heyfavor.com Open in urlscan Pro
2606:4700::6812:1970 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://heyfavor.com/
Submission Tags: falconsandbox
Submission: On August 27 via api (August 27th 2022, 11:19:13 am UTC) from US — Scanned from DE

Summary HTTP 161 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 29 domains to perform 161 HTTP transactions. The main IP is 2606:4700::6812:1970, located in United States and belongs to CLOUDFLARENET, US. The main domain is heyfavor.com. The Cisco Umbrella rank of the primary domain is 655971.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2022. Valid for: a year.

This is the only time heyfavor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
69	2606:4700::68... 2606:4700::6812:1970	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.239.137.228 52.239.137.228	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:10:... 2606:4700:10::ac43:2a0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.145.120.46 54.145.120.46	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.17.100 108.138.17.100	16509 (AMAZON-02) (AMAZON-02)
9	18.66.115.169 18.66.115.169	16509 (AMAZON-02) (AMAZON-02)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
8	23.36.163.228 23.36.163.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:9000:223... 2600:9000:223f:b800:17:3f5c:f800:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1870	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
11	35.188.42.15 35.188.42.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.17.199 18.66.17.199	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:6800:3:760:2800:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:9600:17:f683:1d40:21	16509 (AMAZON-02) (AMAZON-02)
1 2	52.211.158.203 52.211.158.203	16509 (AMAZON-02) (AMAZON-02)
1	18.66.120.247 18.66.120.247	16509 (AMAZON-02) (AMAZON-02)
1	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2620:1ec:27::... 2620:1ec:27::cafe:1759	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
1	44.240.162.122 44.240.162.122	16509 (AMAZON-02) (AMAZON-02)
2	34.204.155.126 34.204.155.126	14618 (AMAZON-AES) (AMAZON-AES)
4	34.234.23.220 34.234.23.220	14618 (AMAZON-AES) (AMAZON-AES)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
161	42

69 2606:4700::6812:1970 (United States)

ASN13335 (CLOUDFLARENET, US)

heyfavor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.heyfavor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.137.228 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

openbadges.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2a0c (United States)

ASN13335 (CLOUDFLARENET, US)

static.legitscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.120.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-120-46.compute-1.amazonaws.com

accreditnet.urac.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-100.fra56.r.cloudfront.net

cdn.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:b800:17:3f5c:f800:21 (United States)

ASN16509 (AMAZON-02, US)

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1870 (United States)

ASN13335 (CLOUDFLARENET, US)

api.heyfavor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.17.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-199.vie50.r.cloudfront.net

dvqigh9b7wa32.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:6800:3:760:2800:21 (United States)

ASN16509 (AMAZON-02, US)

d330aiyvva2oww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9600:17:f683:1d40:21 (United States)

ASN16509 (AMAZON-02, US)

d1lu3pmaz2ilpx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.158.203 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-158-203.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1759 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.162.122 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-162-122.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.204.155.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-155-126.compute-1.amazonaws.com

api.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.234.23.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-23-220.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	heyfavor.com heyfavor.com — Cisco Umbrella Rank: 655971 api.heyfavor.com	3 MB
11	sentry.io sentry.io — Cisco Umbrella Rank: 368	4 KB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1231 clientstream.launchdarkly.com — Cisco Umbrella Rank: 987 events.launchdarkly.com — Cisco Umbrella Rank: 834	1 KB
9	segment.com cdn.segment.com — Cisco Umbrella Rank: 1396	86 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 928	130 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 512 c.clarity.ms — Cisco Umbrella Rank: 954 e.clarity.ms — Cisco Umbrella Rank: 5428	26 KB
6	cloudfront.net d2hrivdxn8ekm8.cloudfront.net dvqigh9b7wa32.cloudfront.net d330aiyvva2oww.cloudfront.net d1lu3pmaz2ilpx.cloudfront.net	29 KB
5	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2197 rs.fullstory.com — Cisco Umbrella Rank: 1888	66 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 972	1 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 346 c.bing.com — Cisco Umbrella Rank: 204	13 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	20 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	416 B
3	sprig.com cdn.sprig.com — Cisco Umbrella Rank: 14376 api.sprig.com — Cisco Umbrella Rank: 8650	66 KB
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6564	1 KB
2	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 604 ib.adnxs.com — Cisco Umbrella Rank: 230	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	112 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5391	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	133 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 915	172 B
1	google.de www.google.de — Cisco Umbrella Rank: 6076	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 9	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108	440 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 968	8 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 517	355 B
1	t.co t.co — Cisco Umbrella Rank: 489	338 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 606	15 KB
1	urac.org accreditnet.urac.org — Cisco Umbrella Rank: 213752	112 KB
1	legitscript.com static.legitscript.com — Cisco Umbrella Rank: 36199	15 KB
1	windows.net openbadges.blob.core.windows.net — Cisco Umbrella Rank: 133182	18 KB
161	29

	Domain	Requested by
67	heyfavor.com	heyfavor.com
11	sentry.io	heyfavor.com
9	cdn.segment.com	heyfavor.com cdn.segment.com
8	analytics.tiktok.com	heyfavor.com analytics.tiktok.com
4	events.launchdarkly.com	heyfavor.com
4	tr.snapchat.com	edge.fullstory.com heyfavor.com
4	app.launchdarkly.com	heyfavor.com
4	rs.fullstory.com	edge.fullstory.com heyfavor.com
3	e.clarity.ms	heyfavor.com
3	www.facebook.com	heyfavor.com
3	api.heyfavor.com	heyfavor.com
3	d2hrivdxn8ekm8.cloudfront.net	heyfavor.com d2hrivdxn8ekm8.cloudfront.net
3	bat.bing.com	heyfavor.com bat.bing.com
3	www.google-analytics.com	heyfavor.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	api.sprig.com	edge.fullstory.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	segment.prod.bidr.io	1 redirects heyfavor.com
2	connect.facebook.net	heyfavor.com connect.facebook.net
2	dev.visualwebsiteoptimizer.com	heyfavor.com
2	www.googletagmanager.com	heyfavor.com
1	c.bing.com	1 redirects
1	api.segment.io	edge.fullstory.com
1	clientstream.launchdarkly.com	heyfavor.com
1	www.google.de	heyfavor.com
1	www.google.com	heyfavor.com
1	stats.g.doubleclick.net	heyfavor.com
1	ib.adnxs.com	heyfavor.com
1	sc-static.net	heyfavor.com
1	d1lu3pmaz2ilpx.cloudfront.net	heyfavor.com
1	d330aiyvva2oww.cloudfront.net	heyfavor.com
1	dvqigh9b7wa32.cloudfront.net	heyfavor.com
1	analytics.twitter.com	heyfavor.com
1	t.co	heyfavor.com
1	acdn.adnxs.com	d2hrivdxn8ekm8.cloudfront.net
1	region1.google-analytics.com	www.googletagmanager.com
1	static.ads-twitter.com	heyfavor.com
1	edge.fullstory.com	heyfavor.com
1	cdn.sprig.com	heyfavor.com
1	accreditnet.urac.org	heyfavor.com
1	static.legitscript.com	heyfavor.com
1	openbadges.blob.core.windows.net	heyfavor.com
161	42

This site contains links to these domains. Also see Links.

Domain
mybadges.us.openbadges.me
safe.pharmacy
www.legitscript.com
accreditnet.urac.org
www.facebook.com
www.instagram.com
twitter.com
www.tiktok.com
youtube.com
apps.apple.com
play.google.com
jobs.lever.co
forms.gle

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-10` - `2023-03-10`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2022-06-12` - `2023-06-12`	a year	crt.sh
accreditnet.urac.org Amazon	`2021-10-07` - `2022-11-04`	a year	crt.sh
api.sprig.com Amazon	`2021-08-31` - `2022-09-29`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.fullstory.com R3	`2022-08-13` - `2022-11-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-05` - `2022-09-03`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
clientstream.launchdarkly.com Amazon	`2021-09-21` - `2022-10-19`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
app.sprig.com Amazon	`2022-03-01` - `2023-03-31`	a year	crt.sh
events.launchdarkly.com Amazon	`2022-08-19` - `2023-09-16`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://heyfavor.com/
Frame ID: 60A0143A6B10EF5F3F173F4C87884ED3
Requests: 166 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=11368bbe-4a70-48fd-92c9-930c9ff5b43f&u_scsid=0ab534d0-f45b-45f4-8240-6610c5ceaebc&u_sclid=4fc1273d-f275-4730-9283-22dc5227d529
Frame ID: 844EA226E6F0289ACD0E82D153AB6BB3
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 89CEFBED9716B46114B64318019E1702
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9EC768BFB66863C940ABBFFBC2F3345F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Favor | Online Women's Health & Personal CareFavor LogoFavor Logo MarkFavor Logo MarkDownload_on_the_App_Store_Badge_US-UK_RGB_blk_4SVG_092917

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

161
Requests

99 %
HTTPS

39 %
IPv6

29
Domains

42
Subdomains

42
IPs

5
Countries

4194 kB
Transfer

8919 kB
Size

32
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://mybadges.us.openbadges.me/api/badgeitem/cf7a9025-f9b0-4148-882e-fa36555ad696/metadata

Search URL Search Domain Scan URL

URL: https://safe.pharmacy/buy-safely/?url=thepillclub.com
Title: <picture><source type='image/webp' srcset="/static/7c66a4c07911591cd3bcc39620461e28/c6edb/logo-pharmacy.webp 30w, /static/7c66a4c07911591cd3bcc39620461e28/05cc6/logo-pharmacy.webp 60w, /static/7c66a4c07911591cd3bcc39620461e28/e56d6/logo-pharmacy.webp 120w, /static/7c66a4c07911591cd3bcc39620461e28/1a890/logo-pharmacy.webp 180w, /static/7c66a4c07911591cd3bcc39620461e28/9f4ce/logo-pharmacy.webp 240w, /static/7c66a4c07911591cd3bcc39620461e28/d50ec/logo-pharmacy.webp 901w" sizes="(max-width: 120px) 100vw, 120px" /><source srcset="/static/7c66a4c07911591cd3bcc39620461e28/a74cd/logo-pharmacy.png 30w, /static/7c66a4c07911591cd3bcc39620461e28/1b595/logo-pharmacy.png 60w, /static/7c66a4c07911591cd3bcc39620461e28/16c7d/logo-pharmacy.png 120w, /static/7c66a4c07911591cd3bcc39620461e28/e0491/logo-pharmacy.png 180w, /static/7c66a4c07911591cd3bcc39620461e28/2b087/logo-pharmacy.png 240w, /static/7c66a4c07911591cd3bcc39620461e28/0fea3/logo-pharmacy.png 901w" sizes="(max-width: 120px) 100vw, 120px" /><img loading="lazy" sizes="(max-width: 120px) 100vw, 120px" srcset="/static/7c66a4c07911591cd3bcc39620461e28/a74cd/logo-pharmacy.png 30w, /static/7c66a4c07911591cd3bcc39620461e28/1b595/logo-pharmacy.png 60w, /static/7c66a4c07911591cd3bcc39620461e28/16c7d/logo-pharmacy.png 120w, /static/7c66a4c07911591cd3bcc39620461e28/e0491/logo-pharmacy.png 180w, /static/7c66a4c07911591cd3bcc39620461e28/2b087/logo-pharmacy.png 240w, /static/7c66a4c07911591cd3bcc39620461e28/0fea3/logo-pharmacy.png 901w" src="/static/7c66a4c07911591cd3bcc39620461e28/16c7d/logo-pharmacy.png" alt="Accreditation pharmacy" style="position:absolute;top:0;left:0;opacity:1;width:100%;height:100%;object-fit:cover;object-position:center"/></picture>

Search URL Search Domain Scan URL

URL: https://www.legitscript.com/websites/?checker_keywords=heyfavor.com

Search URL Search Domain Scan URL

URL: https://accreditnet.urac.org/directory/#/accreditation/MSP-23/info
Title: Mail Service PharmacyCaliforniaExp. 03/01/2025

Search URL Search Domain Scan URL

URL: https://accreditnet.urac.org/directory/#/accreditation/MSP-24/info
Title: Mail Service PharmacyTexasExp. 03/01/2025

Search URL Search Domain Scan URL

URL: https://www.facebook.com/heyfavor

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heyfavor

Search URL Search Domain Scan URL

URL: https://twitter.com/heyfavor_

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@heyfavor

Search URL Search Domain Scan URL

URL: https://youtube.com/heyfavor

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/favor-the-pill-club/id1585622768?itsct=apps_box_link&itscg=30200
Title: Download_on_the_App_Store_Badge_US-UK_RGB_blk_4SVG_092917

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.heyfavor.app
Title: .st0{fill:#a6a6a6}.st1{stroke:#fff;stroke-width:.2;stroke-miterlimit:10}.st1,.st2{fill:#fff}.st3{fill:url(#SVGID_1_)}.st4{fill:url(#SVGID_2_)}.st5{fill:url(#SVGID_3_)}.st6{fill:url(#SVGID_4_)}.st7,.st8,.st9{opacity:.2;enable-background:new}.st8,.st9{opacity:.12}.st9{opacity:.25;fill:#fff}

Search URL Search Domain Scan URL

URL: https://jobs.lever.co/heyfavor
Title: Careers

Search URL Search Domain Scan URL

URL: https://forms.gle/DCiM63m7idZsSoxs7
Title: Pharmacy Grievance Form

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-1100&value=&uncacheplz=4665358161 HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-1100&value=&uncacheplz=4665358161&_bee_ppp=1

Request Chain 164

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=A4621873DC97444399757C7ADF7A7FC4&RedC=c.clarity.ms&MXFR=0D1300FECDA2616C2A0E12F3C9A26FA3 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=A4621873DC97444399757C7ADF7A7FC4&MUID=057223B53877670339FF31B8391C66BE

161 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
heyfavor.com/ 441 KB
70 KB 153ms
101ms Document
text/html 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82151aa510fd0af6dbfd2aeb3b0170707ba34486c66bf7f0be35a58f2753a68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29468
cache-control: public, s-maxage=600, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74146904a8039012-FRA
content-encoding: br
content-type: text/html
date: Sat, 27 Aug 2022 11:19:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 23 Aug 2022 20:00:47 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-amz-cf-id: FR_-_HOfWYAAxZpKjK2olp4m0Am0TQr_-HHhKGKNe9D3R8KecTX87w==
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: vtcRaUzSyK2SOCVywpJiRy9QwPttaILX
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 cardinalclassicshort-italic.woff2
heyfavor.com/fonts/cardinalclassicshort/ 69 KB
69 KB 76ms
67ms Font
font/woff2 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/cardinalclassicshort/cardinalclassicshort-italic.woff2

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51d465204f1616619123a5f4c2a9034d346b8a90bb32f3127b65df3f4a828124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
vary: Accept-Encoding
content-length: 70544
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7cc30349ea943f5a51b0bc50d399b65d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 9qSj45CTs3oqrkd4ySOFh2kLdjwf43iA
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74146905893d9012-FRA
x-amz-cf-id: heRVZd0mHe5qX-MMPXCLK6JyGffW7QKr0_P0ry-F-T3IM84FseGX0g==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 cardinalclassicshort-medium.woff2
heyfavor.com/fonts/cardinalclassicshort/ 63 KB
64 KB 265ms
252ms Font
font/woff2 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/cardinalclassicshort/cardinalclassicshort-medium.woff2

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8197017ca2bd7f6c4c838e44326b8096f534346e0dc2a2156f2302147c84a6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
vary: Accept-Encoding
content-length: 65012
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "735a9bae5757b6a0ecc442d5f3fa20b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: RB0wsk8MBCBHsTCD39U52DJhR8W3AmpD
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74146905893e9012-FRA
x-amz-cf-id: BYoCEgbtLZMqmWF_SyWj38Fhq03QKI1Ulqd5dCi91MaIACUA_DHteQ==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 cardinalclassicshort-regular.woff2
heyfavor.com/fonts/cardinalclassicshort/ 60 KB
60 KB 175ms
161ms Font
font/woff2 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/cardinalclassicshort/cardinalclassicshort-regular.woff2

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab9c7e25e3f08cd8217140bbcf6187c439b51e1d4835f514079012376e7cc5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
vary: Accept-Encoding
content-length: 61144
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "46fadd93e361fae1702ab49100becf01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 7spvRxHEP.pJGfs0kLBcVJDTT41wnNbX
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74146905893f9012-FRA
x-amz-cf-id: iUOmac8O6Uiu-t73FmbAHNWhdjTp1ihU7pjRXhZARPtH7OcsU0qUwg==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 esklarheitgrotesk-regular.woff2
heyfavor.com/fonts/esklarheitgrotesk/ 44 KB
45 KB 254ms
241ms Font
font/woff2 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/esklarheitgrotesk/esklarheitgrotesk-regular.woff2

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71b126f2c657e0b482598368af910b3e432eccf93499234c4933a298934486c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
vary: Accept-Encoding
content-length: 45448
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "202f51f717697d363e01a6ac808085aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 58kBCZt6aW48FtfMBqtzWvnuMIqf1fjy
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690589419012-FRA
x-amz-cf-id: OtHGsk3hB4bP_yRNQFyM1nw488tYl0uA9GTFfqHm9FDTTTCHSVh4XA==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 esklarheitgrotesk-medium.woff2
heyfavor.com/fonts/esklarheitgrotesk/ 44 KB
45 KB 150ms
137ms Font
font/woff2 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/esklarheitgrotesk/esklarheitgrotesk-medium.woff2

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e018824352006426fef7bc1be248632896fc37f396cb55c2cfa98c4d41c1e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
vary: Accept-Encoding
content-length: 45552
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "625247f4d6a50b08775e56d2e1ba5267"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: NnFfUW_.Cbl83OzR.ij7_Mhpn0xMaBpC
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690589429012-FRA
x-amz-cf-id: DrkXXilxEUrtyCsuXQv3turIWHj9c0c8E70tOCAOuOEGwWtY71YIpA==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 esklarheitgrotesk-extrabold.woff2
heyfavor.com/fonts/esklarheitgrotesk/ 44 KB
44 KB 208ms
195ms Font
font/woff2 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/esklarheitgrotesk/esklarheitgrotesk-extrabold.woff2

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f06eab94c3d9fd7e52bd6020165f49c01af90af1c3c5c5444f201d8c5d156f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 ab553edf4372e7270c4dfe91ddaa27ec.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: SOF50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
vary: Accept-Encoding
content-length: 45100
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "9aac6d334e59d6c4ec51ed0b07497e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: DokB1NMa6kohHj2_wtjcMW_Xf4HVjlAw
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690589439012-FRA
x-amz-cf-id: Wu5EQ0a499VHvmyJN2TiGK9vfAlpOUymZZwZ1h3rrq4kt44Zkdb_lw==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 cardinalclassicshort-italic.woff
heyfavor.com/fonts/cardinalclassicshort/ 90 KB
91 KB 115ms
102ms Font
font/woff 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/cardinalclassicshort/cardinalclassicshort-italic.woff

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b415a7004e74c148bad8d2c28dcc15bfd763fe911246c8ed4f9948af493064f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff
vary: Accept-Encoding
content-length: 92449
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c7c4ce76e0778133bfe86ea67c6515b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: HCj1mHD0jKntDWlBORY51MUEDpjRmL0S
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690589449012-FRA
x-amz-cf-id: z4oIOzkglpveo3dfhy1IPc1p4RjdfYJluKUshw5gHsojgBje33Siyg==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 cardinalclassicshort-medium.woff
heyfavor.com/fonts/cardinalclassicshort/ 81 KB
82 KB 93ms
81ms Font
font/woff 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/cardinalclassicshort/cardinalclassicshort-medium.woff

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6100664bdb731c370aff8e724c1024b343dec2ae2f4832a03c65ca22a477ca1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 83421
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Aug 2022 20:59:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "57829f6b6c5822942a205a22e65fd961"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: WtxIx4NIbYgysjn0zlPQIp_D9o_9sRqo
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690589459012-FRA
x-amz-cf-id: dziZQS2tpCtbDjLSy3SipSlZ_3pYvcskunsgfT8GtofXMNt1uNjS8w==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 cardinalclassicshort-regular.woff
heyfavor.com/fonts/cardinalclassicshort/ 77 KB
78 KB 93ms
80ms Font
font/woff 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/cardinalclassicshort/cardinalclassicshort-regular.woff

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b105d4e7588814ba24bd528d6a271222f9b949c542edc71bbfe0a6d17cdc8aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff
vary: Accept-Encoding
content-length: 79121
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "4066a41690161b93c099b65d9714c36d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: sx7Y3NpZof2iNY4zTPqxdWJJZD78ESEG
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690589469012-FRA
x-amz-cf-id: boxCD5bHadeu4EIzWGJPTA7_n-_7VP-vbJDCcf_yNqXJ3b7FOPNM8g==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 esklarheitgrotesk-regular.woff
heyfavor.com/fonts/esklarheitgrotesk/ 48 KB
48 KB 217ms
205ms Font
font/woff 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/esklarheitgrotesk/esklarheitgrotesk-regular.woff

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548c14d7f76f73bd21b7bda2e10a1cbb05e2af54d196fc6758b48753acb415c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 372d52a6d21124688cfe416054ca6d3e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: SOF50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: font/woff
vary: Accept-Encoding
content-length: 49348
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a98148d07a08dc986b96d412bfbbe64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 1mc5SpUthLtXZjsN.SehEHJWVYvDDdaT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690589479012-FRA
x-amz-cf-id: nvPHjnOuxJMARIFmMABDxOpE7Qv3qaJW2_oQwLUhwyZlxqak9iX2Hw==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 esklarheitgrotesk-medium.woff
heyfavor.com/fonts/esklarheitgrotesk/ 48 KB
49 KB 294ms
282ms Font
font/woff 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/esklarheitgrotesk/esklarheitgrotesk-medium.woff

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

957e428906cf01222943dd7dc9e356d31bb7996ce8c90b5e50f94f5c6bc130d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: font/woff
vary: Accept-Encoding
content-length: 49500
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "70819d902746773c3062f3bcc1298f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: e5UTuNGjE9tSSOxkDvkaTVXwHSraneZB
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74146905a9649012-FRA
x-amz-cf-id: duK6QS7UAzlMEVme9pnXulxvh0UkfgnPaaQvDlCbFur0ZcObHCoHfg==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 esklarheitgrotesk-extrabold.woff
heyfavor.com/fonts/esklarheitgrotesk/ 48 KB
48 KB 144ms
132ms Font
font/woff 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/fonts/esklarheitgrotesk/esklarheitgrotesk-extrabold.woff

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69abb16bad280f8625cd5a08571885e53276c558aa5ad86fe8917f26e8a0f9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 474c1f9e4f90d966183096db3c75a440.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: SOF50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff
vary: Accept-Encoding
content-length: 48868
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "785dca7cc327e27706633e17b8024422"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: lanHBQHK8rXYQJCCr5ZRBbozeNRtcZ_P
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74146905a9659012-FRA
x-amz-cf-id: h2cm4g5AcXGp9woLLo7hMMAyJLLOY1KcbufRFjGi84bTI1tNwm1Hdw==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 webpack-runtime-d8cbc05b065f0cb5e821.js Show response
heyfavor.com/ 9 KB
4 KB 93ms
81ms Script
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/webpack-runtime-d8cbc05b065f0cb5e821.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94cf8da47ed2da83103481159feb3cf359d5d5af416de7b1d459cd7d007ba2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cf-ray: 74146905a9669012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:02:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f266dd70063052e51679163a31e40c3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: nz6VmJZXZMyEK54y2LVUdgiE36iM5LHD
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=9496
content-type: application/javascript
x-amz-cf-id: 2PPRUfF3fbXC115SA4_Lmaes__gnxKZebPOhX4xKt_wjLf0z8iTwow==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 framework-e4bed4ea1f707eaeb568.js Show response
heyfavor.com/ 127 KB
42 KB 278ms
266ms Script
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/framework-e4bed4ea1f707eaeb568.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

576168b41d839b93155749231bc15275e22a6c7ce6231664daa42013ca679cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cf-ray: 74146905a9679012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"fd75c9b1411813af85863be0dab58d21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: dji1MPYGrLiMx0m5G.Z0EC_p_r_pT79k
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=129774
content-type: application/javascript
x-amz-cf-id: 51HbB1BbUiSB_hUxF__LqT3kAMx1hLXHvSyRLgCKw1EyZnZFOZKJcg==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 47e070a9-3d90840ab24aba42592a.js Show response
heyfavor.com/ 115 KB
21 KB 277ms
265ms Script
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/47e070a9-3d90840ab24aba42592a.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47eb5051c5909dbf63a03301dfdb22d6dab29649fd5cb98f7d216e66c2343eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cf-ray: 74146905a9699012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"071740c8d34d0223f05ed1c995736eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: X.sIDR.03Y6utdRXm53pQMEn087UBr.6
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=118163
content-type: application/javascript
x-amz-cf-id: sCIO0EjVJ7TCLUDp-_XNvAyWSJV3uqyy4-xjcbr2bowyCjKd7VchZQ==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 264f4c51-ed5fb40d0aad130a7336.js Show response
heyfavor.com/ 117 KB
23 KB 97ms
86ms Script
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/264f4c51-ed5fb40d0aad130a7336.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c78895e8272bc131fb08929bc63c9b998b56befa7cf4210696c743708cb451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cf-ray: 74146905a96a9012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"41e4a0645211fc484056ee77b7e31cef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 5HBuxji5i6OdNYXpcX8JMmrHXHIt6j4U
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=119970
content-type: application/javascript
x-amz-cf-id: 6nJ80zDa1o2tbLfamjlJHTRe1ykGrx8-x4bklCj3GMVLYj14EwxKQw==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 app-35792ec8f8f4a8b7dc2d.js Show response
heyfavor.com/ 3 MB
741 KB 115ms
105ms Script
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adc1d054715d5fc3793422b0166342d48ece603009d4537409fc5eb5a8df976e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cf-ray: 74146905a96b9012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b3bb429edb9141b82d3d214d0e40dc26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: IZ59OmUWdBIr5r9xOgKAbCvfgozfIgfu
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=2726794
content-type: application/javascript
x-amz-cf-id: tCPkw-ameXvPYqgIhSsJat0hBrUw-As7AjcUVNJGUoTx8rlEuPea1g==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 63d6012bee9e1d8b0bcd48e064e0bb34e1ced63a-26c5ebea66fb173868e8.js Show response
heyfavor.com/ 10 KB
4 KB 92ms
82ms Script
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/63d6012bee9e1d8b0bcd48e064e0bb34e1ced63a-26c5ebea66fb173868e8.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a109ba92835f5651de94e54210e126f5533c70a2b7997ad2b02b4b1797db6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cf-ray: 74146905a96d9012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"88aa9189f7ff2de69599a2bb453ef2a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: hTN0JgFAy1HZaZ_n780Sj6psec51U84i
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=10557
content-type: application/javascript
x-amz-cf-id: RJl3qodhDtuhrCKC90JlDugztWTEt0aqoCSznBwS4Ntgm4k2seoe-Q==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 35bedeee30f5d6d3f611addd89ce7aa1466d5e2c-821fe8d373ac5c1d62a3.js Show response
heyfavor.com/ 78 KB
20 KB 274ms
264ms Script
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/35bedeee30f5d6d3f611addd89ce7aa1466d5e2c-821fe8d373ac5c1d62a3.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a44cb3ab624a66fde9c097e682d05a1901615ed6427a13520da2bc3d9dd5327d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cf-ray: 74146905a96e9012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3ba04c42d92739a83b6b273d77e8678e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 15KiVVuU.7cAaCJ1u6HFZfU5O0R3eve8
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=79851
content-type: application/javascript
x-amz-cf-id: H1favFD9J2pBA1NUrhuRdvpbgUui4pGZjFdK5krmtDZqxkRJH3QgyQ==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 7cdd2ec26fe048bc96b640199b269c2d52ba6599-175476e97fafdc93f5f4.js Show response
heyfavor.com/ 84 KB
28 KB 93ms
83ms Script
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/7cdd2ec26fe048bc96b640199b269c2d52ba6599-175476e97fafdc93f5f4.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c66dfb60b1239ab32548a57d866ec2dc462bd9887e22642335bf0ccfab662438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
cf-ray: 74146905a96f9012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cf1e5d852e77f2870b6c2d181bbec4c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zHEZBHyphYvcls42nLX.JBPntd6jgDMj
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=86396
content-type: application/javascript
x-amz-cf-id: yMo6f7manjt7ZVSoJTbTqVHnxh1jaWy4nF4E0l_scjDcy9-Rsy3Y2w==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 1a269bac0991a58a242671fee4d4e2923d53e303-67095c0d3bb8b436f5ff.js Show response
heyfavor.com/ 19 KB
5 KB 170ms
161ms Script
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/1a269bac0991a58a242671fee4d4e2923d53e303-67095c0d3bb8b436f5ff.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0016ea455df21a028931e0748795768f71a8ca5ea6921d0100cc4ec534187a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
cf-ray: 74146905a9709012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1e2d911b673e6ccd097e25eaf4784128"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: YvfMJvqgtpR_f21WgHJ1JEvnJbyth_pI
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=20023
content-type: application/javascript
x-amz-cf-id: YQhrNKiFto7rJIqpeKSvwzWrwoAeTUgk_RY0EC_Zs8vxIys_tTHVFw==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 component---src-pages-index-tsx-a34ce6bcee19aad4c83b.js Show response
heyfavor.com/ 49 KB
11 KB 91ms
81ms Script
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/component---src-pages-index-tsx-a34ce6bcee19aad4c83b.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33f77b5b9eae0ba894811e0f0642366432b216be90ad62d0fca3807db2da368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cf-ray: 74146905a9719012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4df26950c208e09bf87c9f686c12ef59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: JQxTzc6iVMTaRV54i9tUHXmfDQcJCfnY
cf-bgj: minify
cache-control: public, max-age=31536000
cf-polished: origSize=50169
content-type: application/javascript
x-amz-cf-id: 0q0v1BdWmq-fQXoeFfxzQCJQ_lneUMKN2IcSqOw-4L58zoM2KnBAiw==
expires: Sun, 27 Aug 2023 11:19:05 GMT

GET
H2 200 page-data.json
heyfavor.com/page-data/index/ 308 B
531 B 93ms
83ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/index/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09820f2d6fdb27c3f1e04ff22a783388d8ed0a13c047c83d22b24e39819d59ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38799
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"680da80c8e47c80bafc9886bac20f122"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Cdfwhl6bbMDjrXVCKT_agS_5b6YfB2IJ
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a9729012-FRA
x-amz-cf-id: 88xjVDoEwmEUFClaxU9Ar23HLcRDu4MvFk1DkJN7DK_G2O-ekRTIow==

GET
H2 200 1068838283.json
heyfavor.com/page-data/sq/d/ 5 KB
3 KB 113ms
104ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/1068838283.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72c3eaf1a2322f650107229306f6b9b51e6195e436bb1297cc4aaa20a6c66003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"46cfbdfc05201d115cbd8b29600f2bd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: LpbIWdpX0J5srSq4I6HlNoYOOUVSXpIj
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a9759012-FRA
x-amz-cf-id: 8XHEShF-ygayssgct2Bwns5n1AAQtJHdsJwiTx1fqCX8zFC2ELZK5w==

GET
H2 200 1118248830.json
heyfavor.com/page-data/sq/d/ 2 KB
986 B 114ms
105ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/1118248830.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e22cc924a95f1e3712e89118c45aabf62d0b57c031d859527088c488cfb2049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f6bcc023ec17a5aa3096756964ae0d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: oZNidzU4D3DqsR9.JgLZxgdzHKB0_tqR
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a9769012-FRA
x-amz-cf-id: LoNsVYv8SR9VEQYT_-QQRgRddklIINIEhCT9pzU__SVwe_Bu6GVHAg==

GET
H2 200 1652612511.json
heyfavor.com/page-data/sq/d/ 2 KB
1 KB 95ms
87ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/1652612511.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa3fc57ea1e5aede40ddc6d13e7eecf36c9fd46e1e4df71fffcd4869f0fab027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cd0ef93c58e54a72bc811ba4694dbe17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: frtuJpHz.ejveXRAZtrSp8lvrWkRMHrT
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a9779012-FRA
x-amz-cf-id: ovVGmmzxMCw9U8_MX2RpzPWHlfKbTFKDUcs9CL0E37l6xmGoGwAVCQ==

GET
H2 200 1769990875.json
heyfavor.com/page-data/sq/d/ 2 KB
1 KB 114ms
105ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/1769990875.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a58cfc86586d5c5a5b8fb148833453f2212a3c8c36b23f537c4ff4881ced63b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38371
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7839240a1975116680a22f70d1034638"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: j5tYicfiZXSF_dncITWahTZ4B9m7Fveh
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a9799012-FRA
x-amz-cf-id: WB0TNgALqEJn1etTuOJpcU2ViBO8Eh-boudurVFWT4X77j3D_FZeKg==

GET
H2 200 2162914248.json
heyfavor.com/page-data/sq/d/ 979 B
693 B 112ms
103ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/2162914248.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1990cda81ea0b3ea4e132c022ffc3361647e2cc1dd3d3ba3e8301a52a79abbce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 39217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e1ae99874f7573e32ea8205d7d044979"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ABUW2NJ6TvwnR2hs1IznJcqki6Ub8yef
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a97a9012-FRA
x-amz-cf-id: US4EZyEVP2QV0jgZng4nsLmWYSeqAXyrafUbuV7HmCpqxlHXA5dtng==

GET
H2 200 2349621895.json
heyfavor.com/page-data/sq/d/ 4 KB
1 KB 115ms
106ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/2349621895.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef13c0c22a1c93afdb2f43773e354681c48e2919d3a4c53c8ef1b9b9813c26fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 21599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"16b145ab79823d67d6a66cba1f3e86bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 6_.GS9pidEjzW5U8hUjUjCSdePQ.gUhV
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a97b9012-FRA
x-amz-cf-id: bYvwv9u2G8FUg5wbADQYd5Wz2YdWb3bhT_lxcFKsvoj33UTo_uHcFQ==

GET
H2 200 2403045694.json
heyfavor.com/page-data/sq/d/ 3 KB
2 KB 343ms
335ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/2403045694.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e381eed808722619ad733fe6b2dde9c702c2ff708379912e55f6998f712604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"eca9c26463910c5e1407008fdb1ebb0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MAoQ48X6aLkyDddSZXEN8CIE5B.f3MLn
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a97c9012-FRA
x-amz-cf-id: VtpIoV58jqOf0eUfB6mLbPYZRFFSxcJThTwJTF9oynhpq_AaasGWFA==

GET
H2 200 2980776312.json
heyfavor.com/page-data/sq/d/ 7 KB
2 KB 112ms
104ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/2980776312.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2307506bc941a54c6669c279ddd50a29a023552798c5fef9e5909eb566d81644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4aff259953e5ac4e19e3abfab4f41f6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: tZZ8gQEDtKClbrqAG6NFpQMPH_igPlBd
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a97d9012-FRA
x-amz-cf-id: OvD5JvmED09gRKY7Hw4wWbl9q-nmXJGVg3D2_SJffJh0OkAj0Xbsjg==

GET
H2 200 3677457280.json
heyfavor.com/page-data/sq/d/ 2 KB
992 B 112ms
104ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/3677457280.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a0f2d0f378aea2c616d414b9503e8c661831ca21430ff0d689a03d9ac5a164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c47b5be0b30d6047225b25e20622b4a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Aau9MQtP1tMl.C41lrjEhD0uR08TGDLZ
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a97e9012-FRA
x-amz-cf-id: aO0mpsCJxwGvDEJcOm_Vnzo1bksdcGPako94jckwTEda7r0u-GRvyQ==

GET
H2 200 3769036625.json
heyfavor.com/page-data/sq/d/ 1 KB
1 KB 110ms
102ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/3769036625.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b60f0fd0a33a24cbd5588f98cdc54ea955f9fc73af16ef63e81a948ab8531e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 39217
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b7cbc1d642696d4db84afe982ffebb5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: PNqu6OkRNUu.jFxpyOv7sizW.Wx.YWye
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a9819012-FRA
x-amz-cf-id: wadGpIcJirf9C4tktI4HcZCmPJ0wtUL8kbP8VYF5I60-ekT0SyRnAQ==

GET
H2 200 3962433687.json
heyfavor.com/page-data/sq/d/ 2 KB
1 KB 277ms
270ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/3962433687.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e550e3495653e2af88cd28b47444fddb50d3a4c205c567ffe3263ddd23ab9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d17645923ace8c5a76219f161feb549"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: LAtJRCqKQbkEUmgkT.Paw9SFb3mHem5D
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a9829012-FRA
x-amz-cf-id: xN3AqRbiyhmj4oeJm9EDkfVuwgdM2CthQgfRnXcox49xAn6N5wy12w==

GET
H2 200 440234706.json
heyfavor.com/page-data/sq/d/ 4 KB
1 KB 247ms
239ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/440234706.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3fcab204628398b42ee1723cbfdb548a4325de4f87cd296f9bb004f4f8baf58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 21599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"63fcf1ae1e549813b8f45d9e6d7d16c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 9FDj8_gUICcM1phONtYNsmrKD.rGrp5D
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a9839012-FRA
x-amz-cf-id: VwAtJBxy18xYkzJiS0Zjl5sbhqkreOQTD6_QgKDG5Wnq4vH86BGWvw==

GET
H2 200 771230134.json
heyfavor.com/page-data/sq/d/ 2 KB
1 KB 110ms
103ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sq/d/771230134.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ede78f19927e6d072279117c121702f39ff57e3e60c0a50559291e9ea3ec2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ba79710e577323eb631537d436bbebe3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ORm.7tgYbb7sIvmAegAVDZHKVYf7sgfX
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a9849012-FRA
x-amz-cf-id: gBPnIASOTRQkc1FDAb3JOLPPihV5OSzG5sc4gwCNVDx48JTBtHhh1g==

GET
H2 200 app-data.json
heyfavor.com/page-data/ 50 B
379 B 110ms
103ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/app-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5bc4d97e0511fdd057892e0a4db83987b1bb4774df143371be7d55aec058db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38471
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7de8470b4888be6df436eb8ccc38037c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ds82ThKGhIKMqoCiTXz_6ITB55cg3m4E
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 74146905a9859012-FRA
x-amz-cf-id: JrqGGJNQv4_FD9WZuaXmEUpeFWcX1sULjjEixH6OJ92qibHcWIT4hw==

GET
H/1.1 200
OK f279c890-aa1f-43bc-822d-c78c619a148e-d8723ee6-ba74-402e-94db-d538e422e2be.png
openbadges.blob.core.windows.net/bakedbadges-us/ 17 KB
18 KB 337ms
53ms Image
application/octet-stream 52.239.137.228
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openbadges.blob.core.windows.net/bakedbadges-us/f279c890-aa1f-43bc-822d-c78c619a148e-d8723ee6-ba74-402e-94db-d538e422e2be.png
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.137.228 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 92c2daf813ba53e9f4a3d0f667463e00119880c4e8a97855d32cad29b3d0f9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 27 Aug 2022 11:19:06 GMT
Last-Modified: Tue, 22 Sep 2020 16:19:48 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 6szDpQOUh0U1fme3253KmA==
ETag: 0x8D85F135397A4D2
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
x-ms-request-id: 19521bd1-901e-008f-1806-baa977000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 17467

GET
H2 200 13509184.png
static.legitscript.com/seals/ 15 KB
15 KB 877ms
818ms Image
image/png 2606:4700:10::ac43:2a0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.legitscript.com/seals/13509184.png
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64b11db98ced06ea863ab2922f1f4e64a02611f63f58efbe9bd8d3d966f51407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
cf-cache-status: MISS
last-modified: Sat, 27 Aug 2022 11:02:47 GMT
server: cloudflare
etag: "6309f9d7-3a12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 74146905e973bbdd-FRA
content-length: 14866

GET
H2 200 ACCRED_GOLD_WEB_fnl.png
accreditnet.urac.org/styles/images/ 111 KB
112 KB 488ms
212ms Image
image/png 54.145.120.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accreditnet.urac.org/styles/images/ACCRED_GOLD_WEB_fnl.png
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.120.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-120-46.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 52d7c32e4e1a2cf029c9d8beeb1cd0a0e5bcc9678dfa4afc0f5c4a95ff99b108

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
etag: "09d90111e47d71:0"
last-modified: Wed, 12 May 2021 11:00:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 113891

GET
H2 200 shim.js Show response
cdn.sprig.com/ 193 KB
65 KB 78ms
22ms Script
application/javascript 108.138.17.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/shim.js?id=IAC2bhPBjEs9
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11d34469536d10e61ede4bf9b6b6273760ede1e44353dc7ee9b2e8b9df572597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 23:00:22 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 22:16:59 GMT
server: AmazonS3
age: 44324
etag: W/"d167fb6e7d983d4e5c21043c3f1ae5e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 70k_MvGp8zNdvij9WWg1r71Yr7pq862w
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: Nr5UXFfFtKVCdyqCrP9EFTwu3NARzs02SL-aHbtelFN47zhlhVz_fA==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/ 95 KB
26 KB 275ms
186ms Script
text/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/analytics.min.js
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5da32568b0e695b6c933762e854b0f8b144f907532a9d49e82228f3ef62e602d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: J.De9k4HtAgSCK2phPKCpwJKsjEGuhtE
content-encoding: br
etag: W/"557f2937ecb445f4b243b15409bfe5f0"
x-amz-cf-pop: FRA56-P5
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 05 Aug 2022 00:10:15 GMT
server: AmazonS3
date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: R_-wE3jN7_gnKRBmjQX907hE8b9cwKjZkOlJW1nNcwuadsWIxWoYuw==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 243 KB
62 KB 86ms
31ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d55593a22100a8f2c8d07d2c3944279f72385c80e048fe332ef79f21b7a378be

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:02:09 GMT
content-encoding: br
age: 1016
x-guploader-uploadid: ADPycdskfA0VP9afb98PTnSom_rc1BbgTOTkQTJl01-lZw2_XUbjANwXr4NLD3peZkerRE2CztqLalFbFcdncAPiNyEKBQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62338
last-modified: Wed, 24 Aug 2022 13:52:52 GMT
server: UploadServer
etag: "a065c64944e58fa4f245dcdf23d0d6f7"
vary: Accept-Encoding
x-goog-hash: crc32c=+3iPFw==, md5=oGXGSUTlj6TyRdzfI9DW9w==
x-goog-generation: 1661349172342646
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 62338
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 27 Aug 2022 12:02:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
62 KB 124ms
74ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5R83G9&gtm_auth=kMZN6bTY_87zB_AxJu64CQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7ee7517757d44d9061bd5d314bdf2e0e10cb998a2022586b55c5f38da266867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62955
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 96ms
24ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=573487&u=https%3A%2F%2Fheyfavor.com%2F&f=1&r=0.10449812602490871
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 71a53024b07bf404503b1ec5d053cdfaa5f5b47f19ad33d416056ac63f1c53dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
DATA 200
OK truncated
/ 645 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe9114998a18271d87403c4c5195f53980b2d30762ef6445075fd1010d382f11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 697 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0786faa1533c03427f67f52426c5ec7b63280df36a4406641e266d3cc9d02fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 447 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d271253c41790e56a534ed0e425a2923f3b9c12a94442c340ad20dc17b95406

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 65ms
18ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1025
date: Sat, 27 Aug 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 27 Aug 2022 13:02:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 70ms
36ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9NZRM0K8D0

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59d22e0af46d7a05e52a2c84dfd4c680f7f3321bf14aec71a0e3c50789953c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72881
x-xss-protection: 0
expires: Sat, 27 Aug 2022 11:19:05 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e71fa1fa95167e1da9cf21d77cb4b8a17bd895cac2735f6a040e0cdb8f8b187

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 656 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d21533c0e3a743036dbb1ef69ccfc29969aa9265100e7ccc79970c289cf6648

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 684 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e4261d5ea33f704066eaf3d4a967efd69669f1d5b9fc772a3086ea01213e06d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 659 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 969fe5bb90ffc4485bc629ea6ec1385db184a8a6dd3e20c8deed8eb174d7d744

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 660 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a65c776d1fb6ace676ca35d856d8b010e75208f265aa91faac58c0694c3722b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 699 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bad9a78667777beaf12136397cb10c995bbfa89d37aaadd0b4613fb4e420486

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 688 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f2ac5cdeada843548d9068215170f957eb3e3f1b9a89a54c6daf96cfa03a14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 646 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 349c92e722ce0eea3d3f3cd649babf409ce1f65a931e2c611df34310eba6f803

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 627 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22b5a731c5b0e456f7001307e81e50601b2b3681b9017b6279b431a466728935

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 637 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a84f8dd63beedee4e98d951e1798fdfcee67c6e5231cdc08e1cb366f9fa6234

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 404ms
345ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: c9b09604cece406a3d8527161a4d86de96e2311f63bccf81ddd3f4d9c2a5bee8

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heyfavor.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1561
via: 1.1 google

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 109ms
109ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=573487&d=heyfavor.com&u=D5F196919DDC2CD62CE738D315A8E64FA&h=82b1d348133a94413be43fdb5db5ea99&t=false&r=0.7889249213114355

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 11:19:05 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 66ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26535
x-xss-protection: 0
pragma: public
x-fb-debug: Lrd2dAEpuwY79u8RTc50mjbwas7ryRIV9x/lbCdcjtjXUjH3rdyz/USFDE66txhrPA/O+/35OJl4WURmQwK36A==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Aug 2022 11:19:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1661599098624
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 376ms
31ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1287fc0aa84dc8d13adf7173f344a0143511840be8c95fa6203396984a462d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:42:23 GMT
etag: "58faa0bb9a63121ea57a3106609bc291+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15291
x-served-by: cache-iad-kiad7000071-IAD, cache-vie6373-VIE

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 127 KB
38 KB 202ms
118ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSHL7QKKO01JSOEBH9A0
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2da45452f667ec8c315abd2ad46a761e1a7e8cd375701c271a56916d029e9120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-akamai-request-id: 2daef15.1ae5bfbd
date: Sat, 27 Aug 2022 11:19:06 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-parent-response-time: 97,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=11, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 202208271119067E0C0F1CA0C4C5F05653
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.220.104.8
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6daeb2f320ef9cb0dc3fa05600578165ed5cdc4ecaa7e9abb912fd627507c85ad965e6b7a8fe693756bc3a15f8815376ff1d5c00cbe7d68f1df758ecb4a4c7600c618197fe51876adfe354b62632a4fc21
expires: Sat, 27 Aug 2022 11:19:06 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 126 KB
38 KB 201ms
117ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3MQBOJ3G487IS97FLFG&lib=ttq
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 44a7e4be4c49e72c10b58abc63f10a7473ffc10f230f05116dcf605a8ab52dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-akamai-request-id: 3f5c9d15.1ae5bfc5
date: Sat, 27 Aug 2022 11:19:06 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-76.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-parent-response-time: 94,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=8, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 202208271119063FB4847F424B1EE5DF43
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,72.247.190.76
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6d7570bddbf43573b9bee9cd1ea525d31dbe55097ee9d397d6f030a847947c43838230d00505e40377ed2dbf2b13fa077f33dba5cd7e48b4c3cebccc62216d3e9be57d1afc313335e8b6706b857ddd6bdf
expires: Sat, 27 Aug 2022 11:19:06 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 116ms
49ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2902617824264647BD9753B1D03435E7 Ref B: FRAEDGE1414 Ref C: 2022-08-27T11:19:06Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sat, 27 Aug 2022 11:19:05 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 9411ce9b-5653-4793-8f00-9e67ab2bccbb-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 7 KB
7 KB 167ms
34ms Script
application/javascript 2600:9000:223f:b800:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/9411ce9b-5653-4793-8f00-9e67ab2bccbb-latest.js
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b800:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70eccdb9edf187a09ee30cc2aedc93d99130bf02bc41423b7b5c682394003e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: 4iZS40bvK3zIwTa3MzXaokVWkZcVJXZc
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 20:52:22 GMT
server: AmazonS3
age: 21599
etag: "f9f886961cbd2d61ea76cb8d6e50d9e1"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 27 Aug 2022 11:19:06 GMT
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 6952
x-amz-cf-id: 4fvLDY8kqdYkwNrSrJrCEQafPf7y1EwLMW37rhzx-1av-bkZ7FHwew==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/ 14 KB
3 KB 59ms
21ms XHR
application/json 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94af602f283dde2b98f0c7129f0e869bf99f4bb064c02268fc3ea45c0a298409

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: NnV68zEoekL9SIpTYKLq_ETd9ByNRgMC
content-encoding: br
etag: W/"b2d01e451c0968776963558db41d9754"
age: 5346
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 20 Jul 2022 04:05:06 GMT
server: AmazonS3
date: Sat, 27 Aug 2022 09:50:01 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: r9CysR92XWteVPRI2gk2aXa3tdMysScRLOaUK6ga0NdHOKjZ4f1xkg==

GET
H3 200 560559754097412 Show response
connect.facebook.net/signals/config/ 299 KB
86 KB 93ms
70ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/560559754097412?v=2.9.77&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3622d0a00d3c46a57751bc9ab364c14a63cfa65e6f75e0a845f1224d64a73fb9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: IieN8SgQhpjKN0IxvvelugKIn2kHlT2vJSdgKtNMdQA8L49zihjdS0R6WWM/eBZl5pJqoWdi3T4EqqfUkKHaOQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Aug 2022 11:19:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1661599146504
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 870.bundle.323974846b6d45afb45e.js Show response
cdn.segment.com/analytics-next/bundles/ 17 KB
5 KB 20ms
20ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 20:03:01 GMT
content-encoding: br
vary: Accept-Encoding
age: 2560566
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 28 Jul 2022 19:18:36 GMT
server: AmazonS3
etag: W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 1rk6lThPw_JHc2lhXO2aVb35DWwvWdlS
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: FPqcJEJGp6wuDql5YcSpVdlFG2Zfn6Wz4qKK7A1T-NVEkuWXLc0drw==

GET
H2 200 ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 21ms
21ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 20:02:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 2560569
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 28 Jul 2022 19:18:35 GMT
server: AmazonS3
etag: W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rGxAXcNdIUy7e9gmGqJaHXTu3PlXuob1
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: qvSb2VvcBYeOpJdoReazzOprQNQ9XlmA6uHhcHJcvNdmYsbqI_7yrA==

GET
H2 200 login Show response
api.heyfavor.com/ 20 B
398 B 590ms
549ms Fetch
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.heyfavor.com/login

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aedefa014c7c0685573ac0dfd3fd814240c161d518bf22c6d9f262a684a3229c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-tpc-total-time: 00:00:00.000
content-length: 20
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://heyfavor.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-tpc-request-uri: /login
cf-ray: 741469099ec59012-FRA
expires: 0

OPTIONS
H2 200 login
api.heyfavor.com/ Frame 0
0 583ms
540ms Preflight 2606:4700::6812:1870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.heyfavor.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1870 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-application-version
Access-Control-Request-Method: GET
Origin: https://heyfavor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-application-version
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH
access-control-allow-origin: https://heyfavor.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7414690a29ef5bed-FRA
content-length: 0
date: Sat, 27 Aug 2022 11:19:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
pragma: no-cache
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 628e681f3e7eb414cf585231
app.launchdarkly.com/sdk/goals/ Frame 0
0 461ms
391ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/628e681f3e7eb414cf585231

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://heyfavor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 27 Aug 2022 11:19:07 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4024-HHN
x-timer: S1661599147.655496,VS0,VE371

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 696ms
170ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 2

GET
H2 200 login Show response
api.heyfavor.com/ 20 B
158 B 191ms
191ms Fetch
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.heyfavor.com/login

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aedefa014c7c0685573ac0dfd3fd814240c161d518bf22c6d9f262a684a3229c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
X-Application-Version: undefined
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-tpc-total-time: 00:00:00.000
content-length: 20
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://heyfavor.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-tpc-request-uri: /login
cf-ray: 7414690d8c4c9012-FRA
expires: 0

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 682ms
169ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 703ms
175ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 628e681f3e7eb414cf585231 Show response
app.launchdarkly.com/sdk/goals/ 2 B
166 B 289ms
289ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/628e681f3e7eb414cf585231

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heyfavor.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.26.0
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.22.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Sat, 27 Aug 2022 11:19:07 GMT
content-length: 26
x-served-by: cache-hhn4024-HHN
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1661599147.049422,VS0,VE269
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 676ms
171ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 706ms
176ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6e30sImtleSI6IjEwNjk0NmUwLTI1ZmEtMTFlZC1hYzM0LTlmMmY2MjgxYzMyOSJ9 Show response
app.launchdarkly.com/sdk/evalx/628e681f3e7eb414cf585231/users/ 934 B
679 B 216ms
216ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/628e681f3e7eb414cf585231/users/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6e30sImtleSI6IjEwNjk0NmUwLTI1ZmEtMTFlZC1hYzM0LTlmMmY2MjgxYzMyOSJ9
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f97cfee12af2951d04eeb6fa2aa9eb1510d968cbfb1719de5de87a59bdc948f7

Request headers

Referer: https://heyfavor.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.26.0
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.22.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:07 GMT
content-encoding: gzip
vary: Authorization, Accept-Encoding
age: 0
x-cache: MISS
content-length: 297
x-served-by: cache-hhn4050-HHN, cache-hhn4024-HHN
access-control-allow-origin: *
x-timer: S1661599147.954098,VS0,VE196
etag: "58dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6e30sImtleSI6IjEwNjk0NmUwLTI1ZmEtMTFlZC1hYzM0LTlmMmY2MjgxYzMyOSJ9
app.launchdarkly.com/sdk/evalx/628e681f3e7eb414cf585231/users/ Frame 0
0 342ms
296ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/628e681f3e7eb414cf585231/users/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6e30sImtleSI6IjEwNjk0NmUwLTI1ZmEtMTFlZC1hYzM0LTlmMmY2MjgxYzMyOSJ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://heyfavor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 27 Aug 2022 11:19:06 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4024-HHN
x-timer: S1661599147.655482,VS0,VE276

GET
H3 200 integrations Show response
rs.fullstory.com/rec/ 2 KB
2 KB 204ms
159ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=GCWGD
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: df6680cebb1439d5a26817cfb27099db7ff81137435cee641c9171da1532b836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 73ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9NZRM0K8D0&gtm=2oe8o0&_p=2057756175&cid=1534925240.1661599146&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661599146&sct=1&seg=0&dl=https%3A%2F%2Fheyfavor.com%2F&dt=Favor%20%7C%20Online%20Women%27s%20Health%20%26%20Personal%20Care&en=page_view&_fv=1&_ss=1&_ee=1&ep.page_path=%2F
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9NZRM0K8D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 11:19:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heyfavor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 page-data.json
heyfavor.com/page-data/about-us/ 0
476 B 269ms
266ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/about-us/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 53554
x-amz-server-side-encryption: AES256
cf-ray: 7414690a68249012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9c7bbd6b0ba37b6e2fb596abc65cf6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 9dp.ouf1hftVcpLFCRwOm9VvpuayZmlR
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: application/json
x-amz-cf-id: bK02jTxBVKiF8xEGB6cebFRe5io59WP9xvB8DgOEgaQBiqo4xIn4NQ==

GET
H2 200 page-data.json
heyfavor.com/page-data/signup/ 0
358 B 71ms
69ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/signup/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38468
x-amz-server-side-encryption: AES256
cf-ray: 7414690a68259012-FRA
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"14af0079c2469b283b4a3439c3a7e746"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: .r3R2d4Vre6iB7EQngVx9wZ43npXbq0S
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: application/json
x-amz-cf-id: VyP4e1BQii11URpN2kB7qtOVazoh0bLogyIf9ZOCzHMBoqY6hp2waA==

GET
H2 200 page-data.json
heyfavor.com/page-data/skin-care/ 0
567 B 306ms
304ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/skin-care/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 21596
x-amz-server-side-encryption: AES256
cf-ray: 7414690a68289012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"202d7619b7f3a3e7b5e2790b82d65652"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: dXGxuro1nfNhxab5mYcjhmPqA0iDER4E
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: application/json
x-amz-cf-id: oxyxXMiX_Y8FfLkHldmASwg2Q4UilLL8ee87Vt76GB_542uaaIsszQ==

GET
H2 200 page-data.json
heyfavor.com/page-data/login/ 0
479 B 65ms
63ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/login/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38471
x-amz-server-side-encryption: AES256
cf-ray: 7414690a682c9012-FRA
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"94659d3ec81698eb83ae15eb5876c2d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 6MhwR7sPRv79aQRC7MDuTXoZxarAdHst
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: application/json
x-amz-cf-id: TRefaN_1H1movudXXfNeuFD36hoa_J5ZGsWzXC_gQp28E42iSKaXrg==

GET
H2 200 page-data.json
heyfavor.com/page-data/sexual-wellness/emergency-contraceptive/ 0
496 B 65ms
64ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sexual-wellness/emergency-contraceptive/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 39465
x-amz-server-side-encryption: AES256
cf-ray: 7414690a682e9012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"db467cbfeda41c5ab52dbc6c9c4f17ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zpQPNyI6Lt5Mo9u5BmAVrrm7nUMI8T05
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: application/json
x-amz-cf-id: PRO9Dur9mfqhm_wxGDNFzFQs2aGHf0RCt-lanNgFOgmrT6t1LBblOg==

GET
H2 200 SelfCareExtraWeb.webp
heyfavor.com/static/56fbd6404cdddb698ccec648303d8f63/2e8f8/ 477 KB
478 KB 108ms
104ms Image
binary/octet-stream 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heyfavor.com/static/56fbd6404cdddb698ccec648303d8f63/2e8f8/SelfCareExtraWeb.webp

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4753d28a821119ae72e92726199dfe25d84ed0f6cd1bdc1d1d2d09eab1611c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 488600
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "987eaba7bc60d2d3b3a6d156e4f396a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: sVHukstXXI5kIOUd6EAouJM9khrv3X.M
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690a78419012-FRA
x-amz-cf-id: UNhQOAmuPl445ehb9S3jjGyDarqH_c2CW3tswT0JRwpknFnvwaG08Q==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 birth-control-lifestyle-purse.webp
heyfavor.com/static/5940f5541b08defa97040ffe3c2028e4/b5316/ 185 KB
186 KB 92ms
88ms Image
binary/octet-stream 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heyfavor.com/static/5940f5541b08defa97040ffe3c2028e4/b5316/birth-control-lifestyle-purse.webp

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8b02848b388ceb1543cfb9d642b244d52d7475b370c2b4f55c3d822cd61fdfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 189842
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f976db4b1707d637ee5808faa0bdcd58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: V48Y5EkSLy.8Iy0uv7s4U02mP0cMXUqz
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690a78439012-FRA
x-amz-cf-id: TDPijPllQeZ6-vqIzzVP8ozA0zK-GkdqIqSsnOIcnHDyMFtTGgqG_Q==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 emergency-contraception.webp
heyfavor.com/static/31055413432da6973f2476f7df202317/ccdb5/ 243 KB
244 KB 97ms
93ms Image
binary/octet-stream 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heyfavor.com/static/31055413432da6973f2476f7df202317/ccdb5/emergency-contraception.webp

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c255142c8291a5c51c7da8cd1a3672c6d4b1aba520084c5278258f6ad96e8e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 249330
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "7adf66257eea95e6cd3254fa69e5bd4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: CAsVK7iCoY5S7TSV.EdIg5zNt9CZ2AdE
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690a78449012-FRA
x-amz-cf-id: -UnjGYZ5vuzuHkpBrv2Bnh7pS9F3pEhpXW8JSBXsKarS1lfcEQ3YHw==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 sexual-wellness.webp
heyfavor.com/static/6233edba66482e019750f50ea4d90d7f/56426/ 231 KB
231 KB 72ms
68ms Image
binary/octet-stream 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heyfavor.com/static/6233edba66482e019750f50ea4d90d7f/56426/sexual-wellness.webp

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6832b5449af7b0c49ad83bfc064266dee4aa5b61a316d0e6a33c7f22993bf1fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 236276
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "188db625e77930da19fed13be06df491"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: QOeLN2c3pojQt_PJFi75Kx9fkqym7kX8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690a78459012-FRA
x-amz-cf-id: tcRicGXTlXhT1nUJoETJWjvkrW499lyuCKp_6bKUK8ej2R3Hkuw2eQ==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 skin-care.webp
heyfavor.com/static/6349f9368d3c38e14e8fa9063849b657/ccdb5/ 108 KB
108 KB 261ms
258ms Image
binary/octet-stream 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heyfavor.com/static/6349f9368d3c38e14e8fa9063849b657/ccdb5/skin-care.webp

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7455632d6965c9a6bff807352518056569a29897f9305e201dd36f48aa18133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 110302
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "10d19f33bd05df06b6bd031d19ae47d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 1GaVbJF2tZfjjHSA_AclAPl2Cf9Z9b.g
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7414690a78469012-FRA
x-amz-cf-id: Gh_aCdReS5ZAnzf3Qn26oyGmsCeuzA5VOwKXMD4zxLb3hTQpz-RW9A==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 page-data.json
heyfavor.com/page-data/sexual-wellness/birth-control/ 0
548 B 93ms
90ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sexual-wellness/birth-control/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 39465
x-amz-server-side-encryption: AES256
cf-ray: 7414690a88539012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c46e5b1cee01b1defd5aaa82bd931e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Rh9iqoVHoQiC3GVe1gL.FudGUG2f.xfC
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: application/json
x-amz-cf-id: IbBQopwEQVe0hYN-Fv6GxW1084MAYsoqzEn_s_nOY5zjuuVYzRpoIg==

GET
H2 200 page-data.json
heyfavor.com/page-data/reprorights/ 0
486 B 95ms
92ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/reprorights/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 22791
x-amz-server-side-encryption: AES256
cf-ray: 7414690a88549012-FRA
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8b5fe84c72e4b3778817fd14fdea7c98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: tJ32Hp.tyYSDWiMxWLFz_Q8Z4C_wEJ7E
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: application/json
x-amz-cf-id: CXMhGTCd9cLRQb17g5S3cendypNdKRLmgCAHrbm6e1BWkFprvACSrQ==

GET
H2 200 page-data.json
heyfavor.com/page-data/blog/ 0
137 KB 70ms
67ms Other
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/blog/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heyfavor.com/
Origin: https://heyfavor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38396
x-amz-server-side-encryption: AES256
cf-ray: 7414690a88559012-FRA
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d80b0181b0fdc4bad2bf395db5db40a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 2qW3tzTOsM2BVxXVg3wGx37Cf1y56Yjc
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
content-type: application/json
x-amz-cf-id: MQdioBSVv7M8QjtSLMcxF7-0nf6VGXz6UrQsIbcW8ibc9Rh_vJceWQ==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 124ms
37ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/9411ce9b-5653-4793-8f00-9e67ab2bccbb-latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 11:19:06 GMT
Content-Encoding: gzip
Age: 19333
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21942-LGA, cache-hhn4065-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1661599147.741780,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 5180

GET
H2 200 9411ce9b-5653-4793-8f00-9e67ab2bccbb-additional-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 10 KB
10 KB 31ms
29ms Script
application/javascript 2600:9000:223f:b800:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/9411ce9b-5653-4793-8f00-9e67ab2bccbb-additional-latest.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/9411ce9b-5653-4793-8f00-9e67ab2bccbb-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b800:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d72521383def6fff816d73a4127e1f208f9cbda959b1df744a33e79b13210d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: EK802nHvNA2RLDIXMA_BJVwT3knuYAYS
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 23:21:31 GMT
server: AmazonS3
age: 17866
etag: "6028529e4e9e02d513d5827e9fcd1135"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 27 Aug 2022 11:19:06 GMT
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 9825
x-amz-cf-id: 36Hc_WE3UIgs-UzWIS1gExMoKOmAcJUh7F034KEYiUKeZrTjaG0vBQ==

GET
H2 200 tracker-latest.min.js Show response
d2hrivdxn8ekm8.cloudfront.net/ 10 KB
10 KB 21ms
19ms Script
application/javascript 2600:9000:223f:b800:17:3f5c:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/9411ce9b-5653-4793-8f00-9e67ab2bccbb-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b800:17:3f5c:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e4516e3afa1170bf934a7882bf09eacf63d4600ea4b2609724c6cfa49333472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: nxP954O2qyuHFEWoPjj05B2blGcZvYQN
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jun 2022 19:33:58 GMT
server: AmazonS3
age: 17519
etag: "2fd76c8e88356206a1c7a31860e7fe72"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
date: Sat, 27 Aug 2022 06:27:08 GMT
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 10025
x-amz-cf-id: RqeBa7HTev07eZdRQSDlswuu-SKkq88vbYPEhkfiDWQqN75g4FK5Rg==

GET
H2 200 26041946.js Show response
bat.bing.com/p/action/ 1 KB
862 B 183ms
182ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26041946.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e4412aeb35430a008c3af8addbde6e52e0e294235010c0e38039444a0eff957c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 39E9C85E75254CCFBA4B86C179EE9C30 Ref B: FRAEDGE1414 Ref C: 2022-08-27T11:19:06Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Sat, 27 Aug 2022 11:19:06 GMT
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
175 B 52ms
52ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26041946&Ver=2&mid=09b779f7-146f-471a-a03e-70648d0cdffc&sid=1071e59025fa11eda153d542c3e420a1&vid=10723c6025fa11ed80fda93f172eeb0d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Favor%20%7C%20Online%20Women%27s%20Health%20%26%20Personal%20Care&p=https%3A%2F%2Fheyfavor.com%2F&r=&lt=208&evt=pageLoad&sv=1&rn=346871

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0366689066EC44E8955F184F6CC6035F Ref B: FRAEDGE1414 Ref C: 2022-08-27T11:19:06Z
date: Sat, 27 Aug 2022 11:19:06 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 130ms
130ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSHL7QKKO01JSOEBH9A0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 11:19:06 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022082711190699D531266B66FF016DE1
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 98,23.36.161.200
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6d55eec35f58a21966f34f282d683521d6e2be04f34e4307c557bdf0c98a90a6928f9b11619b46a466aabae4163fdb482403c9a9d2b7a44d292a9458729d5feed7
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=98
x-akamai-request-id: 1ae5c502
expires: Sat, 27 Aug 2022 11:19:06 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 886 B
1 KB 115ms
114ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3MQBOJ3G487IS97FLFG&hostname=heyfavor.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSHL7QKKO01JSOEBH9A0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e2f2cdcd7666ccb4a54f864b52e46487374fad828a317dd05a162010893beb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-akamai-request-id: 83bff23d.1ae5c544
date: Sat, 27 Aug 2022 11:19:06 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-parent-response-time: 94,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=7, inner; dur=5
content-length: 362
pragma: no-cache
server: nginx
x-tt-logid: 202208271119062B761704B1D5CF0D1C6C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.5
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6daeb2f320ef9cb0dc3fa05600578165ed69b0daa2a1cd39652471157db4e3b5f97322e60a5d6a2a6aba095d096a65ea439d1829b962b4aec8b4ba70dccbc5dbdbc5343f0569e76092a50f4f0b3969a246
expires: Sat, 27 Aug 2022 11:19:06 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 59 KB
20 KB 116ms
116ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BSHL7QKKO01JSOEBH9A0&hostname=heyfavor.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSHL7QKKO01JSOEBH9A0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9e5869e3ea39f31678aaffffa94af1b10532470f4a45816515bc1cfbeea67e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-akamai-request-id: 3bbcdcb3.1ae5c54c
date: Sat, 27 Aug 2022 11:19:06 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-86.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-parent-response-time: 95,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=6, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202208271119064EB2C28E207EE4FFCC14
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,72.247.190.86
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6d7570bddbf43573b9bee9cd1ea525d31dbba0b33030885464e513d29b907bc2dfae3a46936f0eae1f593247e3752ba448a82d11d6b61b9440ce8d0cef9d097681f751bc2ffa2853aba8ebd95f4f6f4f49
expires: Sat, 27 Aug 2022 11:19:06 GMT

GET
H2 200 adsct
t.co/i/ 43 B
338 B 452ms
190ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=0391384b-86e1-4078-aeb2-e350071255de&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=7dc0bdd0-fced-4d58-ab9b-c3867639650e&tw_document_href=https%3A%2F%2Fheyfavor.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o247o&type=javascript&version=2.3.26

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 169
date: Sat, 27 Aug 2022 11:19:06 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: ff15e85f19fb01d04f1b19c6b01030a76560244b189f3980c4443b495fdcbf63
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 386ms
189ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=0391384b-86e1-4078-aeb2-e350071255de&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=7dc0bdd0-fced-4d58-ab9b-c3867639650e&tw_document_href=https%3A%2F%2Fheyfavor.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o247o&type=javascript&version=2.3.26

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time: 169
date: Sat, 27 Aug 2022 11:19:06 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: f2498c05fdae218b23a83c8b2b4a36c810c874955b4040237b3ca0edff0ad968
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 84ms
19ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=560559754097412&ev=PageView&dl=https%3A%2F%2Fheyfavor.com%2F&rl=&if=false&ts=1661599146751&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&fbp=fb.1.1661599146750.1197970559&it=1661599146419&coo=false&rqm=GET

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sat, 27 Aug 2022 11:19:06 GMT

GET
H2 200 page-data.json Show response
heyfavor.com/page-data/login/ 159 B
425 B 48ms
48ms XHR
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/login/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b2ed67b5da4b9b2e9229554c3bfc7f8c2f97d9ff61f25333e33694408236dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38471
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"94659d3ec81698eb83ae15eb5876c2d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 6MhwR7sPRv79aQRC7MDuTXoZxarAdHst
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 7414690b49659012-FRA
x-amz-cf-id: lW0yNKwvYPhu1slI74jjsTqhiN1Jo29P3OZ5Kk56uMH-_bALk_p4DA==

GET
H2 200 page-data.json Show response
heyfavor.com/page-data/sexual-wellness/emergency-contraceptive/ 324 B
552 B 49ms
49ms XHR
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sexual-wellness/emergency-contraceptive/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

208f7f3eb355c1603a507bf74f0b298cbb8dd5faf83635739ae668ca212b6de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 39465
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"db467cbfeda41c5ab52dbc6c9c4f17ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: zpQPNyI6Lt5Mo9u5BmAVrrm7nUMI8T05
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 7414690b49679012-FRA
x-amz-cf-id: MCUJSs_sqJgCo3C41Q_TbiqfeIXZiInZpItnrsMgcxO-Hkoznw40aQ==

GET
H2 200 page-data.json Show response
heyfavor.com/page-data/signup/ 167 B
361 B 48ms
47ms XHR
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/signup/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

add8b611a2789ee7d4e7e4cfe34ecf23c28a11d1e1e3aef0fa644da0ec9d3b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"14af0079c2469b283b4a3439c3a7e746"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: .r3R2d4Vre6iB7EQngVx9wZ43npXbq0S
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 7414690b49699012-FRA
x-amz-cf-id: opwbAzQWXUMYYWWRmWwC7hOHQ38h8z0AufqbgYIeZQwBULOCqyAQwg==

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 336ms
168ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=GCWGD&UserId=6306624290590720&SessionId=6098295962374144&PageId=6543265445875712&Seq=1&PageStart=1661599146237&PrevBundleTime=0&LastActivity=9&IsNewSession=true
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 652a73d483989f7a107dfd0c8fd5ccf6a0251bdd9c1b296723e0f9cb8b7d9082

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://heyfavor.com
date: Sat, 27 Aug 2022 11:19:07 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 page-data.json Show response
heyfavor.com/page-data/sexual-wellness/birth-control/ 316 B
452 B 38ms
38ms XHR
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/sexual-wellness/birth-control/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0345660313e16e5f4ddb48086c622bba3f9f88f14021895ca361ec90be1ae4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 39465
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c46e5b1cee01b1defd5aaa82bd931e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: Rh9iqoVHoQiC3GVe1gL.FudGUG2f.xfC
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 7414690b698e9012-FRA
x-amz-cf-id: FTuUqSfDAqcEh1OiJFSyIu4Yve-XQXFTKkTGiyQ29mMbwrWd86cBfA==

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 28ms
27ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 04:14:57 GMT
content-encoding: br
vary: Accept-Encoding
age: 5036650
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 00:39:24 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 2Zx1lLvKGQVUN0CW_0j0kkuvMQ5TNtLg
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: y47SAhq2JAwJQ_hVbvs2snbR-ndTs0RHwxvhOIklIEQT2mQaCTWlvA==

GET
H2 200 page-data.json Show response
heyfavor.com/page-data/reprorights/ 279 B
452 B 41ms
40ms XHR
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/reprorights/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a781f8ba7fd9a1e872095af19d582646243b66322de4237b8f653d918e0f5c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 22791
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8b5fe84c72e4b3778817fd14fdea7c98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: tJ32Hp.tyYSDWiMxWLFz_Q8Z4C_wEJ7E
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 7414690b69959012-FRA
x-amz-cf-id: VzOLfThKoejrl0vJihYxNFHIroIS9N1WoSwGTY1VFWJnlhxx7Qfb8w==

GET
H2 200 page-data.json Show response
heyfavor.com/page-data/blog/ 857 KB
135 KB 40ms
39ms XHR
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/blog/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44fbb3d4b555f5365eef98ef40759b3ba48bcf2dd41e08c8b84de4086883cd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 38396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d80b0181b0fdc4bad2bf395db5db40a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 2qW3tzTOsM2BVxXVg3wGx37Cf1y56Yjc
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 7414690b69979012-FRA
x-amz-cf-id: ONbj9bun157E_sE8RxLyZi9n5D77vFdlg36CUqVTbjR02H0TPz__CQ==

GET
H2 200 5a28e627 Show response
dvqigh9b7wa32.cloudfront.net/ 43 B
493 B 801ms
102ms XHR
image/gif 18.66.17.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49OTQxMWNlOWItNTY1My00NzkzLThmMDAtOWU2N2FiMmJjY2JiJnNlc3Npb25JZD0xNDJjMGRmMi0xZDhjLTdjMjAtNTI5NC03MjIzMWE4YWYwNzE%3D&date=1661599146780
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.17.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-17-199.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:24:34 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 17674
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
x-amz-cf-id: w5bUXZPI-tqjqfsjNhhnfPWNygHeFBt10sz3e6QZCn22iTNyENEj-A==

GET
H2 200 5a28e627 Show response
d330aiyvva2oww.cloudfront.net/ 43 B
491 B 104ms
32ms XHR
image/gif 2600:9000:2250:6800:3:760:2800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE1JnRva2VuPTk0MTFjZTliLTU2NTMtNDc5My04ZjAwLTllNjdhYjJiY2NiYiZzZXNzaW9uSWQ9MTQyYzBkZjItMWQ4Yy03YzIwLTUyOTQtNzIyMzFhOGFmMDcx&date=1661599146780
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6800:3:760:2800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:24:34 GMT
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 17673
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: jchUGk4fcIYt-4M-n5gr-82dJIo7AeusbnQ0xO8G8Bxjfok929psWw==

GET
H2 200 5a28e627 Show response
d1lu3pmaz2ilpx.cloudfront.net/ 43 B
451 B 100ms
31ms XHR
image/gif 2600:9000:225e:9600:17:f683:1d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTUmdG9rZW49OTQxMWNlOWItNTY1My00NzkzLThmMDAtOWU2N2FiMmJjY2JiJnNlc3Npb25JZD0xNDJjMGRmMi0xZDhjLTdjMjAtNTI5NC03MjIzMWE4YWYwNzEmY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRmhleWZhdm9yLmNvbSUyRg%3D%3D&date=1661599146783
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9600:17:f683:1d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:24:34 GMT
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
vary: Origin
age: 17673
x-cache: Hit from cloudfront
content-length: 43
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
server: AmazonS3
etag: "fb02f374b8f73825415db1bccd4bd76d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: MECDkcQRnpeO4uGcNwK7icfm-rhhR6GV8zLpsXA6NkUTjbIJfzwLLQ==

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-1100&value=&uncacheplz=4665358161
https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-1100&value=&uncacheplz=4665358161&_bee_ppp=1

43 B
793 B

47ms
44ms

Image
image/gif

52.211.158.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-1100&value=&uncacheplz=4665358161&_bee_ppp=1

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

HTTP/1.1

Server

52.211.158.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-158-203.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 27 Aug 2022 11:19:07 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=tatari&segment_key=tatari-1100&value=&uncacheplz=4665358161&_bee_ppp=1
Date: Sat, 27 Aug 2022 11:19:06 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 95ms
33ms Script
application/javascript 18.66.120.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-120-247.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7905
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-id: lmusf_-hA4kpXxgSbQateFW6KQRPMAOzAHk5r5nk9n0koMhBGPIlAg==

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 30ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=560559754097412&ev=ViewContent&dl=https%3A%2F%2Fheyfavor.com%2F&rl=&if=false&ts=1661599146806&sw=1600&sh=1200&v=2.9.77&r=stable&ec=1&o=30&fbp=fb.1.1661599146750.1197970559&it=1661599146419&coo=false&rqm=GET

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sat, 27 Aug 2022 11:19:06 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
347 B 108ms
28ms Image
image/gif 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=c83a801a-0d3a-4600-a82b-90f9263d7e13&it=1661599146809&v=0.0.20&u=https%3A%2F%2Fheyfavor.com%2F&st=1661599146809&et=1661599146810&if=0
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 11:19:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 component---src-pages-login-tsx-addcedca0c58d54c7ef8.js
heyfavor.com/ 0
1 KB 85ms
85ms Other
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/component---src-pages-login-tsx-addcedca0c58d54c7ef8.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA60-P2
cf-polished: origSize=1733
cf-ray: 7414690bda199012-FRA
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-amz-server-side-encryption: AES256
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"63468abe0a59234cfc673cabd61c46ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: rlvNZZxGus0eNZKv9O_FuRcvjocxCscf
cache-control: public, max-age=31536000
content-type: application/javascript
x-amz-cf-id: B5qWS0h01Hdt8T5SPC6AyLKUc3xcJ-DsD9XbWS_BggsmYAovFsV2tw==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 component---src-pages-signup-index-tsx-dee10726ede6ca7845ed.js
heyfavor.com/ 0
3 KB 195ms
194ms Other
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/component---src-pages-signup-index-tsx-dee10726ede6ca7845ed.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:07 GMT
via: 1.1 90dd5141cd2d05c51d479a582cded280.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: DUS51-C1
cf-polished: origSize=7573
cf-ray: 7414690bda1b9012-FRA
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-amz-server-side-encryption: AES256
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"254eba89a37fcfc207cc2950c9c87fdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 3fGjnnNIiZXCwoqj952gsKgqU192AxFb
cache-control: public, max-age=31536000
content-type: application/javascript
x-amz-cf-id: 1e74kw08gRxWRtda2PMpzZDWraXrm_i4O2BMMaNmXhmBmkMUzs5UjA==
expires: Sun, 27 Aug 2023 11:19:07 GMT

GET
H2 200 component---src-pages-sexual-wellness-emergency-contraceptive-index-tsx-8a278e8f840d68e4ea7d.js
heyfavor.com/ 0
10 KB 69ms
69ms Other
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/component---src-pages-sexual-wellness-emergency-contraceptive-index-tsx-8a278e8f840d68e4ea7d.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C1
cf-polished: origSize=32901
cf-ray: 7414690bda1e9012-FRA
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-amz-server-side-encryption: AES256
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0afeaa4a996cff2007183ab71023d295"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 4mSg0hzYFUuh2tnTXXyvGLH0dENenlpw
cache-control: public, max-age=31536000
content-type: application/javascript
x-amz-cf-id: LMSi-YhkquCyTAFwUq4i5JC-Jx6sdI4HaEBmM-9kGNm1m-sTJmkVzw==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 component---src-pages-sexual-wellness-birth-control-index-tsx-022a7c7dfdd036348276.js
heyfavor.com/ 0
9 KB 133ms
128ms Other
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/component---src-pages-sexual-wellness-birth-control-index-tsx-022a7c7dfdd036348276.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 27aa7ec4f54edf4b2fd5fffda84693a0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: SOF50-C1
cf-polished: origSize=30599
cf-ray: 7414690bda2d9012-FRA
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-amz-server-side-encryption: AES256
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cc92e8702d69adc03ba683e0ad9d8ce9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: nKfuVoY98nUN_NtIkGfhHPDBNmRTNnZu
cache-control: public, max-age=31536000
content-type: application/javascript
x-amz-cf-id: w4J0oWDrJ6AfkpYXgH1rVyoXpXO4B8LcwJhR45nQ-2Gqk_wmiIPCIA==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 component---src-pages-blog-tsx-6d526c514de8d878aa97.js
heyfavor.com/ 0
2 KB 67ms
66ms Other
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/component---src-pages-blog-tsx-6d526c514de8d878aa97.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
cf-ray: 7414690bea359012-FRA
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e37af010dc900301bbdcf00c10169420"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: zfzGrQzmLrwve0CKW4ruaRVh6cVVjUDg
cache-control: public, max-age=31536000
content-type: application/javascript
x-amz-cf-id: DDYTdcjySBk95C1fhGzkAy0hel3ZPoI7IOXeH892QpmqeKNqrnEilw==
expires: Sun, 27 Aug 2023 11:19:06 GMT

GET
H2 200 component---src-pages-reprorights-index-tsx-9a174992f4d97ccb1e5c.js
heyfavor.com/ 0
32 KB 64ms
64ms Other
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/component---src-pages-reprorights-index-tsx-9a174992f4d97ccb1e5c.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C1
cf-polished: origSize=120930
cf-ray: 7414690bea399012-FRA
x-cache: Hit from cloudfront
cf-bgj: minify
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-amz-server-side-encryption: AES256
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"af48b54a258fdb464eb011d1f670ba96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: X9YQOpzNONvzIASfX_93ZDDP1vJqI3Kx
cache-control: public, max-age=31536000
content-type: application/javascript
x-amz-cf-id: zfy73Hu4SAXlSdolMIL9fhdLVqx4O71b9mwwDwPDBowEy8rEKoELfQ==
expires: Sun, 27 Aug 2023 11:19:06 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
685 B 122ms
120ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSHL7QKKO01JSOEBH9A0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2db133b.1ae5c809
date: Sat, 27 Aug 2022 11:19:06 GMT
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-parent-response-time: 99,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=13, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220827111906E767553A42F691F90020
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.220.104.8
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6daeb2f320ef9cb0dc3fa05600578165ed5cdc4ecaa7e9abb912fd627507c85ad9ebba132e29c3c43fd8bba3115dfb31785b13066412121c8bdad627c9cd524b6e87e973510edf2fe12f79e199061deedc
expires: Sat, 27 Aug 2022 11:19:06 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
688 B 125ms
124ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSHL7QKKO01JSOEBH9A0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 250e9dc9.1ae5c874
date: Sat, 27 Aug 2022 11:19:07 GMT
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-parent-response-time: 103,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=16, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220827111906A05B3D1D339F19D29299
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.220.104.7
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6daeb2f320ef9cb0dc3fa05600578165ed4d5d4f9c48bfc5697d12e830521b32d2601220dde573fb57a66455d44084d31d3c98b85c68904429cc054bebe3ce4b2415cfc585b7886f183cbc9093f93d156d
expires: Sat, 27 Aug 2022 11:19:07 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
686 B 120ms
120ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BSHL7QKKO01JSOEBH9A0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2db144d.1ae5c877
date: Sat, 27 Aug 2022 11:19:07 GMT
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.2-43303399) (-)
x-parent-response-time: 98,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=11, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220827111906695B27A9AEBD80EAEAD6
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.220.104.8
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6daeb2f320ef9cb0dc3fa05600578165ed5cdc4ecaa7e9abb912fd627507c85ad9780318ba9a03c8cf9d0838154e93599b76de9805539592ed58e4021424eac98b842ce3e5013e516e1e2e994fcbd21b74
expires: Sat, 27 Aug 2022 11:19:07 GMT

GET
H2 200 6765cb3cf169443c119b.js Show response
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 4 KB
2 KB 26ms
22ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/6765cb3cf169443c119b.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e12072d9b0b933c2db675af735dae991682dae9978c1cdefcfb953c63cda90c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: ivPsSGLh1sVBoEKvij3gzeWKA6YG9ygY
content-encoding: br
etag: W/"5f8b185058a6559e765f14c7cff3b7d2"
age: 9713
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 23:34:13 GMT
server: AmazonS3
date: Sat, 27 Aug 2022 08:46:35 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 2HB--fLJhE1yz_dPfo6DfVaZVGVYN09AfbmERA2c5oaHrNTK276v2w==

GET
H2 200 26041946 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 209ms
112ms Script
application/x-javascript 2620:1ec:27::cafe:1759
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26041946
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26041946.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1759 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f78c4e3375b600381b53418952261a0c7b43c1eceb16edfa968ca7b51b1e87f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
x-powered-by: ASP.NET
x-azure-ref: 0q/0JYwAAAACgylJrWQIJSJDV1bxPh0gbRlJBMzFFREdFMDMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
content-length: 1543
expires: -1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 83ms
38ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2057756175&t=event&ni=1&_s=1&dl=https%3A%2F%2Fheyfavor.com%2F&ul=en-us&de=UTF-8&dt=Favor%20%7C%20Online%20Women%27s%20Health%20%26%20Personal%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=FullStory&_u=aHBAAEABAAAAAC~&jid=1912028994&gjid=891325269&cid=1534925240.1661599146&tid=UA-88951281-1&_gid=704389216.1661599146&_r=1&cd1=https%3A%2F%2Fapp.fullstory.com%2Fui%2FGCWGD%2Fsession%2F6306624290590720%253A6098295962374144%3Fintegration_src%3Dga_universal&z=1405651816

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 11:19:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heyfavor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 page-data.json Show response
heyfavor.com/page-data/about-us/ 280 B
446 B 34ms
34ms XHR
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/about-us/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2de14d2e51f0cf9f72395009897405727aa2ef02ec2d66f3779cb4ef71e94249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 53554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9c7bbd6b0ba37b6e2fb596abc65cf6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: 9dp.ouf1hftVcpLFCRwOm9VvpuayZmlR
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 7414690c4aae9012-FRA
x-amz-cf-id: B4DymOsHli2AH8YaxTq-NHn2bLSHhPI-JvyT509mfLkMvWc7V7Kkxw==

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
196 B 238ms
34ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=11368bbe-4a70-48fd-92c9-930c9ff5b43f

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

9891d8246293f2efce83cd923ca52b05216351eb4212f1e677c3991eec55e182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:07 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://heyfavor.com
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
450 B 234ms
30ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=11368bbe-4a70-48fd-92c9-930c9ff5b43f&tld=com

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2a8461d8fb71bab6864f794d2970586584869a40c9c0e60826fee7c13b78c879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:07 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://heyfavor.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 844E 0
45 B 209ms
33ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=11368bbe-4a70-48fd-92c9-930c9ff5b43f&u_scsid=0ab534d0-f45b-45f4-8240-6610c5ceaebc&u_sclid=4fc1273d-f275-4730-9283-22dc5227d529

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://heyfavor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 27 Aug 2022 11:19:07 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 page-data.json Show response
heyfavor.com/page-data/skin-care/ 379 B
445 B 40ms
39ms XHR
application/json 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/page-data/skin-care/page-data.json

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6534691796fc09891e47ebf5210ad41c7825d14447b7a20451de251a67df46e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 21596
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/json
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:01:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"202d7619b7f3a3e7b5e2790b82d65652"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: dXGxuro1nfNhxab5mYcjhmPqA0iDER4E
cache-control: public, s-maxage=600, max-age=0, must-revalidate
x-amz-cf-pop: DUS51-P1
cf-ray: 7414690c8af19012-FRA
x-amz-cf-id: n1ddKn-rjPONOoye4QWy6w_RYSjTBm3eOuq_KVt1hRKbvqfauHBsHw==

GET
H2 200 component---src-pages-about-us-tsx-707eefd1a5ee7f977ed8.js
heyfavor.com/ 0
32 KB 47ms
46ms Other
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/component---src-pages-about-us-tsx-707eefd1a5ee7f977ed8.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
cf-ray: 7414690c8af59012-FRA
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3084bba9e1f04f6d2b2897c54172421d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: mr9sKECIOM9YYdWZ6k7dcqwT89cbdui4
cache-control: public, max-age=31536000
content-type: application/javascript
x-amz-cf-id: J05oZRqR4riSaoToa3E-F29QsDhGGNkFwxvgazyIPWFjb_5i7bxPPA==
expires: Sun, 27 Aug 2023 11:19:06 GMT

POST
H2 200 p Show response
tr.snapchat.com/ Frame 89CE 68 B
560 B 183ms
32ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://heyfavor.com
Referer: https://heyfavor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://heyfavor.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 68
content-type: text/html
date: Sat, 27 Aug 2022 11:19:07 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 688.js Show response
cdn.segment.com/next-integrations/actions/ 22 KB
7 KB 36ms
15ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/688.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/6765cb3cf169443c119b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9b28c72166a68ac8d99179b29eb8d82b18e3545b652d2093b4fcff3730e478c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: sPuPDIVkMgBAcwAh7Me5p820Bg8Jr8.j
content-encoding: gzip
etag: W/"6939a60573121581ebb440b679590ba8"
age: 67324
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 18 Aug 2022 23:34:13 GMT
server: AmazonS3
date: Fri, 26 Aug 2022 16:37:04 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: -N48kgZ4H_noPTBsGTn7dJfwhqWliqHBNt1QJkhH2g3CkrDRTL4Hdg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 91ms
26ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-88951281-1&cid=1534925240.1661599146&jid=1912028994&gjid=891325269&_gid=704389216.1661599146&_u=aHBAAEAAAAAAAC~&z=358361507

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 27 Aug 2022 11:19:07 GMT
content-type: text/plain
access-control-allow-origin: https://heyfavor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 component---src-pages-skin-care-index-tsx-c13cacc09fced117fc19.js
heyfavor.com/ 0
4 KB 51ms
46ms Other
application/javascript 2606:4700::6812:1970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heyfavor.com/component---src-pages-skin-care-index-tsx-c13cacc09fced117fc19.js

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:07 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
cf-ray: 7414690cdb549012-FRA
x-cache: Hit from cloudfront
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Aug 2022 20:00:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e5d2311e56b1594e97d882f72071066e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: .1fpiA2mJ0yzN8zMUIfO3hIWcIH.RprT
cache-control: public, max-age=31536000
content-type: application/javascript
x-amz-cf-id: eeIkX4kZumKKas_LcNFsLNBvwYiKVTEE86PKyPCYEOxo1mE1YSY9CQ==
expires: Sun, 27 Aug 2023 11:19:07 GMT

GET
H2 200 visual-tagger.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 45 KB
16 KB 24ms
22ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 213b92e8b230c5327f5c082e8fee902c2774a99ba8dea84404b122f3b1c1bce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 23:30:15 GMT
content-encoding: gzip
age: 1511333
x-cache: Hit from cloudfront
content-length: 15523
access-control-allow-origin: *
last-modified: Mon, 08 Aug 2022 17:49:06 GMT
server: AmazonS3
etag: "46f80eb90165b4dcb3e9b4514e043444"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: YIYHAzTMctMt40U88fr0m_cUukJo_9Rt
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: cjsUgYH317AjSKjNe-x-eDSCJKcHuk2yDyopeMWlMWpncEaTIgHNLg==

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
30ms Ping
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 11:19:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://heyfavor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 291ms
167ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 355ms
169ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 365ms
176ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 357ms
168ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 376ms
177ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1207066/envelope/ 2 B
402 B 417ms
167ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1207066/envelope/?sentry_key=f334cd30d4dc4972838e2d5339d0f7f5&sentry_version=7

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://heyfavor.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 91ms
43ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-88951281-1&cid=1534925240.1661599146&jid=1912028994&_u=aHBAAEAAAAAAAC~&z=127139920

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 11:19:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 100ms
51ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-88951281-1&cid=1534925240.1661599146&jid=1912028994&_u=aHBAAEAAAAAAAC~&z=127139920

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 11:19:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 commons.54701049fd6fb8497e9e.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 22ms
22ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/0ADyd2TSj2I3EUSH6aUmc767nY6x2SEk/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 14:19:46 GMT
content-encoding: gzip
age: 1976362
x-cache: Hit from cloudfront
content-length: 22174
access-control-allow-origin: *
last-modified: Wed, 27 Jul 2022 23:49:21 GMT
server: AmazonS3
etag: "7741fd16ad2418cd17ab981f8207b106"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: dDzNHLX4yUeFofnmOL9w4XynYZ.vfSD1
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: z5d3pPdWxoAq18ZQZBGj99lKn77QHVKhlSPfUYNmgi2EjWv_PKie_g==

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-b/s/0.6.39/ 53 KB
23 KB 112ms
112ms Script
application/javascript 2620:1ec:27::cafe:1759
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-b/s/0.6.39/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26041946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1759 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:06 GMT
content-encoding: br
etag: "1d8b095d9e9a5a1"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0q/0JYwAAAADADDuSCMaLQongaCaZIf5rRlJBMzFFREdFMDMxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
DATA 200
OK truncated
/ 639 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3645cc70cb4a566f555bd8fccec42fd33ce122cc0cd6fba0ce56c516038e15c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6e30sImtleSI6IjEwNjk0NmUwLTI1ZmEtMTFlZC1hYzM0LTlmMmY2MjgxYzMyOSJ9
clientstream.launchdarkly.com/eval/628e681f3e7eb414cf585231/ 955 B
0 191ms
58ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/628e681f3e7eb414cf585231/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6e30sImtleSI6IjEwNjk0NmUwLTI1ZmEtMTFlZC1hYzM0LTlmMmY2MjgxYzMyOSJ9

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 11:19:07 GMT
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
172 B 616ms
204ms Fetch
application/json 44.240.162.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.162.122 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-162-122.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://heyfavor.com
date: Sat, 27 Aug 2022 11:19:07 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H/1.1 200
OK config Show response
api.sprig.com/sdk/1/environments/IAC2bhPBjEs9/ 281 B
764 B 113ms
113ms Fetch
application/json 34.204.155.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/IAC2bhPBjEs9/config
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.155.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-155-126.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 4de9ddae7ae52c3da7180926830e243aec58450564f836a005d63b4f9b6f8972

Request headers

x-ul-visitor-id: 933ba735-0a54-4a50-8100-4dd0d98d04d9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://heyfavor.com/
x-ul-sdk-version: 2.17.3
x-ul-environment-id: IAC2bhPBjEs9
userleap-platform: web

Response headers

date: Sat, 27 Aug 2022 11:19:07 GMT
x-envoy-decorator-operation: userleap-api.userleap-api.svc.cluster.local:80/*
server: istio-envoy
etag: W/"119-5hKAe7ZbIg5Ikn2CdlE5BY8ZTxY"
vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 4
Connection: keep-alive
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
Content-Length: 281

POST
H2 202 628e681f3e7eb414cf585231 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 113ms
113ms XHR
application/json 34.234.23.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/628e681f3e7eb414cf585231

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.23.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-23-220.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://heyfavor.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.26.0
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.22.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 27 Aug 2022 11:19:07 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=A4621873DC97444399757C7ADF7A7FC4&RedC=c.clarity.ms&MXFR=0D1300FECDA2616C2A0E12F3C9A26FA3
https://c.clarity.ms/c.gif?CtsSyncId=A4621873DC97444399757C7ADF7A7FC4&MUID=057223B53877670339FF31B8391C66BE

42 B
367 B

44ms
43ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=A4621873DC97444399757C7ADF7A7FC4&MUID=057223B53877670339FF31B8391C66BE
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heyfavor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 11:19:07 GMT
last-modified: Wed, 17 Aug 2022 23:56:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "de363c295b2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 11:19:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5BDC2F426E924A658B33ED5D452CF582 Ref B: FRAEDGE1414 Ref C: 2022-08-27T11:19:07Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=A4621873DC97444399757C7ADF7A7FC4&MUID=057223B53877670339FF31B8391C66BE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

OPTIONS
H/1.1 200
OK config
api.sprig.com/sdk/1/environments/IAC2bhPBjEs9/ Frame 0
0 443ms
107ms Preflight 34.204.155.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/IAC2bhPBjEs9/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.155.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-155-126.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: GET
Origin: https://heyfavor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept,Content-Type,authorization,*
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Date: Sat, 27 Aug 2022 11:19:07 GMT
vary: Origin

OPTIONS
H2 204 628e681f3e7eb414cf585231
events.launchdarkly.com/events/diagnostic/ Frame 0
0 351ms
112ms Preflight 34.234.23.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/628e681f3e7eb414cf585231

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.23.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-23-220.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://heyfavor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sat, 27 Aug 2022 11:19:07 GMT
strict-transport-security: max-age=31536000

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9EC7 0
18 B 44ms
21ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://heyfavor.com
Referer: https://heyfavor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://heyfavor.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 11:19:07 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 collect Show response
e.clarity.ms/ 0
173 B 1312ms
278ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://heyfavor.com
date: Sat, 27 Aug 2022 11:19:08 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 204 collect Show response
e.clarity.ms/ 0
25 B 1672ms
572ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://heyfavor.com
date: Sat, 27 Aug 2022 11:19:08 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 202 628e681f3e7eb414cf585231 Show response
events.launchdarkly.com/events/bulk/ 0
344 B 380ms
380ms XHR
application/json 34.234.23.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/628e681f3e7eb414cf585231

Requested by

Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.23.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-23-220.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: 120591c0-25fa-11ed-ac34-9f2f6281c329
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.22.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json
Referer: https://heyfavor.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.26.0

Response headers

date: Sat, 27 Aug 2022 11:19:09 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 628e681f3e7eb414cf585231
events.launchdarkly.com/events/bulk/ Frame 0
0 110ms
110ms Preflight 34.234.23.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/628e681f3e7eb414cf585231

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.23.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-23-220.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://heyfavor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sat, 27 Aug 2022 11:19:09 GMT
strict-transport-security: max-age=31536000

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 717ms
717ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://heyfavor.com
date: Sat, 27 Aug 2022 11:19:09 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 310ms
304ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=GCWGD&UserId=6306624290590720&SessionId=6098295962374144&PageId=6543265445875712&Seq=2&PageStart=1661599146237&PrevBundleTime=1661599147003&LastActivity=4843&IsNewSession=true
Requested by: Host: heyfavor.com
URL: https://heyfavor.com/app-35792ec8f8f4a8b7dc2d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a9c0b5d3ce7c7d027c33a5a033c08211806643428d9db47a9a4381f0872ae268

Request headers

Referer: https://heyfavor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://heyfavor.com
date: Sat, 27 Aug 2022 11:19:11 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 05:34:45	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.heyfavor.com/	1970-01-20 05:34:45	Name: _gid Value: GA1.2.704389216.1661599146
.heyfavor.com/	1970-01-20 14:20:21	Name: _vwo_uuid_v2 Value: D5F196919DDC2CD62CE738D315A8E64FA\|82b1d348133a94413be43fdb5db5ea99
.heyfavor.com/	1970-01-20 07:42:55	Name: _gcl_au Value: 1.1.1869937690.1661599146
.bing.com/	1970-01-20 14:54:55	Name: MUID Value: 057223B53877670339FF31B8391C66BE
.heyfavor.com/	1970-01-20 14:18:55	Name: fs_uid Value: #GCWGD#6306624290590720:6098295962374144:::#/1693135146
.heyfavor.com/	1970-01-20 15:09:19	Name: _ga_9NZRM0K8D0 Value: GS1.1.1661599146.1.0.1661599146.0.0.0
.heyfavor.com/	1970-01-20 15:09:19	Name: _ga Value: GA1.1.1534925240.1661599146
.heyfavor.com/	1970-01-20 05:34:45	Name: _uetsid Value: 1071e59025fa11eda153d542c3e420a1
.heyfavor.com/	1970-01-20 14:54:55	Name: _uetvid Value: 10723c6025fa11ed80fda93f172eeb0d
.heyfavor.com/	1970-01-20 07:42:55	Name: _fbp Value: fb.1.1661599146750.1197970559
heyfavor.com/	1970-01-20 15:09:19	Name: tatari-cookie-test Value: 33607982
.heyfavor.com/	1970-01-20 05:33:19	Name: t-ip Value: 1
.heyfavor.com/	1970-01-20 15:09:19	Name: tatari-session-cookie Value: 142c0df2-1d8c-7c20-5294-72231a8af071
.tiktok.com/	1970-01-20 14:54:55	Name: _ttp Value: 2Dw9BkM6WnceyrqFfLDdGim8kBe
.heyfavor.com/	1970-01-20 14:54:55	Name: _tt_enable_cookie Value: 1
.heyfavor.com/	1970-01-20 14:54:55	Name: _ttp Value: 17b43e27-03ea-4729-b976-cd39313dcc0c
.heyfavor.com/	1970-01-20 05:33:19	Name: _gat Value: 1
.heyfavor.com/	1970-01-20 15:03:05	Name: _scid Value: 0708f5e4-5b58-4bf1-88d2-3a8cb9519aa8
.bidr.io/	1970-01-20 15:01:52	Name: bito Value: AACx1E7GE_sAABAAzGALgg
.bidr.io/	1970-01-20 15:01:52	Name: bitoIsSecure Value: ok
www.clarity.ms/	1970-01-20 14:18:55	Name: CLID Value: bfdd44da8a6249baba1e62f9283be304.20220827.20230827
.twitter.com/	1970-01-20 15:09:19	Name: personalization_id Value: "v1_K8vEyxlo2zSP1XYNbYABcg=="
.snapchat.com/	1970-01-20 14:54:55	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiQ3AMAgEsImQ4LjwjEOjbMHwtZNZuOFCdQhrIJ9aCqHe8wpTd9ci7HQbc/UHQXtvIjIAAAA=
.heyfavor.com/	1970-01-20 14:18:55	Name: ajs_anonymous_id Value: 0ca7b1fb-b755-4910-8998-b7e9fe1ff10b
.t.co/	1970-01-20 15:09:19	Name: muc_ads Value: 279a0ffc-e1e0-455e-a4af-69140dcae656
.heyfavor.com/	1970-01-20 14:18:55	Name: _clck Value: 4uxj7p\|1\|f4d\|0
.c.bing.com/	1970-01-20 14:54:55	Name: SRM_B Value: 057223B53877670339FF31B8391C66BE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:54:55	Name: MUID Value: 057223B53877670339FF31B8391C66BE
.c.clarity.ms/	1970-01-20 05:33:19	Name: ANONCHK Value: 0
.heyfavor.com/	1970-01-20 05:34:45	Name: _clsk Value: wn7iw2\|1661599148655\|1\|1\|e.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accreditnet.urac.org
acdn.adnxs.com
analytics.tiktok.com
analytics.twitter.com
api.heyfavor.com
api.segment.io
api.sprig.com
app.launchdarkly.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.segment.com
cdn.sprig.com
clientstream.launchdarkly.com
connect.facebook.net
d1lu3pmaz2ilpx.cloudfront.net
d2hrivdxn8ekm8.cloudfront.net
d330aiyvva2oww.cloudfront.net
dev.visualwebsiteoptimizer.com
dvqigh9b7wa32.cloudfront.net
e.clarity.ms
edge.fullstory.com
events.launchdarkly.com
heyfavor.com
ib.adnxs.com
openbadges.blob.core.windows.net
region1.google-analytics.com
rs.fullstory.com
sc-static.net
segment.prod.bidr.io
sentry.io
static.ads-twitter.com
static.legitscript.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.133
104.244.42.195
108.138.17.100
151.101.130.217
151.101.193.108
18.66.115.169
18.66.120.247
18.66.17.199
185.89.211.12
199.232.16.157
20.234.93.27
20.62.48.180
2001:4860:4802:34::36
23.36.163.228
2600:9000:223f:b800:17:3f5c:f800:21
2600:9000:2250:6800:3:760:2800:21
2600:9000:225e:9600:17:f683:1d40:21
2606:4700:10::ac43:2a0c
2606:4700::6812:1870
2606:4700::6812:1970
2620:1ec:27::cafe:1759
2620:1ec:c11::200
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:400c:c1b::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.204.155.126
34.234.23.220
34.96.102.137
35.186.194.58
35.188.42.15
35.190.43.134
35.201.112.186
44.240.162.122
52.211.158.203
52.239.137.228
54.145.120.46
76.223.31.44
0016ea455df21a028931e0748795768f71a8ca5ea6921d0100cc4ec534187a1c
0345660313e16e5f4ddb48086c622bba3f9f88f14021895ca361ec90be1ae4be
09820f2d6fdb27c3f1e04ff22a783388d8ed0a13c047c83d22b24e39819d59ad
0a84f8dd63beedee4e98d951e1798fdfcee67c6e5231cdc08e1cb366f9fa6234
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d34469536d10e61ede4bf9b6b6273760ede1e44353dc7ee9b2e8b9df572597
1287fc0aa84dc8d13adf7173f344a0143511840be8c95fa6203396984a462d4b
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
17a109ba92835f5651de94e54210e126f5533c70a2b7997ad2b02b4b1797db6d
1990cda81ea0b3ea4e132c022ffc3361647e2cc1dd3d3ba3e8301a52a79abbce
1e018824352006426fef7bc1be248632896fc37f396cb55c2cfa98c4d41c1e4f
1e4261d5ea33f704066eaf3d4a967efd69669f1d5b9fc772a3086ea01213e06d
208f7f3eb355c1603a507bf74f0b298cbb8dd5faf83635739ae668ca212b6de9
20f2ac5cdeada843548d9068215170f957eb3e3f1b9a89a54c6daf96cfa03a14
213b92e8b230c5327f5c082e8fee902c2774a99ba8dea84404b122f3b1c1bce8
22b5a731c5b0e456f7001307e81e50601b2b3681b9017b6279b431a466728935
2307506bc941a54c6669c279ddd50a29a023552798c5fef9e5909eb566d81644
2a65c776d1fb6ace676ca35d856d8b010e75208f265aa91faac58c0694c3722b
2a8461d8fb71bab6864f794d2970586584869a40c9c0e60826fee7c13b78c879
2da45452f667ec8c315abd2ad46a761e1a7e8cd375701c271a56916d029e9120
2de14d2e51f0cf9f72395009897405727aa2ef02ec2d66f3779cb4ef71e94249
2ede78f19927e6d072279117c121702f39ff57e3e60c0a50559291e9ea3ec2ab
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
33f77b5b9eae0ba894811e0f0642366432b216be90ad62d0fca3807db2da368f
349c92e722ce0eea3d3f3cd649babf409ce1f65a931e2c611df34310eba6f803
3622d0a00d3c46a57751bc9ab364c14a63cfa65e6f75e0a845f1224d64a73fb9
3645cc70cb4a566f555bd8fccec42fd33ce122cc0cd6fba0ce56c516038e15c1
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3b60f0fd0a33a24cbd5588f98cdc54ea955f9fc73af16ef63e81a948ab8531e4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a7e4be4c49e72c10b58abc63f10a7473ffc10f230f05116dcf605a8ab52dd1
44e381eed808722619ad733fe6b2dde9c702c2ff708379912e55f6998f712604
44fbb3d4b555f5365eef98ef40759b3ba48bcf2dd41e08c8b84de4086883cd81
47eb5051c5909dbf63a03301dfdb22d6dab29649fd5cb98f7d216e66c2343eba
4d271253c41790e56a534ed0e425a2923f3b9c12a94442c340ad20dc17b95406
4de9ddae7ae52c3da7180926830e243aec58450564f836a005d63b4f9b6f8972
4e4516e3afa1170bf934a7882bf09eacf63d4600ea4b2609724c6cfa49333472
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51d465204f1616619123a5f4c2a9034d346b8a90bb32f3127b65df3f4a828124
52d7c32e4e1a2cf029c9d8beeb1cd0a0e5bcc9678dfa4afc0f5c4a95ff99b108
548c14d7f76f73bd21b7bda2e10a1cbb05e2af54d196fc6758b48753acb415c5
576168b41d839b93155749231bc15275e22a6c7ce6231664daa42013ca679cee
59d22e0af46d7a05e52a2c84dfd4c680f7f3321bf14aec71a0e3c50789953c37
5da32568b0e695b6c933762e854b0f8b144f907532a9d49e82228f3ef62e602d
5e71fa1fa95167e1da9cf21d77cb4b8a17bd895cac2735f6a040e0cdb8f8b187
6100664bdb731c370aff8e724c1024b343dec2ae2f4832a03c65ca22a477ca1c
64b11db98ced06ea863ab2922f1f4e64a02611f63f58efbe9bd8d3d966f51407
652a73d483989f7a107dfd0c8fd5ccf6a0251bdd9c1b296723e0f9cb8b7d9082
6534691796fc09891e47ebf5210ad41c7825d14447b7a20451de251a67df46e9
6832b5449af7b0c49ad83bfc064266dee4aa5b61a316d0e6a33c7f22993bf1fb
69abb16bad280f8625cd5a08571885e53276c558aa5ad86fe8917f26e8a0f9d6
70eccdb9edf187a09ee30cc2aedc93d99130bf02bc41423b7b5c682394003e31
71a53024b07bf404503b1ec5d053cdfaa5f5b47f19ad33d416056ac63f1c53dd
71b126f2c657e0b482598368af910b3e432eccf93499234c4933a298934486c3
72c3eaf1a2322f650107229306f6b9b51e6195e436bb1297cc4aaa20a6c66003
76c78895e8272bc131fb08929bc63c9b998b56befa7cf4210696c743708cb451
7e22cc924a95f1e3712e89118c45aabf62d0b57c031d859527088c488cfb2049
82151aa510fd0af6dbfd2aeb3b0170707ba34486c66bf7f0be35a58f2753a68c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
8a781f8ba7fd9a1e872095af19d582646243b66322de4237b8f653d918e0f5c6
8b2ed67b5da4b9b2e9229554c3bfc7f8c2f97d9ff61f25333e33694408236dd8
8d21533c0e3a743036dbb1ef69ccfc29969aa9265100e7ccc79970c289cf6648
8e550e3495653e2af88cd28b47444fddb50d3a4c205c567ffe3263ddd23ab9ff
92c2daf813ba53e9f4a3d0f667463e00119880c4e8a97855d32cad29b3d0f9e4
94af602f283dde2b98f0c7129f0e869bf99f4bb064c02268fc3ea45c0a298409
94cf8da47ed2da83103481159feb3cf359d5d5af416de7b1d459cd7d007ba2e7
957e428906cf01222943dd7dc9e356d31bb7996ce8c90b5e50f94f5c6bc130d6
969fe5bb90ffc4485bc629ea6ec1385db184a8a6dd3e20c8deed8eb174d7d744
9891d8246293f2efce83cd923ca52b05216351eb4212f1e677c3991eec55e182
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
9b415a7004e74c148bad8d2c28dcc15bfd763fe911246c8ed4f9948af493064f
9bad9a78667777beaf12136397cb10c995bbfa89d37aaadd0b4613fb4e420486
9e5869e3ea39f31678aaffffa94af1b10532470f4a45816515bc1cfbeea67e6c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a44cb3ab624a66fde9c097e682d05a1901615ed6427a13520da2bc3d9dd5327d
a58cfc86586d5c5a5b8fb148833453f2212a3c8c36b23f537c4ff4881ced63b9
a5bc4d97e0511fdd057892e0a4db83987b1bb4774df143371be7d55aec058db7
a6a0f2d0f378aea2c616d414b9503e8c661831ca21430ff0d689a03d9ac5a164
a8197017ca2bd7f6c4c838e44326b8096f534346e0dc2a2156f2302147c84a6d
a9c0b5d3ce7c7d027c33a5a033c08211806643428d9db47a9a4381f0872ae268
aa3fc57ea1e5aede40ddc6d13e7eecf36c9fd46e1e4df71fffcd4869f0fab027
ab9c7e25e3f08cd8217140bbcf6187c439b51e1d4835f514079012376e7cc5d2
aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adc1d054715d5fc3793422b0166342d48ece603009d4537409fc5eb5a8df976e
add8b611a2789ee7d4e7e4cfe34ecf23c28a11d1e1e3aef0fa644da0ec9d3b88
aedefa014c7c0685573ac0dfd3fd814240c161d518bf22c6d9f262a684a3229c
b105d4e7588814ba24bd528d6a271222f9b949c542edc71bbfe0a6d17cdc8aee
b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b3fcab204628398b42ee1723cbfdb548a4325de4f87cd296f9bb004f4f8baf58
b7ee7517757d44d9061bd5d314bdf2e0e10cb998a2022586b55c5f38da266867
c255142c8291a5c51c7da8cd1a3672c6d4b1aba520084c5278258f6ad96e8e9a
c4753d28a821119ae72e92726199dfe25d84ed0f6cd1bdc1d1d2d09eab1611c9
c66dfb60b1239ab32548a57d866ec2dc462bd9887e22642335bf0ccfab662438
c9b09604cece406a3d8527161a4d86de96e2311f63bccf81ddd3f4d9c2a5bee8
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d55593a22100a8f2c8d07d2c3944279f72385c80e048fe332ef79f21b7a378be
d72521383def6fff816d73a4127e1f208f9cbda959b1df744a33e79b13210d3f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6680cebb1439d5a26817cfb27099db7ff81137435cee641c9171da1532b836
e12072d9b0b933c2db675af735dae991682dae9978c1cdefcfb953c63cda90c0
e2f2cdcd7666ccb4a54f864b52e46487374fad828a317dd05a162010893beb91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4412aeb35430a008c3af8addbde6e52e0e294235010c0e38039444a0eff957c
e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
ef13c0c22a1c93afdb2f43773e354681c48e2919d3a4c53c8ef1b9b9813c26fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f06eab94c3d9fd7e52bd6020165f49c01af90af1c3c5c5444f201d8c5d156f46
f0786faa1533c03427f67f52426c5ec7b63280df36a4406641e266d3cc9d02fb
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d
f7455632d6965c9a6bff807352518056569a29897f9305e201dd36f48aa18133
f78c4e3375b600381b53418952261a0c7b43c1eceb16edfa968ca7b51b1e87f7
f8b02848b388ceb1543cfb9d642b244d52d7475b370c2b4f55c3d822cd61fdfa
f97cfee12af2951d04eeb6fa2aa9eb1510d968cbfb1719de5de87a59bdc948f7
f9b28c72166a68ac8d99179b29eb8d82b18e3545b652d2093b4fcff3730e478c
fe9114998a18271d87403c4c5195f53980b2d30762ef6445075fd1010d382f11

heyfavor.com Open in urlscan Pro 2606:4700::6812:1970 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

161 Requests

99 %HTTPS

39 %IPv6

29 Domains

42 Subdomains

42 IPs

5 Countries

4194 kBTransfer

8919 kBSize

32 Cookies

14 Outgoing links

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

heyfavor.com Open in urlscan Pro
2606:4700::6812:1970 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

99 %
HTTPS

39 %
IPv6

29
Domains

42
Subdomains

42
IPs

5
Countries

4194 kB
Transfer

8919 kB
Size

32
Cookies

161 HTTP transactions
14 data transactions