e848213811531e117e35496e38ea90d5ff4ca8abd14fb4bb6 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3 content-length 101045
GET H2	200	identify_59f29ac9.js Show response analytics.tiktok.com/i18n/pixel/static/	147 KB 40 KB	37ms 15ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_59f29ac9.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-akamai-request-id f56a0ed date Fri, 26 Jul 2024 06:23:58 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240723172110A5783681237BE6325AEE x-tt-trace-id 00-240723172110A5783681237BE6325AEE-5DFBC67976BBB326-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 014cf0e2ae59ab73fa756858375d5467efcbb76d5aeb8ddfe11bb8e1c6dea3516b1e6858dd2ce74316c0a4abe2f8489f65111299de585e9495fd42abcaf1ae282f1d4ae7102a652b25c5163e5c68297a6519b152c8c2561c374809713157611ff6 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4 content-length 39956
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 697 B	123ms 116ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f56a10b date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240726062358AE4186E86E0584385E68-6BE71EDDCDAEE49E-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=11, cdn-cache; desc=MISS, edge; dur=6, origin; dur=100 content-length 0 pragma no-cache server nginx x-tt-logid 20240726062358AE4186E86E0584385E68 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 101,2.20.179.79 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4bf6d820ee1de27700a018ced4a3a3c4bfc4aa61cf90139d30c05b48a32bd7f1251a01cd3c0220f27fe07e7e94d0dc43a5a3f7df5fce5ecbeac75c402fb823c7dd4748e94d3b9504d1146ee0d9bad40511 access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 700 B	195ms 188ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f56a10c date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2407260623585EC48FAD099126DED697-35627ECCB6ACC85E-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=77, cdn-cache; desc=MISS, edge; dur=8, origin; dur=166 content-length 0 pragma no-cache server nginx x-tt-logid 202407260623585EC48FAD099126DED697 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 166,2.20.179.79 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4bf6d820ee1de27700a018ced4a3a3c4bf598448a5786c2d71177608811f69dd4a43437e8264f1da1fb11bd2e280b44186367ca07c746461504514c7c06f6f0b61106646cbf5dd7a5e0b6f704d482ef318 access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 697 B	126ms 119ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f56a10d date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240726062358977B9B8AF752C1EA319A-6A3B461E9ECCEC6D-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=13, cdn-cache; desc=MISS, edge; dur=7, origin; dur=102 content-length 0 pragma no-cache server nginx x-tt-logid 20240726062358977B9B8AF752C1EA319A access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 103,2.20.179.79 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4bf6d820ee1de27700a018ced4a3a3c4bfac5ac2fba0d849eba8d9b108ba0a4212e6d0051205f32e67a1904139383fa5511e57be9b46c11fe3f0280a5dc310ed0a156fc04bf5aad421e09f2df61c4b8bf2 access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 697 B	124ms 117ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f56a10e date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2407260623584EA0E68B6E3BA0A0A8E4-241472AB916EC437-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=11, cdn-cache; desc=MISS, edge; dur=7, origin; dur=101 content-length 0 pragma no-cache server nginx x-tt-logid 202407260623584EA0E68B6E3BA0A0A8E4 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 101,2.20.179.79 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4bf6d820ee1de27700a018ced4a3a3c4bf5b56a6a3a0592ad77e39aa22af65d3e74346ff037083f543821c807338bc63fbbd55f4d69bccb50041cc702ae5a2270a4c8864b8252ebcf92ddb8ce0ea9f6534 access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 696 B	125ms 118ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f56a10f date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2407260623587803512A6F82449B81C9-0DB11A1EE9784E53-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=10, cdn-cache; desc=MISS, edge; dur=9, origin; dur=100 content-length 0 pragma no-cache server nginx x-tt-logid 202407260623587803512A6F82449B81C9 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 100,2.20.179.79 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4bf6d820ee1de27700a018ced4a3a3c4bffe64cf5d5902af9e87b38b34a401a25953390dea91f4a82d91a02d4f72252f2daa4212e06190f37ae1677ff66a4f55c5825d44d696aead3454ecb780cb7a5882 access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 836 B	125ms 119ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 3130a2d2.f56a110 date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240726062358A17D00E0F455CFDBCD9E-1777F6EBC38899E6-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) x-parent-response-time 102,2.20.179.79 server-timing cdn-cache; desc=MISS, edge; dur=94, origin; dur=15, inner; dur=11 content-length 0 pragma no-cache server nginx x-tt-logid 20240726062358A17D00E0F455CFDBCD9E x-cache-remote TCP_MISS from a23-32-16-84.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 15,23.32.16.84 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4b904600e88fe23abc656ab007ef3101bda98cde1e70413aa5a2d0330842b2e6ca38fdc557d2122ddb08f4b9de10b2ed0cd40abae0290f3fe6b40827fd2232e4bec0cdd406ec49fdf7fcbe591a76a5f3216f506dc0c50aa05422ffc2ecb624c371 access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 841 B	121ms 116ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 3be25af.f56a111 date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2407260623588DB4E87A2D49F7D51C93-733CBBB6C100CF84-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) x-parent-response-time 99,2.20.179.79 server-timing cdn-cache; desc=MISS, edge; dur=94, origin; dur=12, inner; dur=8 content-length 0 pragma no-cache server nginx x-tt-logid 202407260623588DB4E87A2D49F7D51C93 x-cache-remote TCP_MISS from a23-217-116-247.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 12,23.217.116.247 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4b7903d7bbf17e96978151ec6d2d22901eedd8dd2584d2cb25de7b3b9c148395e59c3be394a3d49b7e888c60075442ba61cefe00d0948e12b6132eec9d4c7eee4be5d6059f6f36b04e4ae2b5dd8a62aca48d0652851b14d47b6869b4b9a008f0b8 access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 698 B	273ms 267ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f56a112 date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2407260623581B70841F64DE4ED919F6-7D46F958859C93F4-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=142, cdn-cache; desc=MISS, edge; dur=7, origin; dur=233 content-length 0 pragma no-cache server nginx x-tt-logid 202407260623581B70841F64DE4ED919F6 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 233,2.20.179.79 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4bf6d820ee1de27700a018ced4a3a3c4bf5d16df420ddddf885242b4423743944448ca42e57c8f6a4b5ec6f4cc613202af21f4685a1c41683dd4ce7278c34aea7306a64212c6c9512593c7ab6c84b7b3f9 access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
GET H2	200	/ www.facebook.com/tr/	0 273 B	199ms 9ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3490847011234950&ev=PageView&dl=https%3A%2F%2Fwww.ffcrarefund.com%2F&rl=&if=false&ts=1721975038405&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721975038403.457910947720595712&cs_est=true&ler=empty&cdl=API_unavailable&it=1721975038162&coo=false&rqm=GET Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2819, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 26 Jul 2024 06:23:58 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	397ms 208ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3490847011234950&ev=PageView&dl=https%3A%2F%2Fwww.ffcrarefund.com%2F&rl=&if=false&ts=1721975038405&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721975038403.457910947720595712&cs_est=true&ler=empty&cdl=API_unavailable&it=1721975038162&coo=false&rqm=FGET Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Fri, 26 Jul 2024 06:23:58 GMT document-policy force-load-at-top x-fb-server-load 52 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7395826473672143202", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=17, mss=1328, tbw=3136, tp=-1, tpl=-1, uplat=200, ullat=0 pragma no-cache x-fb-debug pS5kfvgC1FCKhC/QuOvBFl2Aa9gJzdHMSMxCcUpjl9ec4z6VMAIu0d9TGFo6SlMnaXnPkdrLqsOBgnPgsTLvgw== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7395826473672143202"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 838 B	118ms 117ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 1f9f0bd3.f56a202 date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24072606235898E409D89767E3A21853-46E0DC2D74A1601E-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) x-parent-response-time 104,2.20.179.79 server-timing cdn-cache; desc=MISS, edge; dur=94, origin; dur=14, inner; dur=11 content-length 0 pragma no-cache server nginx x-tt-logid 2024072606235898E409D89767E3A21853 x-cache-remote TCP_MISS from a23-32-16-70.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 14,23.32.16.70 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4b904600e88fe23abc656ab007ef3101bd0c0c7e2182e5e10a93b6c4935d1ca913afc18855b166599a1bfe29d7860c6f88b5b1fedf7e7260a739bf8a9e5c7db53ca069c984ff87debacfc963f923f8fd336a73e33699edfb5748f8ddbdc2d7d102 access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
GET H2	200	tag verifi.podscribe.com/	42 B 567 B	464ms 222ms	Image image/png	2600:1f10:4c2d:4711:ece1:4130:b3b7:3c03 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://verifi.podscribe.com/tag?action=view&user_id=30a6f746-1c4d-44d2-8996-3528316e9313&advertiser=adessocapital&referrer=_&device_id=pscrb_c8e4a365-4ba3-4935-ebce-b56f2786ad5e&ipv4=45.141.152.73&url=https%3A%2F%2Fwww.ffcrarefund.com%2F&event_url=https%3A%2F%2Fwww.ffcrarefund.com%2F&source=js-tag+v1.0.4 Requested by Host: www.ffcrarefund.com URL: https://www.ffcrarefund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f10:4c2d:4711:ece1:4130:b3b7:3c03 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software awselb/2.0 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-origin * date Fri, 26 Jul 2024 06:23:58 GMT server awselb/2.0 access-control-allow-headers * content-length 42 access-control-allow-methods OPTIONS, GET, POST content-type image/png
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 700 B	254ms 226ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f56a581 date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240726062358280BF28EA9F8343FEB9A-3841C60ECD8E788C-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=113, cdn-cache; desc=MISS, edge; dur=12, origin; dur=205 content-length 0 pragma no-cache server nginx x-tt-logid 20240726062358280BF28EA9F8343FEB9A access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 206,2.20.179.79 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4bf6d820ee1de27700a018ced4a3a3c4bf0924b9494a3f146214048ef153024d65d5c9c8199cd03c7f62453fa89969611aa47d727972e0edd3f6be3427a966ae2e20653caa1639a3ee6748ec4109eb205b access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 700 B	171ms 143ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f56a582 date Fri, 26 Jul 2024 06:23:58 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240726062358772ABBD533BB3CD8B184-6B8DB5AF78868E38-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=16, cdn-cache; desc=MISS, edge; dur=14, origin; dur=122 content-length 0 pragma no-cache server nginx x-tt-logid 20240726062358772ABBD533BB3CD8B184 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 123,2.20.179.79 x-tt-trace-host 01b74a492ee33aa6d7de70d387da5c1b4bf6d820ee1de27700a018ced4a3a3c4bf3a27365527c3614f509f24b15343f6e7258455741831e326d7d2fcf789398b40688ef6a74c0bc3695a89bdf1fefd02e1be8ef9380ddf5d241f2d693dc1831e5f access-control-allow-headers Authorization,* expires Fri, 26 Jul 2024 06:23:58 GMT
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.41/	62 KB 26 KB	75ms 75ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.41/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/343075543 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:23:58 GMT content-encoding br last-modified Wed, 24 Jul 2024 00:36:01 GMT etag W/"0x8DCAB7897E68837" vary Accept-Encoding x-azure-ref 20240726T062358Z-r185d5857fbpfkrm1zmhwzes2w0000000dm0000000013208 content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id d758b9a5-e01e-003c-7065-dd071c000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=75189739683C4DAE978590457210584A&RedC=c.clarity.ms&MXFR=18F8D3E4EE79696B3D54C72CEA7967AA https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=75189739683C4DAE978590457210584A&MUID=1781243516986C781CE930FD174A6DDE	42 B 442 B	37ms 37ms	Image image/gif	13.74.129.1 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=75189739683C4DAE978590457210584A&MUID=1781243516986C781CE930FD174A6DDE Protocol H2 Server 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 26 Jul 2024 06:23:58 GMT last-modified Tue, 25 Jun 2024 19:30:12 GMT server Microsoft-IIS/10.0 etag "7473f1936c7da1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Fri, 26 Jul 2024 06:23:58 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8DFD4F907339490BB0BE9491252A99BA Ref B: FRAEDGE2016 Ref C: 2024-07-26T06:23:59Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=75189739683C4DAE978590457210584A&MUID=1781243516986C781CE930FD174A6DDE cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	648a51922ab1776a4a7415b1_6439afa1803177b66712b369_A360_Favicon.png assets-global.website-files.com/648a50629a9c4e569d3b3a54/	1 KB 1 KB	12ms 12ms	Other image/png	2600:9000:21f3:9600:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/648a50629a9c4e569d3b3a54/648a51922ab1776a4a7415b1_6439afa1803177b66712b369_A360_Favicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9600:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ff96f9f7af3da424413eb4d45846d94aaa5a06f1f52f10ec649232e64fd0b83d Request headers Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 05:37:42 GMT x-amz-version-id XhkWms21aAu77iUUWpCTe2Fu_W9I1mtx via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) age 2778 x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1071 last-modified Wed, 14 Jun 2023 23:47:31 GMT server AmazonS3 etag "b2db720737a93ac3b84868dae24ab5fa" content-type image/png access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 1-C2LmWgO0JkuS35O8xMbbpEDeWQwse8Zt8rZxUwkasaBfpP7-NL_Q==
POST H/1.1	204 No Content	collect Show response a.clarity.ms/	0 283 B	426ms 203ms	XHR text/plain	51.8.71.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://a.clarity.ms/collect Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.8.71.184 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin https://www.ffcrarefund.com Date Fri, 26 Jul 2024 06:23:59 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
POST H/1.1	204 No Content	collect Show response a.clarity.ms/	0 283 B	105ms 104ms	XHR text/plain	51.8.71.184 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://a.clarity.ms/collect Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkNA.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.8.71.184 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://www.ffcrarefund.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin https://www.ffcrarefund.com Date Fri, 26 Jul 2024 06:24:01 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

js.referral-factory.com

URL

https://js.referral-factory.com/szqa5p/widget