URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Submission: On July 20 via automatic, source openphish — Scanned from DE

Summary

This website contacted 35 IPs in 5 countries across 24 domains to perform 108 HTTP transactions. The main IP is 2606:4700:3037::6815:43c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is duoxpress.org.
This is the only time duoxpress.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
2 5 18.66.122.95 16509 (AMAZON-02)
6 2a03:2880:f02... 32934 (FACEBOOK)
1 2 13.32.121.73 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 199.232.136.157 54113 (FASTLY)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
21 18.66.122.93 16509 (AMAZON-02)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.122 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 34.230.222.24 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
3 8 142.250.186.70 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 92.62.136.158 15440 (BALTNETA ...)
1 138.199.37.226 60068 (CDN77 ^_^)
4 23.36.163.232 20940 (AKAMAI-ASN1)
6 2a03:2880:f12... 32934 (FACEBOOK)
1 2 2600:9000:223... 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.120.139.69 15169 (GOOGLE)
1 35.186.201.99 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
108 35
Apex Domain
Subdomains
Transfer
21 mweb.co.za
www.mweb.co.za — Cisco Umbrella Rank: 731970
151 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
6785438.fls.doubleclick.net
10304459.fls.doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 217
22 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 17
adservice.google.com — Cisco Umbrella Rank: 103
region1.analytics.google.com — Cisco Umbrella Rank: 5187
18 KB
9 google.de
www.google.de — Cisco Umbrella Rank: 4915
adservice.google.de — Cisco Umbrella Rank: 6937
2 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
86 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
753 B
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 164
505 KB
6 freshmarketer.com
cdn.freshmarketer.com — Cisco Umbrella Rank: 36947
ip.freshmarketer.com — Cisco Umbrella Rank: 98484
259 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
250 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1039
90 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
ajax.googleapis.com — Cisco Umbrella Rank: 350
32 KB
3 eskimi.com
dsp-media.eskimi.com — Cisco Umbrella Rank: 43337
dsp-trk.eskimi.com — Cisco Umbrella Rank: 36360
dsp-ap.eskimi.com — Cisco Umbrella Rank: 44275
4 KB
3 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 16071
pixel.quantserve.com — Cisco Umbrella Rank: 489
11 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 258
16 KB
3 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2219
kit-free.fontawesome.com — Cisco Umbrella Rank: 23252
20 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 698
script.hotjar.com — Cisco Umbrella Rank: 1004
73 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1093
2 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 819
35 KB
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 683
31 KB
2 duoxpress.org
duoxpress.org
6 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 134
15 KB
1 rookdsp.com
rookdsp.com
108 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 695
24 KB
0 mwebaws.co.za Failed
portalassets.mwebaws.co.za Failed
108 24
Domain Requested by
21 www.mweb.co.za duoxpress.org
7 www.google-analytics.com duoxpress.org
www.google-analytics.com
6 www.facebook.com duoxpress.org
6 www.google.de duoxpress.org
6 www.google.com duoxpress.org
6 connect.facebook.net duoxpress.org
connect.facebook.net
5 10304459.fls.doubleclick.net 2 redirects www.googletagmanager.com
adservice.google.com
5 www.googletagmanager.com 1 redirects duoxpress.org
www.google-analytics.com
5 cdn.freshmarketer.com 2 redirects duoxpress.org
4 analytics.tiktok.com duoxpress.org
analytics.tiktok.com
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 adservice.google.de 1 redirects adservice.google.com
3 adservice.google.com 6785438.fls.doubleclick.net
10304459.fls.doubleclick.net
3 fonts.googleapis.com duoxpress.org
3 cdnjs.cloudflare.com duoxpress.org
2 pixel.quantserve.com 1 redirects duoxpress.org
2 rules.quantcount.com 1 redirects duoxpress.org
2 6785438.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 googleads.g.doubleclick.net duoxpress.org
www.googleadservices.com
2 maxcdn.bootstrapcdn.com duoxpress.org
2 kit-free.fontawesome.com duoxpress.org
2 static.ads-twitter.com duoxpress.org
www.googletagmanager.com
2 static.hotjar.com 1 redirects duoxpress.org
2 duoxpress.org duoxpress.org
1 ad.doubleclick.net 10304459.fls.doubleclick.net
1 www.googleadservices.com www.googletagmanager.com
1 dsp-ap.eskimi.com rookdsp.com
1 dsp-trk.eskimi.com rookdsp.com
1 region1.analytics.google.com www.googletagmanager.com
1 dsp-media.eskimi.com duoxpress.org
1 rookdsp.com 1 redirects
1 edge.quantserve.com duoxpress.org
1 ip.freshmarketer.com cdn.freshmarketer.com
1 ajax.googleapis.com duoxpress.org
1 code.jquery.com duoxpress.org
1 script.hotjar.com duoxpress.org
1 kit.fontawesome.com duoxpress.org
0 portalassets.mwebaws.co.za Failed duoxpress.org
108 38

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.freshmarketer.com
Amazon
2022-05-30 -
2023-06-28
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-04-28 -
2022-07-27
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2021-12-01 -
2023-01-01
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-07 -
2023-06-06
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.mweb.co.za
Amazon
2022-04-13 -
2023-05-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
www.google.de
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-21 -
2022-07-26
a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-13 -
2023-01-13
a year crt.sh
*.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.google.de
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2022-04-14 -
2023-05-15
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh

This page contains 10 frames:

Primary Page: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Frame ID: 97E45991D79687D471024C2E157C6839
Requests: 98 HTTP requests in this frame

Frame: http://6785438.fls.doubleclick.net/activityi;dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Frame ID: 5BA34E2107721D100F913BF566035DF1
Requests: 1 HTTP requests in this frame

Frame: http://10304459.fls.doubleclick.net/activityi;dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Frame ID: ED3E0D252D8C9A820DA6BA69B3188A3A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Frame ID: 4BECB8D9F8C09FB22778A19E239A4FC9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Frame ID: 3D3C295C7EE87C51C0641312A3081530
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Frame ID: 80DBEB21D4D8DE747965A2043B87FC8B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Frame ID: D5E64C2357F2AECB39E2DC611959CD7D
Requests: 1 HTTP requests in this frame

Frame: http://10304459.fls.doubleclick.net/activityi;dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Frame ID: AA6E315DB12B9972737C02587D3918A3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Frame ID: D14E2ACA35AD80A6875E2893D0BBE569
Requests: 1 HTTP requests in this frame

Frame: https://10304459.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Frame ID: 8F6998EF8D47C3888A48E0AB9A9799F5
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Email Login - MWEB

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns
  • cdn\.freshmarketer\.com

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

108
Requests

82 %
HTTPS

63 %
IPv6

24
Domains

38
Subdomains

35
IPs

5
Countries

1647 kB
Transfer

6016 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://static.hotjar.com/c/hotjar-1570801.js?sv=5 HTTP 301
  • https://static.hotjar.com/c/hotjar-1570801.js?sv=5
Request Chain 10
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 11
  • http://www.googletagmanager.com/gtm.js?id=GTM-588RWD HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Request Chain 57
  • http://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c
Request Chain 60
  • http://6785438.fls.doubleclick.net/activityi;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za HTTP 302
  • http://6785438.fls.doubleclick.net/activityi;dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Request Chain 61
  • http://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za HTTP 302
  • http://10304459.fls.doubleclick.net/activityi;dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Request Chain 62
  • http://cdn.freshmarketer.com/454157/1405338.js HTTP 301
  • https://cdn.freshmarketer.com/454157/1405338.js
Request Chain 64
  • https://rookdsp.com/r/AIfjbw_3-wbP76JTnJ5FiID4AysKBpizv2JQ1uOsNAhiYmY1OGY0Mzc3OGIyYjkw/assets/js/e/gtr.min.js?_=0.0.0.3 HTTP 302
  • https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3
Request Chain 76
  • http://rules.quantcount.com/rules-p-7cjmQwa897H2c.js HTTP 301
  • https://rules.quantcount.com/rules-p-7cjmQwa897H2c.js
Request Chain 81
  • http://pixel.quantserve.com/pixel;r=63603646;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za;uht=2;fpan=1;fpa=P0-1001336216-1658276261288;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=duoxpress.org;dst=0;et=1658276261287;tzo=0;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2FMWEB-orange-bg%252Ejpg HTTP 301
  • https://pixel.quantserve.com/pixel;r=63603646;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za;uht=2;fpan=1;fpa=P0-1001336216-1658276261288;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=duoxpress.org;dst=0;et=1658276261287;tzo=0;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2FMWEB-orange-bg%252Ejpg
Request Chain 98
  • http://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za HTTP 302
  • http://10304459.fls.doubleclick.net/activityi;dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Request Chain 99
  • http://cdn.freshmarketer.com/454157/1405338.js HTTP 301
  • https://cdn.freshmarketer.com/454157/1405338.js
Request Chain 104
  • https://adservice.google.de/ddm/fls/i/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za HTTP 302
  • https://10304459.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za

108 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
duoxpress.org/mweb9090/
17 KB
6 KB
Document
General
Full URL
http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:43c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
f99cc83ce22d814a301746a89d0f2d7994f739317569b8d974d0373392c2c259

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
72d783e118c06903-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Jul 2022 00:17:40 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECm%2BRJZs4qVgnttktWtwb2O8173D%2BhO8%2BL6cj4%2F1yVwnyvO5WWOvew0z3iHflL96E%2FpmB26MWi9xFONPJTNGMTmQ5BSDDK2TpQ4FjI2xERNbzUAVfphm%2Fb8TeYDsmPPh1T2anMpPexb%2BcbjZ"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
x-turbo-charged-by
LiteSpeed
js
www.google-analytics.com/gtm/
120 KB
45 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-W5WQJV9&t=gtag_UA_51279388_1&cid=910634762.1576745719
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce08b826c4fa1c14a8565ee5102ef0128038a44935962cf29a117d3d3ec210ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45592
x-xss-protection
0
expires
Wed, 20 Jul 2022 00:17:40 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
2 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 23:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 20 Jul 2022 00:50:29 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4540
date
Tue, 19 Jul 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Jul 2022 01:02:00 GMT
1405338.js
cdn.freshmarketer.com/454157/
322 KB
86 KB
Script
General
Full URL
https://cdn.freshmarketer.com/454157/1405338.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c96801983acabc1a734bdaedeb21c60d37a6350d93f89e54f5872cc957821ee0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
VAgRCcGAsvP.uelabuKSk7ajrACUf2zo
content-encoding
gzip
etag
W/"62d88b515973bd9af0f93aeb3dc9a10e"
last-modified
Thu, 14 Jul 2022 10:36:09 GMT
server
AmazonS3
age
31
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
cache-control
max-age=120
date
Wed, 20 Jul 2022 00:17:10 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
ju7mXGSCQdA0FOcMy82gSoZxNxfKzxGIxBuWjIcQl_G1h1KdakwiLw==
1554984301242335
connect.facebook.net/signals/config/
448 KB
113 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1554984301242335?v=2.9.15&r=stable
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4f17806f3de4a56ed3bbfac3471f85059730dc69e8abbd05879204bb16518d3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Zaf+H/wGuZzYlazwx9J9pgY7i2D02WF2M17eGDz8xrb1qjJP9r7nwHjqsUbRIoStkX2Kyj0MPki0JWrRbaiUjg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Jul 2022 00:17:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658276261118
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
301918573597990
connect.facebook.net/signals/config/
448 KB
114 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/301918573597990?v=2.9.15&r=stable
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0eccb2d5bfd2f8f392f4773b10b8b736472a1780a7e2edf909989d3c068cb215
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
bVqVhgt9myBiOmy2eWbaIAqDbe4twYgbW25bbJVc7ZcdDlBwWtb19XzVa9+ofMrWleOSXfJqQFakRQTLbeIzHg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Jul 2022 00:17:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658276261109
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26001
x-xss-protection
0
pragma
public
x-fb-debug
+M7sa25WVyUR7F4NUx3gdlGl7SvnUu/BZ8+xoDexW7EeQW+STS/tTEd4E3cAMDIMpCtAieNsc+kuf3Xz2I5lbA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 20 Jul 2022 00:17:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-1570801.js
static.hotjar.com/c/
Redirect Chain
  • http://static.hotjar.com/c/hotjar-1570801.js?sv=5
  • https://static.hotjar.com/c/hotjar-1570801.js?sv=5
5 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1570801.js?sv=5
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Server
13.32.121.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-73.fra60.r.cloudfront.net
Software
/
Resource Hash
8bb5fc9903a905e279f4d59ae87d452b924e19a86f8d0bfb4f4f270ff0bc3533
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
x-cache-hit
1
date
Wed, 20 Jul 2022 00:17:40 GMT
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-amz-cf-id
H_oZEPzeN_Mhmg1012xk4JSlTlETS761WRz_PXQR-PB-fYV_YWeO3Q==
etag
W/cc2ec4387d99eca8c61ca4f11e99e930

Redirect headers

Date
Wed, 20 Jul 2022 00:17:40 GMT
Via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA60-P1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://static.hotjar.com/c/hotjar-1570801.js?sv=5
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
TSy-1QIU8wxvkbc-Q9p4tulOZIYf7HBU-fXRx4pMLJcG6_ao1SYDFw==
conversion_async.js
www.google.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.google.com/pagead/conversion_async.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f5e4ae0af9ed23962d95d194eae772f91e0589490eddce416b74ab2a726f35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15157
x-xss-protection
0
server
cafe
etag
5908699572220235039
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Jul 2022 00:17:40 GMT
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
http://static.ads-twitter.com/uwt.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
HTTP/1.1
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 00:17:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jul 2022 17:28:46 GMT
Etag
"ca88912498e17137955859948f14e272+gzip+gzip"
Vary
Accept-Encoding,Host
x-tw-cdn
FT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache
X-Cache
HIT, HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
15196
X-Served-By
cache-iad-kiad7000093-IAD, cache-hhn11552-HHN
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4540
date
Tue, 19 Jul 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Jul 2022 01:02:00 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
  • https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
380 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f7adce4911af6abfa205f2742f6c392bcee8b87ed0600589e13958d711ca56f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96977
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jul 2022 00:17:40 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Date
Wed, 20 Jul 2022 00:17:40 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
110c6c2bfc.js
kit.fontawesome.com/
6 KB
3 KB
Script
General
Full URL
https://kit.fontawesome.com/110c6c2bfc.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1085790c63d0919dbd0a27ef69f467a234fef99dc02b3886ea1a65aa72ad9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
72d783e38eb15c62-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FwNQKv0xawq3dRZBSl6B
free-v4-shims.min.css
kit-free.fontawesome.com/releases/v5.9.0/css/
25 KB
5 KB
Stylesheet
General
Full URL
https://kit-free.fontawesome.com/releases/v5.9.0/css/free-v4-shims.min.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9219e18910bce90507ccfc85ebdff9090e857610d4f1071163267d11adff337

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15181371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZR7S8725EB3RKR54
x-amz-id-2
W9Dr9mfIgcQTn0kCxOppPc/huTpNIlBLE8JkqESGGG0P3Z85jtyVU5of94eN9JkBCMzshZW1K1U=
last-modified
Wed, 07 Jul 2021 20:41:57 GMT
server
cloudflare
etag
W/"534c0fc8853343d04dd088dd214e1f6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdcPfaRXf77t3lFuoH%2BLGylvAZceHv0m9eLRkFf2GXh9ie8amcBBh%2BO79FE956fNz7wZ%2F%2FYXv527t0FJfgefpwFwzw0zAy8LLiyXBUkvU0E6%2FSb8Rlvd5WKDksqUBUTq8Axsoq2XHC6M%2FHH1ke4ze2Bbu6Zuhqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
72d783e3ab0a9195-FRA
free.min.css
kit-free.fontawesome.com/releases/v5.9.0/css/
83 KB
13 KB
Stylesheet
General
Full URL
https://kit-free.fontawesome.com/releases/v5.9.0/css/free.min.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a4923350a39e2dfcf5b6a2d74344da7962d8c3276c393e87425262ef96749bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15181371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZR7R9SHE5B4PXSVC
x-amz-id-2
s/Fuba1hvMHMfsKHiYBkLuDDxM0rSzrpLvRNqeUe7RnmTLaD+lllCab+2t+OabCj3/7tFH8mIRQ=
last-modified
Wed, 07 Jul 2021 20:41:57 GMT
server
cloudflare
etag
W/"d1b0a2dca962f15aba26c044ef6f6d7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d76PjY3jcOyjVVkeBXAuUJidVUe6n24mYPS3%2Fyw6IR5TojbXtP6CFrOFasCqCzm5th2ar50PwrTEA3byF0S35%2Bt14N3JBpBWBWxgGiW3QoqKv%2BlanL3YR1A9Zshd9phPCjWuEelqml8LitXZhW4mg5Bl0d2POr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
72d783e3ab0e9195-FRA
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/
141 KB
22 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://duoxpress.org/
Origin
http://duoxpress.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
access-control-allow-origin
*
cdn-cachedat
06/09/2022 14:01:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
614bc944d516439c4f39154c37d26ef0
cf-ray
72d783e39c8a9250-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
bootstrap-slider.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-slider/10.0.2/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-slider/10.0.2/css/bootstrap-slider.min.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b003c0cef47915a7591daf3432a13ff38bda990d5ffdd36192c65ac639f8e8f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
614410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1660
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8e-2420"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgJPlPt5p0AvV0TKsBahvxZnq5xotdhqa2Jpe0OwfsDrdZL60Kq93l1HuDfPOfBgbGgNS2vrTYvc839Lc5OJPXpbXrq8p5BXhE5QR9s2iuGqy9jqV5B%2Bvgg1M3%2BQW2Dh1nG2ClKBc8IuoIZaeSzUNW7T"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72d783e38aad9b2e-FRA
expires
Mon, 10 Jul 2023 00:17:40 GMT
jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/
31 KB
7 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3558782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6740
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-7d4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yN1YdkmvNxRy0sQ1WlAFQtR%2FF8%2FYpeNbSkjhUDss0JIZAyaoh9pqKqvzZUq9%2ByuXkkZYXE0Fr42lvw%2B%2BU66W05N0to7Nh54DUwrceH7l%2FHF7KzCDQyFQVbBASQIiqgcVgJHCRi67TiS4gBWHmgnoQ4BU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72d783e39aaf9b2e-FRA
expires
Mon, 10 Jul 2023 00:17:40 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d36bd3f944c197c3e1c45b77a25f4fa803f661807a21503cc79a639538ce5542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 00:09:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 00:17:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 00:17:40 GMT
css
fonts.googleapis.com/
6 KB
745 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 23:56:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 00:17:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 00:17:40 GMT
icon
fonts.googleapis.com/
569 B
439 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 00:17:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 00:17:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 00:17:40 GMT
styles.css
www.mweb.co.za/assets/css/
114 KB
17 KB
Stylesheet
General
Full URL
https://www.mweb.co.za/assets/css/styles.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8afc34710aa3dd12388377bbaa8f14f38c03af6d01b65e074567d7c5b6964e74

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 08:31:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"bb2c33d8f5678b5e5f92a55f59b14f46"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control
private,max-age=600
x-amz-cf-id
J5wSrVUU0dsq_BLy3_VewTkYWFRMCX1JipXoUP_4cBZh8PFuBbQs1A==
mweb-custom.css
www.mweb.co.za/assets/css/
85 KB
13 KB
Stylesheet
General
Full URL
https://www.mweb.co.za/assets/css/mweb-custom.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ae46f25633abede5a84b2fd51154355734d4fa086fd603560af79e16e54330c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 08:31:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"88bc09bb4d585c3baa128316e330495b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control
private,max-age=600
x-amz-cf-id
nBnCoAHm8fPCsRmAe1fpspeRDS7ZaLcqle3oSXXJZ1g3NTQOahXR8w==
main.css
www.mweb.co.za/assets/css/mweb-legacy/
35 KB
6 KB
Stylesheet
General
Full URL
https://www.mweb.co.za/assets/css/mweb-legacy/main.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a536f3aa0388e9bd6928a9939f0ad40ae035ca8db5f39f179e955a4a75bf2ed4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 08:31:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"6fe031fb5f1e590238d824a86b9874f4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control
private,max-age=600
x-amz-cf-id
WcOUApIlHJYmWDZoffDzViRVuxldEjyH91yRTdbrjCPESs9lyvRg0Q==
order-summary.css
www.mweb.co.za/assets/css/mweb-legacy/
9 KB
2 KB
Stylesheet
General
Full URL
https://www.mweb.co.za/assets/css/mweb-legacy/order-summary.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccc449263f17aa4216e8df862230d57e235b837bbfa0cd4cc27a7d5e9c278a47

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 08:31:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"49461ebcdd003ed1e05cc33e611b81b7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control
private,max-age=600
x-amz-cf-id
n8mRPiEPgjO5cDjpwQeK5Bh-8UM6tDpWqgDXDZS37giyDYVsVqY5Ug==
login-register.css
www.mweb.co.za/assets/css/mweb-legacy/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.mweb.co.za/assets/css/mweb-legacy/login-register.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abc24aa924e56dff66252a5b3725deb2f3aa82500e94617a61d15d19ca0974fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 08:31:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"47b6829a0f8fdc1a5459f76e34495b63"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control
private,max-age=600
x-amz-cf-id
B-sL_iawdO4dppa-28N1mfOYF5m9Nu9nXWdIYlb01KhGZ0fUqbQ_Rw==
customer-info.css
www.mweb.co.za/assets/css/mweb-legacy/
12 KB
3 KB
Stylesheet
General
Full URL
https://www.mweb.co.za/assets/css/mweb-legacy/customer-info.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3feb990099bd4e571346e4815e7f7315b75447cbe6009e0e564b8257a475dfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 08:31:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"d68294bc7c4e2893bb3a5b737e50dc0c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control
private,max-age=600
x-amz-cf-id
c5IbTWLTzB3IhexGKJiPvjrwEfpJCfPHoElkmGleU-0BDA9YO5a5gQ==
order-confirmation.css
www.mweb.co.za/assets/css/mweb-legacy/
997 B
1 KB
Stylesheet
General
Full URL
https://www.mweb.co.za/assets/css/mweb-legacy/order-confirmation.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46160c65d3df8c17b3d8da0627f868b66cd2bdaf18fcd86ccbd7326a032ef0db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jul 2022 08:31:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"272e07945f1d4b2ec078efea2947c49b"
x-cache
Miss from cloudfront
content-type
text/css
cache-control
private,max-age=600
accept-ranges
bytes
content-length
997
x-amz-cf-id
hL7uLT9wABVamutQTR_R6i7UGc9zC0Z1huZ9FQh8SC6XUTHMxSDIdA==
dashboard.css
www.mweb.co.za/assets/css/mweb-legacy/
33 KB
6 KB
Stylesheet
General
Full URL
https://www.mweb.co.za/assets/css/mweb-legacy/dashboard.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
172453c74fb0398995e4c06792b873932a3d3c4661b313ba9cea0660e89f12b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 08:31:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"d3c8bfddfa4b9e122d2b0613bb08823c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control
private,max-age=600
x-amz-cf-id
fNxeVTI3z6ID38mqGQDCHoC1nSnYh0CKzxia0wLuJhdNP-zD0K0C1g==
sales-order-tracking.css
www.mweb.co.za/assets/css/mweb-legacy/
17 KB
3 KB
Stylesheet
General
Full URL
https://www.mweb.co.za/assets/css/mweb-legacy/sales-order-tracking.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c57fce0a5f9a38fbbbe540b5ddd8d58aed8ae47b72dd3c1cbc3ab3b5a576a55

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 08:31:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"8ad4057a466979ea1c411b30357261e4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control
private,max-age=600
x-amz-cf-id
pamNaq9BsJspf6TU9UB5l37EBPeys-DQfUppBW-npFn33aU8pJMCXg==
flags.css
www.mweb.co.za/assets/css/
11 KB
2 KB
Stylesheet
General
Full URL
https://www.mweb.co.za/assets/css/flags.css
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24e5a21c63d44e1b63928bf52701e2a692848335d8f11cbcfdd6e30f1a80a8b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 08:31:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"a21bbff17ee44991ab38eba62d3744ba"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control
private,max-age=600
x-amz-cf-id
nXbuaxWZQSq5rhE5cN8c8oUxsNqYW64oowZoaF7EU6jQq5jjgkijiA==
js
www.googletagmanager.com/gtag/
107 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-51279388-1
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d9f66539f14535bd8d1be1d5481132115065239a1c5efe38f1b369f378faa9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41995
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jul 2022 00:17:40 GMT
default~existing-customer-dashboard-dashboard-module-feature-ngfactory~existing-customer-product-add~882c01f8.3c3d73250ad6463a8f32.js
www.mweb.co.za/app/v3.1.99P/
11 KB
3 KB
Script
General
Full URL
https://www.mweb.co.za/app/v3.1.99P/default~existing-customer-dashboard-dashboard-module-feature-ngfactory~existing-customer-product-add~882c01f8.3c3d73250ad6463a8f32.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1a38217ad9abc47f24255e66ba9303390c45fecde7205f317bc0122213a12ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 22:50:28 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 13:03:26 GMT
server
AmazonS3
age
5233
etag
W/"f68cf32e8d2e39efc76733771a0deb74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
2OKQ3Dv5nvIX-15oqdjx8y3Zm_gxuMs1nrYb0c7aK3O2dRPAHY3rOw==
default~existing-customer-product-add-add-product-module-feature-ngfactory~existing-customer-product~be497fad.6b76106f6330120b0acd.js
duoxpress.org/app/v3.1.99P/
0
0
Script
General
Full URL
http://duoxpress.org/app/v3.1.99P/default~existing-customer-product-add-add-product-module-feature-ngfactory~existing-customer-product~be497fad.6b76106f6330120b0acd.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:43c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 20 Jul 2022 00:17:40 GMT
Content-Encoding
gzip
CF-Cache-Status
BYPASS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGNMkI%2Fj7ir01vnwZR8%2FAZe%2Bgew08sok3%2BLnay%2F0uloFK%2BTnT45qPdwYlLuH31IRHeMKzbhl9OtUShTBGTllCG%2B9frmdMQDWr5ifJH7uihxwC%2BnoE1E7r%2FMGv8Csojps%2BxgdW6Vl42sVkvpF"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
x-turbo-charged-by
LiteSpeed
Connection
keep-alive
CF-RAY
72d783e36ae36903-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
default~existing-customer-product-add-add-product-module-feature-ngfactory~existing-customer-product~aa4e6a5a.a60d26f070ec556072db.js
www.mweb.co.za/app/v3.1.99P/
177 KB
23 KB
Script
General
Full URL
https://www.mweb.co.za/app/v3.1.99P/default~existing-customer-product-add-add-product-module-feature-ngfactory~existing-customer-product~aa4e6a5a.a60d26f070ec556072db.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d997a8187103169211bd2496c4f06a13c4c6aa714c6881313fb5ba10ce42e355

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 22:50:28 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 13:03:26 GMT
server
AmazonS3
age
5233
etag
W/"3fa5a8e2a6494ba0430c3866360722ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
f6kBaxBERRlj5XEZBonvWnsSYS4Fm6wzmt74zgEVirfgKwVd-D0ovw==
default~portal-adsl-adsl-module-feature-ngfactory~portal-adsl-internet-adsl-internet-module-feature-~93a7363d.8b6cb79213ff17c0a7d3.js
www.mweb.co.za/app/v3.1.99P/
22 KB
6 KB
Script
General
Full URL
https://www.mweb.co.za/app/v3.1.99P/default~portal-adsl-adsl-module-feature-ngfactory~portal-adsl-internet-adsl-internet-module-feature-~93a7363d.8b6cb79213ff17c0a7d3.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4941bd5329bc76f609935dd8d8287cafb1e494474d889093b768360eab8b7519

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 22:50:28 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 13:03:27 GMT
server
AmazonS3
age
5233
etag
W/"6802a8d791fe7651eb6cf681738b365b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
QA4aSqAwmJHthgS_Lbtp4LLkNdarLJ3XaDA4jOxoZyRo9KhSPfBQ5Q==
common.0ff6cc7f513de9eac739.js
www.mweb.co.za/app/v3.1.99P/
9 KB
3 KB
Script
General
Full URL
https://www.mweb.co.za/app/v3.1.99P/common.0ff6cc7f513de9eac739.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
021a2374f281f7aace50480760050ecf611922ce8b62f8a79e87c26e49b53358

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 22:50:28 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 13:03:26 GMT
server
AmazonS3
age
5233
etag
W/"dc8af9b774853de0074c0248c5133731"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
nBQNojnE8gMawRVnhyjdfepue_sjhf1jp32CAv4dIwxmIfLjl4cTVA==
portal-home-home-module-feature-ngfactory.ef35ff85e28871edba48.js
www.mweb.co.za/app/v3.1.99P/
12 KB
5 KB
Script
General
Full URL
https://www.mweb.co.za/app/v3.1.99P/portal-home-home-module-feature-ngfactory.ef35ff85e28871edba48.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fd6b0559e57960f830f588230e453213e6d43070dc36d6fbcecc1f3983c0425

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 13:03:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"af8aa26c4dc78b77a10021720609eeea"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-id
XFu6iAgP1OQ8FgIexCBuVrN6MSDGyXpS1bFLMsu_ynh8vhJYmUojbA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/?random=1579008231733&cv=9&fst=1579008231733&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1003&u_w=1920&u_ah=963&u_aw=1920&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg121&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.mweb.co.za%2Fwebmail&tiba=MWEB%20Homepage&hn=www.google.com&async=1&rfmt=3&fmt=4
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
104d273bf86569cab42d10a7e8d576e24f9138feb73f806f21052546606abe70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1009
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default~login-agent-agent-module-feature-ngfactory~login-email-email-login-module-feature-ngfactory~~b3b14194.f6881c152430b518cb28.js
www.mweb.co.za/app/v3.1.99P/
44 KB
9 KB
Script
General
Full URL
https://www.mweb.co.za/app/v3.1.99P/default~login-agent-agent-module-feature-ngfactory~login-email-email-login-module-feature-ngfactory~~b3b14194.f6881c152430b518cb28.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7594eecfd36f944797d129f9fc902db128757d5221e22b2a47cd2edcd6a5244b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 13:03:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"590f5d022b12fe1931597d45f6cf201e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-id
283ai8cfhvdtTMSnOdD3rGYGHwKp4UodKCRonijh10_8uD3hwhJ6kQ==
login-email-email-login-module-feature-ngfactory.a4f31b1d747148d65413.js
www.mweb.co.za/app/v3.1.99P/
9 KB
4 KB
Script
General
Full URL
https://www.mweb.co.za/app/v3.1.99P/login-email-email-login-module-feature-ngfactory.a4f31b1d747148d65413.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c8ffaffd06aef47af22006da6893d4f8d3c56699df90b7c7298abe75050610f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 22:50:28 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 13:03:27 GMT
server
AmazonS3
age
5233
etag
W/"e6bd0d3bd3d839fc83c608a8d77f0be4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
BmJsx-tpMyvsusmqv2pUcdO98nYKe68Ri7Yu0HxJKpqamqVXFeKVUw==
modules.3f87663fe3054321fa13.js
script.hotjar.com/
399 KB
70 KB
Script
General
Full URL
https://script.hotjar.com/modules.3f87663fe3054321fa13.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
75744e8d0748cea788fdf9cf2379321b61ef1f6f0f71f383baf232118dc998d7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 06:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
496107
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
71124
access-control-allow-origin
*
last-modified
Wed, 15 Jan 2020 10:43:37 GMT
etag
"591b65d4ca1cf62b1ff48592458d798a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
_UpSGSLkGZAV9HDGBX-SsY_2RLtCkaV_93-03I92RFbkqE9sFKQT-w==
mweb-logo-300x300.png
www.mweb.co.za/media/images/
26 KB
26 KB
Image
General
Full URL
https://www.mweb.co.za/media/images/mweb-logo-300x300.png
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38a3b2cdff72d4453339354c91bcc4969ac5612675d8452b92c087eb8964ffd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
last-modified
Sat, 25 Aug 2018 17:48:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"b080310c174e6843d4eaa1e3528fb9a4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
26201
x-amz-cf-id
xyCsG_TYcccFU_5GkseTR9bNkxV3kusFVS6AHfFwyysKMpVDFhQHjA==
login-welcome.png
www.mweb.co.za/media/images/content/
4 KB
5 KB
Image
General
Full URL
https://www.mweb.co.za/media/images/content/login-welcome.png
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
635d1b8bca2d904072109d54cb79c89084562011af145377469f5c59a1be1c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
last-modified
Sat, 25 Aug 2018 17:48:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"86cb56da180613d685c2bd16b0d1a28d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4423
x-amz-cf-id
8RciizS_jGk9RCFfZ9QQuK58Vzo8crnkJGEQxlQA1-2Ree2r1gYW1Q==
welcome-webmail.png
www.mweb.co.za/media/images/content/
4 KB
5 KB
Image
General
Full URL
https://www.mweb.co.za/media/images/content/welcome-webmail.png
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3965f87047c057528dc43b4f3a9b4082f98190e6b3affd7b41bf9c914836b8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
last-modified
Mon, 25 Feb 2019 07:21:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"a62ca1553cb68da9151fe5b2d197c068"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4507
x-amz-cf-id
qnafwbQ-OhVR8LaBHOD5WC2fMS01cCkOpSr7t_Xlx5KcTL-w58W4Hg==
login-mweb-logo.png
www.mweb.co.za/media/images/
8 KB
8 KB
Image
General
Full URL
https://www.mweb.co.za/media/images/login-mweb-logo.png
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-93.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ba300f528f16b783dd0573ba42d084de33f18a8da29c5ec30a79e34ffb331d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
last-modified
Sat, 25 Aug 2018 17:48:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"0387562bc00b1e38e275443f4f958cf6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7680
x-amz-cf-id
o1CDV8pZcj7-UtGJU3Vy88eV76DzjWJh9Q5R0-JUhARYtfKMbocBVw==
m-loading.gif
portalassets.mwebaws.co.za/assets/img/mweb-legacy/
0
0

jquery-3.2.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
http://duoxpress.org/
Origin
http://duoxpress.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-10fdd"
vary
Accept-Encoding
x-hw
1658276260.dop135.am5.t,1658276260.cds311.am5.hn,1658276260.cds255.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
23856
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/
19 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://duoxpress.org/
Origin
http://duoxpress.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
409045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6157
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqDUzDD44PD5y5%2BehQAtjmElehLROpaNBu1pCdZMgtSD86585Sh3%2BDmancBK06MNiHmKZ0JB%2FpiWfZHEI8ud9nA3wF72GQ%2F0W%2FS3VADTP1Vnr0zBDyPChoZaCAiEODhQ3FZkOeRmJbIcnRuGIY25cGoI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72d783e61c349226-FRA
expires
Mon, 10 Jul 2023 00:17:40 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/
48 KB
13 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://duoxpress.org/
Origin
http://duoxpress.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
860
access-control-allow-origin
*
cdn-cachedat
03/10/2022 17:24:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0e3b6338c3fdd63ddd294686c57b1989
cf-ray
72d783e62de19250-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 00:12:40 GMT
js
www.googletagmanager.com/gtag/
107 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-51279388-1&l=dataLayer&cx=c
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/gtm/js?id=GTM-W5WQJV9&t=gtag_UA_51279388_1&cid=910634762.1576745719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ecb9f6808aa0d2c7a1209c7c9acff92029512f22a0d5ad104af4d688c41e392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42012
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jul 2022 00:17:40 GMT
/
www.google.com/pagead/1p-user-list/850038554/
42 B
227 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/850038554/?random=1579008231733&cv=9&fst=1579006800000&num=1&guid=ON&u_h=1003&u_w=1920&u_ah=963&u_aw=1920&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg121&sendb=1&frm=0&url=https%3A%2F%2Fwww.mweb.co.za%2Fwebmail&tiba=MWEB%20Homepage&async=1&fmt=3&is_vtc=1&random=3092890946&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/850038554/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/850038554/?random=1579008231733&cv=9&fst=1579006800000&num=1&guid=ON&u_h=1003&u_w=1920&u_ah=963&u_aw=1920&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg121&sendb=1&frm=0&url=https%3A%2F%2Fwww.mweb.co.za%2Fwebmail&tiba=MWEB%20Homepage&async=1&fmt=3&is_vtc=1&random=3092890946&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ip.freshmarketer.com/json/
191 B
392 B
Script
General
Full URL
http://ip.freshmarketer.com/json/?callback=setGeoTargeting
Requested by
Host: cdn.freshmarketer.com
URL: https://cdn.freshmarketer.com/454157/1405338.js
Protocol
HTTP/1.1
Server
34.230.222.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-222-24.compute-1.amazonaws.com
Software
/
Resource Hash
b7fd56bc5fd65fcf101d90b6ac4479062d217fa846baf5e453bbaa2c68f60f55

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 00:17:41 GMT
Connection
keep-alive
X-Database-Date
Thu, 03 Feb 2022 09:45:24 GMT
Content-Length
191
Vary
Origin
Content-Type
application/javascript
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=120188480&t=pageview&_s=1&dl=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&ul=en-us&de=UTF-8&dt=Email%20Login%20-%20MWEB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUABAAAAAC~&jid=656748746&gjid=1765500306&cid=1560985292.1658276261&tid=UA-51279388-1&_gid=1172142059.1658276261&_r=1&gtm=2ou7i0&z=750745848
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://duoxpress.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://duoxpress.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
440 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51279388-1&cid=1560985292.1658276261&jid=656748746&gjid=1765500306&_gid=1172142059.1658276261&_u=aGBAAUAAAAAAAC~&z=1690852949
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://duoxpress.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Jul 2022 00:17:41 GMT
content-type
text/plain
access-control-allow-origin
http://duoxpress.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c
204 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e35a3e513d10810aac992d469001c513c2d2c0db9c58b3ebcc24de7f5e57b84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74348
x-xss-protection
0
expires
Wed, 20 Jul 2022 00:17:41 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=120188480&t=pageview&_s=1&dl=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&ul=en-us&de=UTF-8&dt=Email%20Login%20-%20MWEB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAC~&jid=940313924&gjid=339126642&cid=1560985292.1658276261&tid=UA-51279388-1&_gid=1172142059.1658276261&_r=1&gtm=2wg7i0588RWD&z=690485861
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://duoxpress.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://duoxpress.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 17:28:46 GMT
etag
"ca88912498e17137955859948f14e272+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15196
x-served-by
cache-iad-kiad7000093-IAD, cache-hhn11537-HHN
activityi;dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flog...
6785438.fls.doubleclick.net/ Frame 5BA3
Redirect Chain
  • http://6785438.fls.doubleclick.net/activityi;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flo...
  • http://6785438.fls.doubleclick.net/activityi;dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpre...
530 B
1004 B
Document
General
Full URL
http://6785438.fls.doubleclick.net/activityi;dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za?
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
HTTP/1.1
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
1091e913a4f55130abe09c9de65a36e78e9d1c1419626e782bc38cf459ef9cf1
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Content-Encoding
gzip
Content-Length
420
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 20 Jul 2022 00:17:41 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
cafe
Strict-Transport-Security
max-age=21600
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
0

Redirect headers

Cache-Control
no-cache, must-revalidate
Content-Length
0
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 20 Jul 2022 00:17:41 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Follow-Only-When-Prerender-Shown
1
Location
http://6785438.fls.doubleclick.net/activityi;dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za?
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
cafe
Strict-Transport-Security
max-age=21600
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
0
activityi;dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3F...
10304459.fls.doubleclick.net/ Frame ED3E
Redirect Chain
  • http://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%...
  • http://10304459.fls.doubleclick.net/activityi;dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduo...
533 B
1006 B
Document
General
Full URL
http://10304459.fls.doubleclick.net/activityi;dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za?
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
HTTP/1.1
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
be97b608cd8884a143ca8e4ab36a58d0b9b8071edf522fbcaba1164f8adc9547
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Content-Encoding
gzip
Content-Length
422
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 20 Jul 2022 00:17:41 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
cafe
Strict-Transport-Security
max-age=21600
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
0

Redirect headers

Cache-Control
no-cache, must-revalidate
Content-Length
0
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 20 Jul 2022 00:17:41 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Follow-Only-When-Prerender-Shown
1
Location
http://10304459.fls.doubleclick.net/activityi;dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za?
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
cafe
Strict-Transport-Security
max-age=21600
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
0
1405338.js
cdn.freshmarketer.com/454157/
Redirect Chain
  • http://cdn.freshmarketer.com/454157/1405338.js
  • https://cdn.freshmarketer.com/454157/1405338.js
322 KB
86 KB
Script
General
Full URL
https://cdn.freshmarketer.com/454157/1405338.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Server
18.66.122.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c96801983acabc1a734bdaedeb21c60d37a6350d93f89e54f5872cc957821ee0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
VAgRCcGAsvP.uelabuKSk7ajrACUf2zo
content-encoding
gzip
etag
W/"62d88b515973bd9af0f93aeb3dc9a10e"
last-modified
Thu, 14 Jul 2022 10:36:09 GMT
server
AmazonS3
age
32
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
cache-control
max-age=120
date
Wed, 20 Jul 2022 00:17:10 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
ZOQrXBq9GU2ngWX07oVjAtFuj41heHXhERBdeWFhTFDzXIk0c2ph4Q==

Redirect headers

Date
Wed, 20 Jul 2022 00:17:41 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn.freshmarketer.com/454157/1405338.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
M7yfo7CwP2Rti4KzKBFpM-ATOSDD7NzSw2ZzCDPKbHIietDW6ZRXHg==
quant.js
edge.quantserve.com/
24 KB
10 KB
Script
General
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
HTTP/1.1
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 00:17:41 GMT
Content-Encoding
gzip
Etag
"77f5L8LR6ldZZZ+q4Q+xaw=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Wed, 27 Jul 2022 00:17:41 GMT
gtr.min.js
dsp-media.eskimi.com/assets/js/e/
Redirect Chain
  • https://rookdsp.com/r/AIfjbw_3-wbP76JTnJ5FiID4AysKBpizv2JQ1uOsNAhiYmY1OGY0Mzc3OGIyYjkw/assets/js/e/gtr.min.js?_=0.0.0.3
  • https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3
5 KB
3 KB
Script
General
Full URL
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
9815c5028421996acaf760f85539642ed35bfdb7e2ca0f4a5411530accfb4689
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
832
access-control-allow-origin
*
cdn-cachedat
03/12/2022 17:32:55
cdn-pullzone
692289
server
BunnyCDN-DE-832
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires
Sun, 12 Mar 2023 17:32:55 GMT
last-modified
Mon, 28 Feb 2022 12:27:33 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"621cbfb5-12fb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31536000
cdn-uid
ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestid
0d34b396ffa5a8d57647baf56529bc9a
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

location
https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3
date
Wed, 20 Jul 2022 00:17:41 GMT
server
openresty
content-length
142
content-type
text/html
events.js
analytics.tiktok.com/i18n/pixel/
126 KB
38 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C82FSI868TKSFI88NQE0&lib=ttq
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-232.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1eba8268d112d2903105c9b82da51799cd7467c382af9b3b94bcb41295d9c1dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id
9c6850f2.759cd902
date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-134.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
110,23.36.161.204
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=22, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
202207200017410100020450077350020570D221F94
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
22,23.220.104.134
x-tt-trace-host
0175e780687430e89cac6f6204f7c08cbad544f6d2eb6ae46ded69b32f4939602309a0eb2ff3f78b9cd54d1c6e9285bd14d48517c4c7991321b40010ab46d79dd763dae1ea49729109b9f37a3bbf74176b27bb00667aafe737cf6d422320c64ad83a54e90a05a5ed3a5c51e3d0bc016a67
expires
Wed, 20 Jul 2022 00:17:41 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=120188480&t=pageview&_s=1&dl=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&ul=en-us&de=UTF-8&dt=Email%20Login%20-%20MWEB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAC~&jid=330369594&gjid=509792226&cid=1560985292.1658276261&tid=UA-51279388-5&_gid=1172142059.1658276261&_r=1&gtm=2wg7i0588RWD&z=1715953778
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://duoxpress.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://duoxpress.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
301918573597990
connect.facebook.net/signals/config/
292 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/301918573597990?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
95c0a8d204241726f522512abe79ffa0237241abb65b9d6edc3320a4a2a98f5f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
q5XtaanTnpc1KUtDEnBeg8jHALjqoprhwU08lIImFgAZrWNS90S1GiQt3o1b1phkRT8DQ+ud06DLe4UHOP68xg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Jul 2022 00:17:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658276261687
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51279388-1&cid=1560985292.1658276261&jid=940313924&gjid=339126642&_gid=1172142059.1658276261&_u=aGDAAUABAAAAAC~&z=249403462
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://duoxpress.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Jul 2022 00:17:41 GMT
content-type
text/plain
access-control-allow-origin
http://duoxpress.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51279388-1&cid=1560985292.1658276261&jid=656748746&_u=aGBAAUAAAAAAAC~&z=782997574
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51279388-1&cid=1560985292.1658276261&jid=656748746&_u=aGBAAUAAAAAAAC~&z=782997574
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1554984301242335
connect.facebook.net/signals/config/
292 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1554984301242335?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
557291a725f1726553d573236c664f76ddf31a30050fadb4e447cde3f58a5002
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
KmMHR1uDa4pOIZMgT40mGaMr0rH3EWf817ZtgjomN+wZqgj+WYaYSdMnXUxQ6mx6kQ2wccjjLbTkBeM6LN1+Gg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Jul 2022 00:17:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658276261774
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=301918573597990&ev=PageView&dl=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&rl=&if=false&ts=1658276261221&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658276261221.1948585089&it=1658276261186&coo=false&exp=u0&rqm=GET
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 20 Jul 2022 00:17:41 GMT
628022054477854
connect.facebook.net/signals/config/
292 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/628022054477854?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a94ca6207a9299400ab6c41d8d711c3e22c59745b3adc6818ee8a3aaffb61e07
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
FBp+k4k7FmyowJ+ejpvuDDDbLzIHJFETXmhCe2fJcq+7XkQp2t+dVbOxUX6VAgp29YenPjE3Slcs68RLoxN20w==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Jul 2022 00:17:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658276261575
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1554984301242335&ev=PageView&dl=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&rl=&if=false&ts=1658276261225&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658276261221.1948585089&it=1658276261186&coo=false&exp=u0&rqm=GET
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 20 Jul 2022 00:17:41 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51279388-5&cid=1560985292.1658276261&jid=330369594&gjid=509792226&_gid=1172142059.1658276261&_u=aGDAAUABAAAAAC~&z=669932116
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://duoxpress.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Jul 2022 00:17:41 GMT
content-type
text/plain
access-control-allow-origin
http://duoxpress.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-7cjmQwa897H2c.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-7cjmQwa897H2c.js
  • https://rules.quantcount.com/rules-p-7cjmQwa897H2c.js
2 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-7cjmQwa897H2c.js
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Server
2600:9000:223c:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
317bef077e5711978582b50ee2686acbcb32549fa44ad12ed5242ea62ca02b8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:00:42 GMT
content-encoding
gzip
age
1020
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 09 Dec 2020 12:54:27 GMT
server
AmazonS3
etag
W/"0ec974581e803c8d1432898f0387dbfa"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
vsWr3TkwKwdtENR6CS0iSdguTg614rzwlRMlG9UyaDdAGCN9rEdF7g==

Redirect headers

Date
Wed, 20 Jul 2022 00:17:41 GMT
Via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-7cjmQwa897H2c.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
iq99ogJouN3vFAH7ogRp9ODuEIBgQTkBWtQVnoh-snLiPoC-H6ov4Q==
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51279388-5&cid=1560985292.1658276261&jid=330369594&_u=aGDAAUABAAAAAC~&z=1461637596
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51279388-5&cid=1560985292.1658276261&jid=330369594&_u=aGDAAUABAAAAAC~&z=1461637596
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51279388-1&cid=1560985292.1658276261&jid=940313924&_u=aGDAAUABAAAAAC~&z=541649013
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51279388-1&cid=1560985292.1658276261&jid=940313924&_u=aGDAAUABAAAAAC~&z=541649013
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=63603646;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za;uht=2;fpan=1;fpa=P0-1001336216-1658276261288...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=63603646;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za;uht=2;fpan=1;fpa...
  • https://pixel.quantserve.com/pixel;r=63603646;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za;uht=2;fpan=1;fp...
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=63603646;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za;uht=2;fpan=1;fpa=P0-1001336216-1658276261288;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=duoxpress.org;dst=0;et=1658276261287;tzo=0;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2FMWEB-orange-bg%252Ejpg
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H2
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Date
Wed, 20 Jul 2022 00:17:41 GMT
Access-Control-Allow-Origin
*
Location
https://pixel.quantserve.com/pixel;r=63603646;labels=_fp.event.Default;rf=0;a=p-7cjmQwa897H2c;url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za;uht=2;fpan=1;fpa=P0-1001336216-1658276261288;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=duoxpress.org;dst=0;et=1658276261287;tzo=0;ogl=site_name.MWEB%2Ctitle.MWEB%2Curl.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Ctype.website%2Cdescription.Affordable%20Fibre%252C%20LTE%252C%20ADSL%20and%20more!%2Cimage.https%3A%2F%2Fwww%252Emweb%252Eco%252Eza%2Fmedia%2Fimages%2Fog%2FMWEB-orange-bg%252Ejpg
Cache-Control
private, no-transform, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 21 Jul 2022 00:17:41 GMT
dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargv...
adservice.google.com/ddm/fls/i/ Frame 4BEC
529 B
489 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Requested by
Host: 6785438.fls.doubleclick.net
URL: http://6785438.fls.doubleclick.net/activityi;dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
edb409aa049736dd46fe480689045aad49755a98772f03876b37362b2341350c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://6785438.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
419
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:17:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dma...
adservice.google.com/ddm/fls/i/ Frame 3D3C
532 B
889 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Requested by
Host: 10304459.fls.doubleclick.net
URL: http://10304459.fls.doubleclick.net/activityi;dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d6331e9a3672e62c18d0a66e860eaf503de2b6da2b72b511a2c8cff0b648c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://10304459.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:17:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
identify.js
analytics.tiktok.com/i18n/pixel/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C82FSI868TKSFI88NQE0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-232.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id
deab7285.759cda53
date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-36-66-15.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
93,23.36.161.204
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=6, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
20220720001741010002045007735002020053114F7
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.36.66.15
x-tt-trace-host
0175e780687430e89cac6f6204f7c08cbad544f6d2eb6ae46ded69b32f49396023d448a39800bea87add33c6dcb043c0c8bf874bf32754206fa1c7af04536e487eefb042081fe85d69c40b3727fa7b578776fdee1c999a1c2dd68819b5c19e6327632874eb40b0066fc1624b66cc60d178
expires
Wed, 20 Jul 2022 00:17:41 GMT
config.js
analytics.tiktok.com/i18n/pixel/
58 KB
20 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C82FSI868TKSFI88NQE0&hostname=duoxpress.org
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C82FSI868TKSFI88NQE0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-232.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
eaf929b52359d55e6370d79abb835fce1fb7d29b19af85f71c176762e7b4bf44

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202207200017410100020077350020310F307B23
vary
Accept-Encoding
x-cache
TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
127,23.36.161.204
x-tt-trace-host
0175e780687430e89cac6f6204f7c08cba9bca20004483845678681b9b520c302aca34b523df809792eb19efa9c6ecddaf881224fcfdce3ff3c235bfa3bfe1e379aea0e34695c1790d9f496378618a9f834d90cc4e3d0375cfec148ca131db200f
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=2, origin; dur=127
x-akamai-request-id
759cda9d
expires
Wed, 20 Jul 2022 00:17:41 GMT
collect
region1.analytics.google.com/g/
0
345 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-85DEGRW3JJ&gtm=2oe7i0&_p=120188480&_z=ccd.v9B&_gaz=1&cid=1560985292.1658276261&ul=en-us&sr=1600x1200&_s=1&sid=1658276261&sct=1&seg=0&dl=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&dt=Email%20Login%20-%20MWEB&en=page_view&_fv=1&_ss=1&ep.debug_mode=true
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://duoxpress.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
17 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-85DEGRW3JJ&cid=1560985292.1658276261&gtm=2oe7i0&aip=1
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-85DEGRW3JJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://duoxpress.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-85DEGRW3JJ&cid=1560985292.1658276261&gtm=2oe7i0&aip=1&z=1458701756
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dma...
adservice.google.de/ddm/fls/i/ Frame 80DB
194 B
870 B
Document
General
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CM3z9buYhvkCFZXl1QodewMJGA;src=10304459;type=mwebs0;cat=tmi_m000;ord=9783196007023;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:17:41 GMT
expires
Wed, 20 Jul 2022 00:17:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargv...
adservice.google.de/ddm/fls/i/ Frame D5E6
194 B
242 B
Document
General
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPDB9buYhvkCFaW6UQod5n8JAQ;src=6785438;type=mwebe0;cat=opens0;ord=5610281194760;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:17:41 GMT
expires
Wed, 20 Jul 2022 00:17:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cssession
dsp-trk.eskimi.com/tracking/
0
136 B
XHR
General
Full URL
https://dsp-trk.eskimi.com/tracking/cssession?tst&id=16163
Requested by
Host: rookdsp.com
URL: https://rookdsp.com/r/AIfjbw_3-wbP76JTnJ5FiID4AysKBpizv2JQ1uOsNAhiYmY1OGY0Mzc3OGIyYjkw/assets/js/e/gtr.min.js?_=0.0.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
http://duoxpress.org
date
Wed, 20 Jul 2022 00:17:41 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtr
dsp-ap.eskimi.com/v2/
116 B
582 B
XHR
General
Full URL
https://dsp-ap.eskimi.com/v2/gtr?id=16163&url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&t=1658276261554
Requested by
Host: rookdsp.com
URL: https://rookdsp.com/r/AIfjbw_3-wbP76JTnJ5FiID4AysKBpizv2JQ1uOsNAhiYmY1OGY0Mzc3OGIyYjkw/assets/js/e/gtr.min.js?_=0.0.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.201.186.35.bc.googleusercontent.com
Software
/
Resource Hash
cc910d6f3f6d00fd802e3e49c3ea5ee7d3c04f4f4c771eea7eee3ed0e988d68f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
http://duoxpress.org
date
Wed, 20 Jul 2022 00:17:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
content-type
application/json
pixel
analytics.tiktok.com/api/v2/
0
717 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C82FSI868TKSFI88NQE0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-232.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://duoxpress.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3d8578da.759cdc93
date
Wed, 20 Jul 2022 00:17:41 GMT
x-cache-remote
TCP_MISS from a23-36-66-34.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.9.0-42538714) (-)
x-parent-response-time
117,23.36.161.204
server-timing
cdn-cache; desc=MISS, edge; dur=104, origin; dur=18, inner; dur=11
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202207200017410100040030077350020190A383446
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,23.36.66.34
x-tt-trace-host
0175e780687430e89cac6f6204f7c08cbad544f6d2eb6ae46ded69b32f49396023b20d36be6550b6ddc8c62476985335e6df8e5e7a5f40ed62d7591fa59ad4b131f7ef5190c31d096ff31daf145e297b4e8445aa8d2a070302b3dc6642e6c8ae35ef2d6aa1bf6883d2383df44888cddd6a
expires
Wed, 20 Jul 2022 00:17:41 GMT
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=628022054477854&ev=PageView&dl=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522login%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1658276261613&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658276261221.1948585089&it=1658276261186&coo=false&exp=u0&rqm=GET
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Jul 2022 00:17:41 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=301918573597990&ev=Microdata&dl=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&rl=&if=false&ts=1658276261724&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Email%20Login%20-%20MWEB%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22MWEB%22%2C%22og%3Atitle%22%3A%22MWEB%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mweb.co.za%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Affordable%20Fibre%2C%20LTE%2C%20ADSL%20and%20more!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.mweb.co.za%2Fmedia%2Fimages%2Fog%2FMWEB-orange-bg.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658276261221.1948585089&it=1658276261186&coo=false&es=automatic&tm=3&exp=u0&rqm=GET
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Jul 2022 00:17:41 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1554984301242335&ev=Microdata&dl=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&rl=&if=false&ts=1658276261726&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Email%20Login%20-%20MWEB%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22MWEB%22%2C%22og%3Atitle%22%3A%22MWEB%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mweb.co.za%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Affordable%20Fibre%2C%20LTE%2C%20ADSL%20and%20more!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.mweb.co.za%2Fmedia%2Fimages%2Fog%2FMWEB-orange-bg.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658276261221.1948585089&it=1658276261186&coo=false&es=automatic&tm=3&exp=u0&rqm=GET
Requested by
Host: duoxpress.org
URL: http://duoxpress.org/mweb9090/index.php?login=margvanr@global.co.za
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Jul 2022 00:17:41 GMT
conversion_async.js
www.googleadservices.com/pagead/
40 KB
15 KB
Script
General
Full URL
http://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
HTTP/1.1
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 20 Jul 2022 00:17:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
9823212955285023900
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
15160
X-XSS-Protection
0
Expires
Wed, 20 Jul 2022 00:17:41 GMT
activityi;dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Fl...
10304459.fls.doubleclick.net/ Frame AA6E
Redirect Chain
  • http://10304459.fls.doubleclick.net/activityi;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3...
  • http://10304459.fls.doubleclick.net/activityi;dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduox...
532 B
1005 B
Document
General
Full URL
http://10304459.fls.doubleclick.net/activityi;dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za?
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol
HTTP/1.1
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
8c7d372c1d6c843f90bb4dcd678b9bfd796d41936ab071bc31cdb9119eebc9ac
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Content-Encoding
gzip
Content-Length
421
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 20 Jul 2022 00:17:41 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
cafe
Strict-Transport-Security
max-age=21600
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
0

Redirect headers

Cache-Control
no-cache, must-revalidate
Content-Length
0
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 20 Jul 2022 00:17:41 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Follow-Only-When-Prerender-Shown
1
Location
http://10304459.fls.doubleclick.net/activityi;dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za?
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
cafe
Strict-Transport-Security
max-age=21600
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
0
1405338.js
cdn.freshmarketer.com/454157/
Redirect Chain
  • http://cdn.freshmarketer.com/454157/1405338.js
  • https://cdn.freshmarketer.com/454157/1405338.js
322 KB
86 KB
Script
General
Full URL
https://cdn.freshmarketer.com/454157/1405338.js
Protocol
H2
Server
18.66.122.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c96801983acabc1a734bdaedeb21c60d37a6350d93f89e54f5872cc957821ee0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
VAgRCcGAsvP.uelabuKSk7ajrACUf2zo
content-encoding
gzip
etag
W/"62d88b515973bd9af0f93aeb3dc9a10e"
last-modified
Thu, 14 Jul 2022 10:36:09 GMT
server
AmazonS3
age
32
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
cache-control
max-age=120
date
Wed, 20 Jul 2022 00:17:10 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
Nww-khgeLl3-tF3MT6xMg0LrgVXWe0OJG6B7kK1hLN6ozTK7aJvWFg==

Redirect headers

Date
Wed, 20 Jul 2022 00:17:41 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://cdn.freshmarketer.com/454157/1405338.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
FnFksQQrl_po-c0vPJZUGSqgV-NnSu4BBqy8qR08ihJ6GdDS8kJM2w==
dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmar...
adservice.google.com/ddm/fls/i/ Frame D14E
531 B
442 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Requested by
Host: 10304459.fls.doubleclick.net
URL: http://10304459.fls.doubleclick.net/activityi;dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa642f576be15a2a7bacd08fef7d21599815fd3310e16902fe2987ca3677d39a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://10304459.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
419
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:17:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/?random=1658276261917&cv=9&fst=1658276261917&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&tiba=Email%20Login%20-%20MWEB&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e136edaa6b64b22e2e57076c59cbe86a911cdd21b9dcbd912dddbea7bff31c18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1051
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/850038554/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/850038554/?random=1658276261917&cv=9&fst=1658275200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&frm=0&url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&tiba=Email%20Login%20-%20MWEB&async=1&fmt=3&is_vtc=1&random=1390954509&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/850038554/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/850038554/?random=1658276261917&cv=9&fst=1658275200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7i0&sendb=1&frm=0&url=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&tiba=Email%20Login%20-%20MWEB&async=1&fmt=3&is_vtc=1&random=1390954509&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmar...
10304459.fls.doubleclick.net/ddm/fls/r/ Frame 8F69
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.or...
  • https://10304459.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduo...
405 B
840 B
Document
General
Full URL
https://10304459.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
15945ccaeb475c7e5440423c3af661c765d5e335e6da12c74c31b242ce20fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
340
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:17:42 GMT
expires
Wed, 20 Jul 2022 00:17:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:17:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://10304459.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=628022054477854&ev=Microdata&dl=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za&rl=&if=false&ts=1658276262114&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Email%20Login%20-%20MWEB%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22MWEB%22%2C%22og%3Atitle%22%3A%22MWEB%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mweb.co.za%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Affordable%20Fibre%2C%20LTE%2C%20ADSL%20and%20more!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.mweb.co.za%2Fmedia%2Fimages%2Fog%2FMWEB-orange-bg.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658276261221.1948585089&it=1658276261186&coo=false&es=automatic&tm=3&exp=u0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duoxpress.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 00:17:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Jul 2022 00:17:42 GMT
B24795837.283997726;sz=1x2;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/adj/N381803.197812NSO.CODESRV/ Frame 8F69
34 KB
13 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N381803.197812NSO.CODESRV/B24795837.283997726;sz=1x2;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: 10304459.fls.doubleclick.net
URL: https://10304459.fls.doubleclick.net/ddm/fls/r/dc_pre=CN3pmbyYhvkCFRLj1Qodx4IIug;src=10304459;type=mwebs0;cat=tmi_m00;ord=8794809437727;gtm=2wg7i0;auiddc=349261711.1658276261;~oref=http%3A%2F%2Fduoxpress.org%2Fmweb9090%2Findex.php%3Flogin%3Dmargvanr%40global.co.za
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
6e3e66665f3f12d3eb5529aceeec7e1cca2acab6c0204bd3b4147d87fd20e6df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10304459.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 00:17:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12839
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
portalassets.mwebaws.co.za
URL
https://portalassets.mwebaws.co.za/assets/img/mweb-legacy/m-loading.gif

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| FontAwesomeKitConfig object| prefixesArray string| prefixesSelectorString object| gaplugins function| ga object| google_tag_manager object| dataLayer function| gtag object| google_optimize object| webpackJsonp object| regeneratorRuntime object| twttr function| $ function| jQuery function| Popper object| bootstrap object| google_tag_data number| zargetMain object| freshsales object| ZargetUrlChangeTrigger function| beforeunload boolean| zg_is_new_visitor object| zargetCookie function| zg_selector function| integrations function| runZGHeatmap function| runZGPausedExp object| expEvt function| zarget$ function| fm_$ object| zargetAPI object| FMApi object| triggerHeatmapExperiment object| bulkDetails number| zarget_geo_requestedtime function| setGeoTargeting object| FM object| ZargetFormAPI object| FMFormApi function| ZargetForm object| hjSiteSettings function| hjBootstrap function| GooglemKTybQhCsO function| google_trackConversion string| GoogleAnalyticsObject object| gaGlobal object| gaData function| twq function| fbq function| _fbq function| zargetTimeout function| zargetGAInteg boolean| zarget number| zargetTimer object| _qevents function| esk function| ___esk string| TiktokAnalyticsObject object| ttq function| onYouTubeIframeAPIReady object| zarget_geoDetails function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| _b64dec function| TiktokJelly object| _jelly_sdks object| GooglebQhCsO

20 Cookies

Domain/Path Name / Value
.duoxpress.org/ Name: zarget_user_id
Value: 14d6a472-40cc-4957-f3ec-7223dc9d71f5
.duoxpress.org/ Name: 14d6a472-40cc-4957-f3ec-7223dc9d71f5
Value: 1
duoxpress.org/ Name: 14d6a472-40cc-4957-f3ec-7223dc9d71f5
Value: 1
.duoxpress.org/ Name: _gid
Value: GA1.2.1172142059.1658276261
.duoxpress.org/ Name: _gat_gtag_UA_51279388_1
Value: 1
.duoxpress.org/ Name: _gcl_au
Value: 1.1.349261711.1658276261
.duoxpress.org/ Name: _gat_UA-51279388-1
Value: 1
.duoxpress.org/ Name: _gat_UA-51279388-5
Value: 1
.duoxpress.org/ Name: _fbp
Value: fb.1.1658276261221.1948585089
.quantserve.com/ Name: mc
Value: 62d749a5-538fc-530dc-087b1
.duoxpress.org/ Name: __qca
Value: P0-1001336216-1658276261288
.duoxpress.org/ Name: _ga_85DEGRW3JJ
Value: GS1.1.1658276261.1.0.1658276261.60
.duoxpress.org/ Name: _ga
Value: GA1.1.1560985292.1658276261
.tiktok.com/ Name: _ttp
Value: 2CBW3pT2kOk1Q8pxAHQ1QOLxEFS
.duoxpress.org/ Name: _tt_enable_cookie
Value: 1
.duoxpress.org/ Name: _ttp
Value: ab301848-9324-49f8-afcf-1a9dde9b2ba4
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: a80cebd4-6684-47f9-bbe4-ed2e5ca8a6ac
.eskimi.com/ Name: __eP
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnd6B34dqjFJcusNmsyGxpMEgO6SrG4bTlBBimiki9Bo4DSQN9I8J0Y3PhS

2 Console Messages

Source Level URL
Text
network error URL: http://duoxpress.org/app/v3.1.99P/default~existing-customer-product-add-add-product-module-feature-ngfactory~existing-customer-product~be497fad.6b76106f6330120b0acd.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://portalassets.mwebaws.co.za/assets/img/mweb-legacy/m-loading.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10304459.fls.doubleclick.net
6785438.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.tiktok.com
cdn.freshmarketer.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
duoxpress.org
edge.quantserve.com
fonts.googleapis.com
googleads.g.doubleclick.net
ip.freshmarketer.com
kit-free.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
pixel.quantserve.com
portalassets.mwebaws.co.za
region1.analytics.google.com
rookdsp.com
rules.quantcount.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mweb.co.za
portalassets.mwebaws.co.za
13.32.121.73
138.199.37.226
142.250.186.70
142.250.186.98
18.66.122.93
18.66.122.95
199.232.136.157
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3b
23.36.163.232
2600:9000:223c:e600:6:44e3:f8c0:93a1
2606:4700:3035::6815:5cc8
2606:4700:3037::6815:43c3
2606:4700::6811:190e
2606:4700::6812:1734
2606:4700::6812:acf
2620:116:800d:21:c5a4:625:6563:a5bb
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:801::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:400c:c01::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.120.139.69
34.230.222.24
35.186.201.99
52.222.236.122
92.62.136.158
021a2374f281f7aace50480760050ecf611922ce8b62f8a79e87c26e49b53358
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0eccb2d5bfd2f8f392f4773b10b8b736472a1780a7e2edf909989d3c068cb215
104d273bf86569cab42d10a7e8d576e24f9138feb73f806f21052546606abe70
1091e913a4f55130abe09c9de65a36e78e9d1c1419626e782bc38cf459ef9cf1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15945ccaeb475c7e5440423c3af661c765d5e335e6da12c74c31b242ce20fe6e
172453c74fb0398995e4c06792b873932a3d3c4661b313ba9cea0660e89f12b3
1b003c0cef47915a7591daf3432a13ff38bda990d5ffdd36192c65ac639f8e8f
1eba8268d112d2903105c9b82da51799cd7467c382af9b3b94bcb41295d9c1dc
1f7adce4911af6abfa205f2742f6c392bcee8b87ed0600589e13958d711ca56f
24e5a21c63d44e1b63928bf52701e2a692848335d8f11cbcfdd6e30f1a80a8b7
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
317bef077e5711978582b50ee2686acbcb32549fa44ad12ed5242ea62ca02b8a
38a3b2cdff72d4453339354c91bcc4969ac5612675d8452b92c087eb8964ffd8
3c57fce0a5f9a38fbbbe540b5ddd8d58aed8ae47b72dd3c1cbc3ab3b5a576a55
46160c65d3df8c17b3d8da0627f868b66cd2bdaf18fcd86ccbd7326a032ef0db
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
4941bd5329bc76f609935dd8d8287cafb1e494474d889093b768360eab8b7519
4ae46f25633abede5a84b2fd51154355734d4fa086fd603560af79e16e54330c
4ba300f528f16b783dd0573ba42d084de33f18a8da29c5ec30a79e34ffb331d8
4ecb9f6808aa0d2c7a1209c7c9acff92029512f22a0d5ad104af4d688c41e392
4fd6b0559e57960f830f588230e453213e6d43070dc36d6fbcecc1f3983c0425
557291a725f1726553d573236c664f76ddf31a30050fadb4e447cde3f58a5002
5d6331e9a3672e62c18d0a66e860eaf503de2b6da2b72b511a2c8cff0b648c9b
635d1b8bca2d904072109d54cb79c89084562011af145377469f5c59a1be1c0d
6a4923350a39e2dfcf5b6a2d74344da7962d8c3276c393e87425262ef96749bc
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6e3e66665f3f12d3eb5529aceeec7e1cca2acab6c0204bd3b4147d87fd20e6df
75744e8d0748cea788fdf9cf2379321b61ef1f6f0f71f383baf232118dc998d7
7594eecfd36f944797d129f9fc902db128757d5221e22b2a47cd2edcd6a5244b
7d9f66539f14535bd8d1be1d5481132115065239a1c5efe38f1b369f378faa9d
82f1085790c63d0919dbd0a27ef69f467a234fef99dc02b3886ea1a65aa72ad9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8afc34710aa3dd12388377bbaa8f14f38c03af6d01b65e074567d7c5b6964e74
8bb5fc9903a905e279f4d59ae87d452b924e19a86f8d0bfb4f4f270ff0bc3533
8c7d372c1d6c843f90bb4dcd678b9bfd796d41936ab071bc31cdb9119eebc9ac
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
95c0a8d204241726f522512abe79ffa0237241abb65b9d6edc3320a4a2a98f5f
9815c5028421996acaf760f85539642ed35bfdb7e2ca0f4a5411530accfb4689
9c8ffaffd06aef47af22006da6893d4f8d3c56699df90b7c7298abe75050610f
9e35a3e513d10810aac992d469001c513c2d2c0db9c58b3ebcc24de7f5e57b84
9f5e4ae0af9ed23962d95d194eae772f91e0589490eddce416b74ab2a726f35f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a536f3aa0388e9bd6928a9939f0ad40ae035ca8db5f39f179e955a4a75bf2ed4
a94ca6207a9299400ab6c41d8d711c3e22c59745b3adc6818ee8a3aaffb61e07
abc24aa924e56dff66252a5b3725deb2f3aa82500e94617a61d15d19ca0974fc
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b7fd56bc5fd65fcf101d90b6ac4479062d217fa846baf5e453bbaa2c68f60f55
be97b608cd8884a143ca8e4ab36a58d0b9b8071edf522fbcaba1164f8adc9547
c3965f87047c057528dc43b4f3a9b4082f98190e6b3affd7b41bf9c914836b8a
c3feb990099bd4e571346e4815e7f7315b75447cbe6009e0e564b8257a475dfe
c9219e18910bce90507ccfc85ebdff9090e857610d4f1071163267d11adff337
c96801983acabc1a734bdaedeb21c60d37a6350d93f89e54f5872cc957821ee0
cc910d6f3f6d00fd802e3e49c3ea5ee7d3c04f4f4c771eea7eee3ed0e988d68f
ccc449263f17aa4216e8df862230d57e235b837bbfa0cd4cc27a7d5e9c278a47
ce08b826c4fa1c14a8565ee5102ef0128038a44935962cf29a117d3d3ec210ec
d36bd3f944c197c3e1c45b77a25f4fa803f661807a21503cc79a639538ce5542
d4f17806f3de4a56ed3bbfac3471f85059730dc69e8abbd05879204bb16518d3
d997a8187103169211bd2496c4f06a13c4c6aa714c6881313fb5ba10ce42e355
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e136edaa6b64b22e2e57076c59cbe86a911cdd21b9dcbd912dddbea7bff31c18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eaf929b52359d55e6370d79abb835fce1fb7d29b19af85f71c176762e7b4bf44
edb409aa049736dd46fe480689045aad49755a98772f03876b37362b2341350c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a38217ad9abc47f24255e66ba9303390c45fecde7205f317bc0122213a12ee
f99cc83ce22d814a301746a89d0f2d7994f739317569b8d974d0373392c2c259
fa642f576be15a2a7bacd08fef7d21599815fd3310e16902fe2987ca3677d39a