de1.xyz01.fun Open in urlscan Pro
188.114.96.3  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

• https://de1.xyz01.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
• https://de1.xyz01.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js

Request Chain 52

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3515218&time=1713447826183&li_adsId=90884a85-70e0-4ac0-b0d3-2614a32c6ca1&url=https%3A%2F%2Fde1.xyz01.fun%2F HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3515218&time=1713447826183&li_adsId=90884a85-70e0-4ac0-b0d3-2614a32c6ca1&url=https%3A%2F%2Fde1.xyz01.fun%2F&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3515218%26time%3D1713447826183%26li_adsId%3D90884a85-70e0-4ac0-b0d3-2614a32c6ca1%26url%3Dhttps%253A%252F%252Fde1.xyz01.fun%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3515218&time=1713447826183&li_adsId=90884a85-70e0-4ac0-b0d3-2614a32c6ca1&url=https%3A%2F%2Fde1.xyz01.fun%2F&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3515218&time=1713447826183&li_adsId=90884a85-70e0-4ac0-b0d3-2614a32c6ca1&url=https%3A%2F%2Fde1.xyz01.fun%2F&cookiesTest=true&liSync=true&e_ipv6=AQLfzeLqQa3YBQAAAY7xcvZ2EziNEWx5p0SoNOXAqg76-IaMtNk-A6MaRKUJlAggljdp8wlKDdowwwvgeQ

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response de1.xyz01.fun/	110 KB 35 KB	1060ms 734ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de1.xyz01.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc9059800d7e69253adcb5a3f19f92d2c9d0d630abc7f55127bc98794f4f4ec5 Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; frame-ancestors 'self' https://*.peta.org https://*.petalatino.com https://*.peta2.com; frame-src blob: * Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * age 3197 alt-svc h3=":443"; ma=86400 cache-control public, max-age=7200 cf-cache-status DYNAMIC cf-ray 876515e6b9e71c04-AMS content-encoding br content-security-policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; frame-ancestors 'self' https://*.peta.org https://*.petalatino.com https://*.peta2.com; frame-src blob: * content-type text/html; charset=UTF-8 date Thu, 18 Apr 2024 13:43:45 GMT edge-cache-control max-age=7200 expires Thu, 18 Apr 2024 15:43:45 GMT last-modified Thu, 18 Apr 2024 11:44:33 GMT link <https://www.peta.org/wp-json/>; rel="https://api.w.org/", <https://www.peta.org/wp-json/wp/v2/pages/863>; rel="alternate"; type="application/json", <https://www.peta.org/?p=863>; rel=shortlink nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy midi=(),accelerometer=(), gyroscope=(), magnetometer=(), fullscreen=* referrer-policy no-referrer-when-downgrade report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ynj67B17mYAcv7AIPd7vR%2FEBbKhDBf9w77E2dcHk9wCs8LGAwSeWQLvVa8HrSxxBTjmhVJt5y%2ByQ1jgszDhkAoCYG0GTy31K76gBCZIiJUPBtIoCfMJLrwmmD4MBl0uV"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=2592000 vary Accept-Encoding x-cache EXPIRED EXPIRED x-content-type-options nosniff
GET H2	200	conv_v3.js Show response cdn.b0e8.com/	67 KB 22 KB	193ms 21ms	Script application/javascript	35.190.5.192 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.b0e8.com/conv_v3.js Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.5.192 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 192.5.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash b1c1a4244de33316bdab018bf75ff07e00117f979075cf8a0c2c7b932b66fe3d Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=63072000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 12:53:07 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains content-security-policy default-src 'self' 'unsafe-inline'; age 3038 x-guploader-uploadid ABPtcPrkH_Y3I5tBadIl9Amjqi4kWo7h7cAHynFb3Hwxle6f31BpGFnyirBBMBxB8qFHQ2Sl701eMriciw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21618 last-modified Mon, 13 Mar 2023 18:19:37 GMT server UploadServer etag "1da09eff1b7a39f87215784824e30f30" vary Accept-Encoding x-goog-hash crc32c=QUzV5A==, md5=HaCe/xt6OfhyFXhIJOMPMA== x-goog-generation 1678731577674397 content-language en access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=3600 x-goog-stored-content-length 21618 accept-ranges bytes content-type application/javascript expires Thu, 18 Apr 2024 13:53:07 GMT
GET H2	200	marvel.js Show response marvel-b2-cdn.bc0a.com/	9 KB 4 KB	195ms 15ms	Script application/javascript	35.201.125.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://marvel-b2-cdn.bc0a.com/marvel.js Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.125.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.125.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 190db2ea37186511e3cdfaeb6e37e68830c90647a9c18840f33ce00c03a05bd0 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=63072000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 12:51:43 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains content-security-policy default-src 'self' 'unsafe-inline'; age 3122 x-guploader-uploadid ABPtcPpqRdFYzMxLr_0NnGAQokWXS_EnrUCKazM2srXV9QUwmtdyqo8OE59qQE05kWvmElNXvG_ltoz0ww x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3142 last-modified Wed, 12 Apr 2023 17:03:33 GMT server UploadServer etag "0b57832ab47cd1fea51ee8a2dfa4f649" vary Accept-Encoding x-goog-hash crc32c=EF0vLQ==, md5=C1eDKrR80f6lHuii36T2SQ== x-goog-generation 1681319013677342 content-language en access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=3600 x-goog-stored-content-length 3142 accept-ranges bytes content-type application/javascript expires Thu, 18 Apr 2024 13:51:43 GMT
GET H/1.1	200 OK	foobox.min.css www.peta.org/wp-content/plugins/foobox-image-lightbox-premium/pro/css/	104 KB 11 KB	247ms 69ms	Stylesheet text/css	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/plugins/foobox-image-lightbox-premium/pro/css/foobox.min.css?ver=2.7.27 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c10632845d2ef3c1dd616bd2ec143a597c70859fa5c1276a537afba236d626d7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 17 Apr 2024 19:26:42 GMT Server cloudflare Age 79 ETag W/"66202272-19f68" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=31536000 Connection keep-alive CF-Ray 876515ecbf2da012-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	index.css www.peta.org/wp-content/plugins/plugin-media-credit/build/	555 B 1000 B	248ms 70ms	Stylesheet text/css	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/plugins/plugin-media-credit/build/index.css?ver=1713382003 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e172c715c4e07d15286775ff928cd70b89ec16dcc089b1fa04a657e583cb76e7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Age 2260 Cf-Polished origSize=556 Transfer-Encoding chunked Connection keep-alive Last-Modified Wed, 17 Apr 2024 19:26:43 GMT Cf-Bgj minify Server cloudflare ETag W/"66202273-22c" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=31536000 CF-Ray 876515ecb9b0a001-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	style-index.css www.peta.org/wp-content/themes/peta/build/	160 KB 28 KB	242ms 64ms	Stylesheet text/css	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdfa307643eaa57166399136648e822438abd76d7576eb45c4d7f74bb0f15914 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Age 2628 Cf-Polished origSize=164009 Transfer-Encoding chunked Connection keep-alive Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Cf-Bgj minify Server cloudflare ETag W/"66202274-280a9" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=31536000 CF-Ray 876515ecb8a86562-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	sticky-banner.css www.peta.org/wp-content/plugins/peta-org-sticky-banner/styles/	856 B 1 KB	266ms 89ms	Stylesheet text/css	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/plugins/peta-org-sticky-banner/styles/sticky-banner.css?ver=6.5.2 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abde5b78cc1b20585501e2cffb86f6e208d3c3d033704478f09d3f50aa42633c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Age 79 Cf-Polished origSize=1180 Transfer-Encoding chunked Connection keep-alive Last-Modified Wed, 17 Apr 2024 19:26:43 GMT Cf-Bgj minify Server cloudflare ETag W/"66202273-49c" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=31536000 CF-Ray 876515ecbc480b30-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	ga_constants.js Show response resources.peta.org/googleAnalytics/global/	28 KB 9 KB	220ms 43ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://resources.peta.org/googleAnalytics/global/ga_constants.js?ver=6.5.2 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6546246e4c80042d1290e40ac899287a064bcb84577f7c6c31dc1ade421771fe Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; X-Content-Type-Options nosniff Strict-Transport-Security max-age=2592000 CF-Cache-Status HIT Age 3887 Cf-Polished origSize=47910 Transfer-Encoding chunked Content-Encoding gzip Connection keep-alive Referrer-Policy no-referrer-when-downgrade Cf-Bgj minify Last-Modified Wed, 17 Apr 2024 21:14:14 GMT Server cloudflare Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=7200 Permissions-Policy midi=(),accelerometer=(), gyroscope=(), magnetometer=(), fullscreen=* CF-RAY 876515ecbf6566bd-AMS Expires Thu, 18 Apr 2024 15:43:45 GMT
GET H/1.1	200 OK	gaBase.js Show response resources.peta.org/googleAnalytics/petaUS/peta/	352 B 1 KB	210ms 34ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://resources.peta.org/googleAnalytics/petaUS/peta/gaBase.js?ver=6.5.2 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ec8c90454ed2b882b05d229c80f3fa9822db2c572aced7cbffce269f3879be4 Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; X-Content-Type-Options nosniff Strict-Transport-Security max-age=2592000 CF-Cache-Status HIT Age 5825 Cf-Polished origSize=608 Transfer-Encoding chunked Content-Encoding gzip Connection keep-alive Referrer-Policy no-referrer-when-downgrade Cf-Bgj minify Last-Modified Wed, 17 Apr 2024 21:14:14 GMT Server cloudflare Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=7200 Permissions-Policy midi=(),accelerometer=(), gyroscope=(), magnetometer=(), fullscreen=* CF-RAY 876515ecbd940c81-AMS Expires Thu, 18 Apr 2024 15:43:45 GMT
GET H/1.1	200 OK	jquery.min.js Show response www.peta.org/wp-includes/js/jquery/	86 KB 30 KB	248ms 71ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 17 Apr 2024 19:26:45 GMT Server cloudflare Age 79 ETag W/"66202275-15601" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive CF-Ray 876515ecbbc7b954-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	gtm.js Show response www.peta.org/wp-content/plugins/plugin-google-analytics/inc/js/	334 B 1023 B	258ms 81ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/plugins/plugin-google-analytics/inc/js/gtm.js Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e742100ec07e7661a9892103d74e4d74b8d75ffd670f82af0f49aedc8ab87e2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Age 4430 Cf-Polished origSize=344 Transfer-Encoding chunked Connection keep-alive Last-Modified Wed, 17 Apr 2024 19:26:43 GMT Cf-Bgj minify Server cloudflare ETag W/"66202273-158" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=31536000 CF-Ray 876515ecbd500b5e-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H2	200	10041335-10042655.js Show response cdn-4.convertexperiments.com/v1/js/	172 KB 49 KB	290ms 114ms	Script application/javascript	2a02:26f0:300:184::14a9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-4.convertexperiments.com/v1/js/10041335-10042655.js Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:300:184::14a9 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 0b1a67c8b6df94077e0fb593c51184f613d1dcb24af477edda71971be645b600 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Thu, 18 Apr 2024 13:43:45 GMT content-encoding gzip cache-control public, max-age=300 content-type application/javascript vary Accept-Encoding expires Thu, 18 Apr 2024 13:48:45 GMT
GET H/1.1	200 OK	peta-logo.svg www.peta.org/wp-content/themes/peta/src/assets/images/svgs/	1 KB 1 KB	68ms 65ms	Image image/svg+xml	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.peta.org/wp-content/themes/peta/src/assets/images/svgs/peta-logo.svg Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43c8def1648ca8c55f98ff4e9e499f2986a7bbbd1736271213905380f5b7e82d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Server cloudflare Age 410 ETag W/"66202274-5fb" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/svg+xml Cache-Control public, max-age=31536000 Connection keep-alive CF-Ray 876515ee0eb50b5e-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	validate.js Show response services.peta.org/	31 KB 11 KB	216ms 38ms	Script application/javascript	104.18.197.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.peta.org/validate.js?v=1.2 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.197.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dba3286012b39f814895bb3aad64d7d12d0cde03f2bf4d627bec30ebd9eec021 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Cf-Bgj minify Last-Modified Mon, 20 Nov 2023 09:17:51 GMT Server cloudflare Age 733838 ETag W/"655b243f-7bdd" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive CF-RAY 876515ecbe256643-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	validate.css services.peta.org/	916 B 1 KB	217ms 40ms	Stylesheet text/css	104.18.197.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://services.peta.org/validate.css?v=1.10 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.197.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f000a82ac40475d9505df6228d48b21274b05c5d4be2d5d01a8743b86a3557fc Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Age 733838 Cf-Polished origSize=917 Transfer-Encoding chunked Connection keep-alive Cf-Bgj minify Last-Modified Mon, 20 Nov 2023 09:17:51 GMT Server cloudflare ETag W/"655b243f-395" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=31536000 CF-RAY 876515ecbd32b978-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	ga_social_tracking.js Show response resources.peta.org/googleAnalytics/global/	709 B 1 KB	73ms 40ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://resources.peta.org/googleAnalytics/global/ga_social_tracking.js?ver=1.0 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6b99fd3846f17e715ea866fbdf3ed5207cfcf8078d2532112615807d7768fe6 Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; X-Content-Type-Options nosniff Strict-Transport-Security max-age=2592000 CF-Cache-Status HIT Age 6200 Cf-Polished origSize=1314 Transfer-Encoding chunked Content-Encoding gzip Connection keep-alive Referrer-Policy no-referrer-when-downgrade Cf-Bgj minify Last-Modified Wed, 17 Apr 2024 21:14:14 GMT Server cloudflare Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=7200 Permissions-Policy midi=(),accelerometer=(), gyroscope=(), magnetometer=(), fullscreen=* CF-RAY 876515ed4fed66bd-AMS Expires Thu, 18 Apr 2024 15:43:45 GMT
GET H/1.1	200 OK	index.js Show response www.peta.org/wp-content/plugins/plugin-media-credit//build/	2 KB 1 KB	56ms 53ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/plugins/plugin-media-credit//build/index.js?ver=1713382003 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash baf9e1194fdde7149a265cbe07ab2f00e528365760772e37f5106ff290a7cd62 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 17 Apr 2024 19:26:43 GMT Cf-Bgj minify Server cloudflare Age 949 ETag W/"66202273-77e" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive CF-Ray 876515ed6d190b30-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	index.js Show response www.peta.org/wp-content/themes/peta/build/	175 KB 63 KB	53ms 53ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/themes/peta/build/index.js?ver=1713382004 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3283db9a1435e26c88ccd83191b9fb33635af2558a6656a1729b9d746769d58 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Age 6770 Cf-Polished origSize=179046 Transfer-Encoding chunked Connection keep-alive Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Cf-Bgj minify Server cloudflare ETag W/"66202274-2bb66" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=31536000 CF-Ray 876515ed998a6562-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	new-tab.js Show response www.peta.org/wp-content/plugins/page-links-to/dist/	34 KB 13 KB	57ms 57ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 17 Apr 2024 19:26:43 GMT Cf-Bgj minify Server cloudflare Age 5356 ETag W/"66202273-8687" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive CF-Ray 876515edcdb80b30-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	sticky-banner.js Show response www.peta.org/wp-content/plugins/peta-org-sticky-banner/js/	2 KB 1 KB	70ms 68ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/plugins/peta-org-sticky-banner/js/sticky-banner.js?ver=6.5.2 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d33081f7835db8b93ff469ee49178dbe065c5a7b6c10a2a311b13136291c39ad Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Age 79 Cf-Polished origSize=2689 Transfer-Encoding chunked Connection keep-alive Last-Modified Wed, 17 Apr 2024 19:26:43 GMT Cf-Bgj minify Server cloudflare ETag W/"66202273-a81" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=31536000 CF-Ray 876515ee0d0db954-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	foobox.min.js Show response www.peta.org/wp-content/plugins/foobox-image-lightbox-premium/pro/js/	147 KB 39 KB	71ms 68ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/plugins/foobox-image-lightbox-premium/pro/js/foobox.min.js?ver=2.7.27 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9eef725959dafad60f597df6d5c2517381c5d88f597006b71b1d469dbb33338c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 17 Apr 2024 19:26:42 GMT Server cloudflare Age 949 ETag W/"66202272-24b31" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive CF-Ray 876515ee08eea012-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H3	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	112ms 28ms	Script application/javascript	104.16.160.145 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:45 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 3292 etag W/"a87c48d211877c49b878679b2e3cdab8" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 876515ee894f0e30-AMS access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400 expires Sun, 21 Apr 2024 13:43:45 GMT
GET H2	200	v55bfa2fee65d44688e90c00735ed189a1713218998793 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	186ms 82ms	Script text/javascript	2606:4700::6810:5049 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Origin https://de1.xyz01.fun Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:45 GMT content-encoding gzip last-modified Mon, 15 Apr 2024 22:09:58 GMT server cloudflare etag W/"2024.4.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 876515eeb8926610-AMS
GET H2	200	brightedge3.php a1.b0e8.com/	35 B 218 B	138ms 35ms	Image image/gif	34.111.78.58 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://a1.b0e8.com/brightedge3.php?id=f00000000154978&url=https%3A//de1.xyz01.fun/&ref=&title=International%20Landing%20Page%20%7C%20PETA&metadesc=PETA%27s%20animal%20rights%20campaigns%20include%20ending%20fur%20and%20leather%20use%20meat%20and%20dairy%20consumption%20fishing%20hunting%20trapping%20factory%20farming%20circuses%20bull%20fighting%20rodeos%20and%20animal%20experimentation&metakeywords= Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.78.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 58.78.111.34.bc.googleusercontent.com Software bws/1.0 / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-be-pop BRU-1-301 date Thu, 18 Apr 2024 13:43:37 GMT via 1.1 google last-modified Wed, 23 Jun 2021 22:46:15 GMT server bws/1.0 etag "60d3b9b7-23" content-type image/gif access-control-allow-origin * accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35
GET H2	200	js Show response www.googletagmanager.com/gtag/	283 KB 95 KB	173ms 70ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-FRGVLF1FYN Requested by Host: resources.peta.org URL: https://resources.peta.org/googleAnalytics/global/ga_constants.js?ver=6.5.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 80e05809d3d3a412e71c6448636fa77aded9b333939823adb06d0da52af4e9d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 97070 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 18 Apr 2024 13:43:45 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	425 KB 130 KB	235ms 133ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K76L3F Requested by Host: www.peta.org URL: https://www.peta.org/wp-content/plugins/plugin-google-analytics/inc/js/gtm.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 984ab05a63e8109202f6681294f3777023b37b0a61ffcb0d974e92bde8cc709f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 132705 x-xss-protection 0 last-modified Thu, 18 Apr 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 18 Apr 2024 13:43:45 GMT
GET H/1.1	200 OK	flag-uk.672b30e0.png www.peta.org/wp-content/themes/peta/build/images/	624 B 1 KB	58ms 57ms	Image image/webp	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.peta.org/wp-content/themes/peta/build/images/flag-uk.672b30e0.png Requested by Host: www.peta.org URL: https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d41f07c75b4a64660bdb3874505d44d81b4189f9b4e3e70ddf638a9d6ceafaef Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT CF-Cache-Status HIT Age 1247 Cf-Polished origFmt=png, origSize=1669 Content-Disposition inline; filename="flag-uk.webp" Connection keep-alive Content-Length 624 Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Cf-Bgj imgq:85,h2pri Server cloudflare ETag "66202274-685" Vary Accept, Accept-Encoding Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes CF-Ray 876515ee0b2fa001-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	flag-france.3c2c6ee2.png www.peta.org/wp-content/themes/peta/build/images/	134 B 668 B	111ms 60ms	Image image/webp	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.peta.org/wp-content/themes/peta/build/images/flag-france.3c2c6ee2.png Requested by Host: www.peta.org URL: https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95056e3cd3d3ae123cfeb927f37d9863d095bbf22cb1e1cf6755222942750a1a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT CF-Cache-Status HIT Age 6746 Cf-Polished origFmt=png, origSize=1087 Content-Disposition inline; filename="flag-france.webp" Connection keep-alive Content-Length 134 Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Cf-Bgj imgq:85,h2pri Server cloudflare ETag "66202274-43f" Vary Accept, Accept-Encoding Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes CF-Ray 876515ee7f3d0b5e-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	flag-germany.ac9d5b61.png www.peta.org/wp-content/themes/peta/build/images/	114 B 648 B	116ms 65ms	Image image/webp	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.peta.org/wp-content/themes/peta/build/images/flag-germany.ac9d5b61.png Requested by Host: www.peta.org URL: https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c1e7c84815420da7eb82df5248ce0ff8767bdabf2ea204b3234ab86da1cc498 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT CF-Cache-Status HIT Age 409 Cf-Polished origFmt=png, origSize=1070 Content-Disposition inline; filename="flag-germany.webp" Connection keep-alive Content-Length 114 Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Cf-Bgj imgq:85,h2pri Server cloudflare ETag "66202274-42e" Vary Accept, Accept-Encoding Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes CF-Ray 876515ee7ba2a001-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	flag-netherlands.5c5a3fa6.png www.peta.org/wp-content/themes/peta/build/images/	128 B 666 B	60ms 58ms	Image image/webp	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.peta.org/wp-content/themes/peta/build/images/flag-netherlands.5c5a3fa6.png Requested by Host: www.peta.org URL: https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 948496d2395a18f44ad8664e09fd07656589517683b4382fec46e4132497e42c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT CF-Cache-Status HIT Age 409 Cf-Polished origFmt=png, origSize=1082 Content-Disposition inline; filename="flag-netherlands.webp" Connection keep-alive Content-Length 128 Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Cf-Bgj imgq:85,h2pri Server cloudflare ETag "66202274-43a" Vary Accept, Accept-Encoding Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes CF-Ray 876515ee2e1c0b30-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	flag-india.6f77f511.png www.peta.org/wp-content/themes/peta/build/images/	326 B 858 B	52ms 52ms	Image image/webp	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.peta.org/wp-content/themes/peta/build/images/flag-india.6f77f511.png Requested by Host: www.peta.org URL: https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f2b8dec21a57093a6972647963b0e1ce182f3c3328d50d7c3c4e16414763530 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT CF-Cache-Status HIT Age 409 Cf-Polished origFmt=png, origSize=1344 Content-Disposition inline; filename="flag-india.webp" Connection keep-alive Content-Length 326 Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Cf-Bgj imgq:85,h2pri Server cloudflare ETag "66202274-540" Vary Accept, Accept-Encoding Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes CF-Ray 876515ee2a036562-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	flag-australia.c8bd44ac.png www.peta.org/wp-content/themes/peta/build/images/	820 B 1 KB	100ms 48ms	Image image/webp	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.peta.org/wp-content/themes/peta/build/images/flag-australia.c8bd44ac.png Requested by Host: www.peta.org URL: https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6b4e75a6124c4c2626367f2288cc69329b7091cc633c0ed2162940bc1eb6507 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.peta.org/wp-content/themes/peta/build/style-index.css?ver=1713382004 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT CF-Cache-Status HIT Age 409 Cf-Polished origFmt=png, origSize=1869 Content-Disposition inline; filename="flag-australia.webp" Connection keep-alive Content-Length 820 Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Cf-Bgj imgq:85,h2pri Server cloudflare ETag "66202274-74d" Vary Accept, Accept-Encoding Content-Type image/webp Cache-Control public, max-age=31536000 Accept-Ranges bytes CF-Ray 876515ee7d7ab954-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H/1.1	200 OK	montserrat-v26-latin-700.woff2 www.peta.org/wp-content/themes/peta/fonts/montserrat/	15 KB 16 KB	278ms 234ms	Font application/octet-stream	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/themes/peta/fonts/montserrat/montserrat-v26-latin-700.woff2 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; frame-ancestors 'self' https://*.peta.org https://*.petalatino.com https://*.peta2.com; frame-src blob: * Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Origin https://de1.xyz01.fun Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff CF-Cache-Status MISS Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; frame-ancestors 'self' https://*.peta.org https://*.petalatino.com https://*.peta2.com; frame-src blob: * Connection keep-alive Content-Length 15240 Referrer-Policy no-referrer-when-downgrade Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Server cloudflare ETag "66202274-3b88" Vary Accept-Encoding Content-Type application/octet-stream Access-Control-Allow-Origin * Cache-Control public, max-age=7200 Permissions-Policy midi=(),accelerometer=(), gyroscope=(), magnetometer=(), fullscreen=* Accept-Ranges bytes CF-Ray 876515ee7b9d0e70-AMS Expires Thu, 18 Apr 2024 15:43:45 GMT
GET H/1.1	200 OK	montserrat-v26-latin-regular.woff2 www.peta.org/wp-content/themes/peta/fonts/montserrat/	15 KB 16 KB	296ms 252ms	Font application/octet-stream	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-content/themes/peta/fonts/montserrat/montserrat-v26-latin-regular.woff2 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281 Security Headers Name Value Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; frame-ancestors 'self' https://*.peta.org https://*.petalatino.com https://*.peta2.com; frame-src blob: * Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Origin https://de1.xyz01.fun Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff CF-Cache-Status MISS Content-Security-Policy default-src 'unsafe-inline' 'unsafe-eval' 'self' data: *; frame-ancestors 'self' https://*.peta.org https://*.petalatino.com https://*.peta2.com; frame-src blob: * Connection keep-alive Content-Length 14940 Referrer-Policy no-referrer-when-downgrade Last-Modified Wed, 17 Apr 2024 19:26:44 GMT Server cloudflare ETag "66202274-3a5c" Vary Accept-Encoding Content-Type application/octet-stream Access-Control-Allow-Origin * Cache-Control public, max-age=7200 Permissions-Policy midi=(),accelerometer=(), gyroscope=(), magnetometer=(), fullscreen=* Accept-Ranges bytes CF-Ray 876515ee7ccf9ff6-AMS Expires Thu, 18 Apr 2024 15:43:45 GMT
GET H3	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	284 KB 68 KB	52ms 51ms	Script application/javascript	104.16.160.145 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:45 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 3387 etag W/"e3be409ac3c100e2a5d3f264ec260551" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 876515eee9dc0e30-AMS access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400 expires Sun, 21 Apr 2024 13:43:45 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response www.peta.org/wp-includes/js/	18 KB 5 KB	81ms 81ms	Script application/javascript	104.18.198.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.peta.org/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.198.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:45 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 17 Apr 2024 19:26:45 GMT Server cloudflare Age 5707 ETag W/"66202275-4926" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive CF-Ray 876515ef4c8ea001-AMS Expires Fri, 18 Apr 2025 13:43:45 GMT
GET H3	200	main.js Show response de1.xyz01.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/ Frame C6B9 Redirect Chain https://de1.xyz01.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js https://de1.xyz01.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js	8 KB 4 KB	24ms 24ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de1.xyz01.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H3 Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 948ff4cb4e3026a4ec5a8a2fb421aaff5c7d2411bd2c89a7ab8d414bb0591309 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 18 Apr 2024 13:43:45 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2F44ugAkKJI5qZP5dkOUyLF8kT5MPwJBbSnYVFJ81KtX1liMLXmLg6tx3fkyel3TcysNYu4GZmmWoVnrg1%2FMYqdA2eqpLiWLXdKCdWdjduBpHXlMSvumPa%2Fyyaj2PWLb"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public cf-ray 876515ef6abe1c04-AMS alt-svc h3=":443"; ma=86400 Redirect headers date Thu, 18 Apr 2024 13:43:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o0smJqGRsx6%2Bkx7BEWaryc88rCT1AZVNFlboVDL35oVQFUYg1qJto1BB5SIDZiEAQ6wR0USUm6a3XA08jKwCtZkSiJpsmCZtxOcezQQ89x6wy3yBP1McYeQgAng%2FJKil"}],"group":"cf-nel","max_age":604800} location /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js access-control-allow-origin * cache-control max-age=300, public cf-ray 876515ef4aa21c04-AMS alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	web Show response onesignal.com/api/v1/sync/07d5ce78-2bce-40af-b2da-83cad9b85164/	3 KB 2 KB	67ms 47ms	Script text/javascript	104.16.160.145 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/07d5ce78-2bce-40af-b2da-83cad9b85164/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605 Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b80a4f64e870138797d48b4dd713760743141e6c0678b5df8d3e499572c6d02 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:45 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=15552000; includeSubDomains age 2216 cf-polished origSize=3376 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 7ea3df25-2100-4209-81d7-0d3764b1fa38 x-runtime 0.039596 referrer-policy strict-origin-when-cross-origin cf-bgj minify server cloudflare etag W/"4a2dca56ebf1ec3eb5cbad05c6c36fce" x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 876515efbaa10e30-AMS access-control-allow-headers SDK-Version expires Thu, 18 Apr 2024 14:43:45 GMT
POST H3	200	876515eadef48db7 Show response de1.xyz01.fun/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C6B9	0 576 B	42ms 40ms	XHR text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de1.xyz01.fun/cdn-cgi/challenge-platform/h/g/jsd/r/876515eadef48db7 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers date Thu, 18 Apr 2024 13:43:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLPbwDQlxSfb%2FWJq669vu3bpQpYh7Qo8L1MA8wnqay0w3phHUQWVzmxCIjhco0VhdG9OdoFjE7Nn%2FDptDEqXrI2J%2BHENSj7FBzlke1rWYUFHtv9c70UeXr2HS3xTxyy0"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 876515f0ac281c04-AMS alt-svc h3=":443"; ma=86400 content-length 0
POST H2	204	collect region1.analytics.google.com/g/	0 254 B	70ms 22ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-FRGVLF1FYN&gtm=45je44f0v9102481821za200&_p=1713447825527&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=970527109.1713447826&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dt=international%20landing%20page%20%7C%20peta&dl=https%3A%2F%2Fde1.xyz01.fun%2F&sid=1713447826&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=1992 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-FRGVLF1FYN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 18 Apr 2024 13:43:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://de1.xyz01.fun cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 254 B	90ms 23ms	Ping text/plain	2a00:1450:400c:c0a::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FRGVLF1FYN&cid=970527109.1713447826&gtm=45je44f0v9102481821za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-FRGVLF1FYN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 18 Apr 2024 13:43:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://de1.xyz01.fun cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.nl/ads/	42 B 409 B	111ms 45ms	Image image/gif	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FRGVLF1FYN&cid=970527109.1713447826&gtm=45je44f0v9102481821za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=44815349 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 18 Apr 2024 13:43:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	223 KB 79 KB	53ms 52ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-976523874&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K76L3F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 402ad9b0aec7f2c4ab791d59b91c531a385d4a50c230d03485de8ac847990c7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:46 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80723 x-xss-protection 0 last-modified Thu, 18 Apr 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 18 Apr 2024 13:43:46 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	89ms 37ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K76L3F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Thu, 18 Apr 2024 13:43:45 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1A1D673B28414F3DA9CA7292C01145AB Ref B: AMS04EDGE2606 Ref C: 2024-04-18T13:43:46Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	48 KB 17 KB	69ms 16ms	Script application/javascript	2a02:26f0:c900:3::174c:cc8b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K76L3F Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:c900:3::174c:cc8b Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:46 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 09 Apr 2024 07:42:51 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=67624 accept-ranges bytes content-length 17238
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	86ms 23ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K76L3F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:46 GMT content-encoding gzip last-modified Thu, 04 Apr 2024 00:26:35 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kcgs7200164-IAD, cache-fra-etou8220090-FRA
GET H2	200	ndp.js Show response ads.nextdoor.com/public/pixel/	7 KB 4 KB	546ms 176ms	Script application/javascript	54.149.212.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.nextdoor.com/public/pixel/ndp.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K76L3F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.149.212.123 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-149-212-123.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash e358ac9219c2bfde08ebd2b62efe991cc0e27671ec64bdc5b6b15a5c195107de Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com; Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:46 GMT content-security-policy frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com; content-encoding gzip last-modified Tue, 16 Apr 2024 16:26:43 GMT server istio-envoy etag W/"661ea6c3-1d56" vary Accept-Encoding content-type application/javascript x-envoy-upstream-service-time 2
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	72ms 22ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 18 Apr 2024 13:43:46 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57850 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1294, tbw=2762, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug f4RN3iuI9wwBPRbBdwC8/T5SiZd+f1O1R3FQa7d9QpTP+k0Zg90VilkqBdvDrFiR4+Ky5TmQgOAEvuFAQyLCoA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	sv.js Show response track.securedvisit.com/js/	60 KB 24 KB	437ms 204ms	Script application/javascript	3.228.49.14 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://track.securedvisit.com/js/sv.js Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.228.49.14 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-228-49-14.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash cf59eebad97bdd1490c98d00280dc4a95a5e0543ff6e05030793e8756abc9443 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 18 Apr 2024 13:43:46 GMT content-encoding gzip last-modified Thu, 18 Apr 2024 13:43:46 GMT server nginx/1.24.0 etag W/"f617b666f3c16d1666e3099c57cb63a9" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control no-cache, max-age=0, must-revalidate, proxy-revalidate, private expires Thu, 18 Apr 2024 13:43:46 GMT
GET H2	200	sync Show response live.rezync.com/	989 B 2 KB	245ms 171ms	Script text/javascript	18.173.233.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=7d4adc634e315028c8504134fcac5e2a&k=peta-pixel-1139&zmpID=peta&categoryID={categoryID}&productID={Transaction%20Products%20List%20Names%20(First%20Item%20Name%20Only%20and%20made%20Lowercase)}&cartTotal={cartTotal}&cartQty={cartQty}&OrderID={Transaction%20ID}&OrderAmount={Transaction%20Total%20Revenue}&OrderQty={OrderQty}&custom1=petafoundation Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K76L3F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.233.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-233-76.dus51.r.cloudfront.net Software lighttpd/1.4.69 / Resource Hash ea4bf275ccf7258d95c619b0fafb5f62c9391165af806e33f3d15dd7b43431e6 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:46 GMT via 1.1 818fd5af033e15165f0e7cde0c631ba6.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop DUS51-P3 vary Cookie x-cache Miss from cloudfront content-type text/javascript accept-ranges bytes content-length 989 x-amz-cf-id By08iuttW5-kToFcHgET3IzNMzWuXxJxfLmV_HMu6ymy6UGduNe6UA==
GET H/1.1	200 OK	spx Show response dx.mountain.com/	16 KB 5 KB	443ms 115ms	Script application/javascript	34.238.149.65 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://dx.mountain.com/spx?dxver=4.0.0&shaid=34436&tdr=&plh=https%3A%2F%2Fde1.xyz01.fun%2F&cb=8007275824940296term=value Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.238.149.65 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-238-149-65.compute-1.amazonaws.com Software istio-envoy / Resource Hash daad5c0333da278bf770f0628a443cecf02d0d6021e6375bba3cce9030d7b9ef Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:46 GMT content-encoding gzip server istio-envoy vary origin,access-control-request-method,access-control-request-headers,accept-encoding transfer-encoding chunked content-type application/javascript;charset=utf-8 x-envoy-upstream-service-time 2 be spx-prod expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	events.js Show response tags.srv.stackadapt.com/	18 KB 7 KB	177ms 122ms	Script text/javascript	3.69.41.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/events.js Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-69-41-26.eu-central-1.compute.amazonaws.com Software / Resource Hash 918ae4aab23c72004fc4ef4ec7c862073a45c26b46e17697bd3e77cf8dd211f8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Thu, 18 Apr 2024 13:43:46 GMT cache-control max-age=5 content-encoding gzip content-type text/javascript
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 2 KB	293ms 141ms	Script application/javascript	104.126.37.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLF1KL3C77U022B46TF0&lib=ttq Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-146.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 15fc0ad21bb0b5664810b62c82dd84a077cb965caad883ae86bfbbecb59a29cf Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 24bc45ce date Thu, 18 Apr 2024 13:43:46 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240418134346996B111D0AD6F35C6022-669A5D2913045A79-00 x-cache TCP_MISS from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) server-timing inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=104 content-length 1747 pragma no-cache server nginx x-tt-logid 20240418134346996B111D0AD6F35C6022 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 104,104.126.37.142 x-tt-trace-host 017cac3744e42e5ff987ced0c0fce392e8b68d402d7e85691bc33485c2fc96c55a588be96e33da5e411e2a6f795292818d3cc77dd87351faf6f3924cd2dd0ab87a742adfea1581e90c8708ca0a19c47698d210e68c1f391205545a907d35cda3a3 expires Thu, 18 Apr 2024 13:43:46 GMT
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3515218&time=1713447826183&li_adsId=90884a85-70e0-4ac0-b0d3-2614a32c6ca1&url=https%3A%2F%2Fde1.xyz01.fun%2F https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3515218&time=1713447826183&li_adsId=90884a85-70e0-4ac0-b0d3-2614a32c6ca1&url=https%3A%2F%2Fde1.xyz01.fun%2F&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3515218%26time%3D1713447826183%26li_adsId%3D90884a85-70e0-4ac0-b0d3-2614a32c6ca1%... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3515218&time=1713447826183&li_adsId=90884a85-70e0-4ac0-b0d3-2614a32c6ca1&url=https%3A%2F%2Fde1.xyz01.fun%2F&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3515218&time=1713447826183&li_adsId=90884a85-70e0-4ac0-b0d3-2614a32c6ca1&url=https%3A%2F%2Fde1.xyz01.fun%2F&cookiesTest=true&liSync=true&e_ipv6=A...	0 267 B	237ms 181ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3515218&time=1713447826183&li_adsId=90884a85-70e0-4ac0-b0d3-2614a32c6ca1&url=https%3A%2F%2Fde1.xyz01.fun%2F&cookiesTest=true&liSync=true&e_ipv6=AQLfzeLqQa3YBQAAAY7xcvZ2EziNEWx5p0SoNOXAqg76-IaMtNk-A6MaRKUJlAggljdp8wlKDdowwwvgeQ Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://de1.xyz01.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 18 Apr 2024 13:43:46 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 01BC89B21CE3424C86FC4286F0883C6D Ref B: AMS04EDGE1308 Ref C: 2024-04-18T13:43:47Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYWXykWbIpIGEsCih05eA== Redirect headers date Thu, 18 Apr 2024 13:43:46 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 1D2D810526C94E279B5D0923650A3C24 Ref B: DUS30EDGE0816 Ref C: 2024-04-18T13:43:46Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3515218&time=1713447826183&li_adsId=90884a85-70e0-4ac0-b0d3-2614a32c6ca1&url=https%3A%2F%2Fde1.xyz01.fun%2F&cookiesTest=true&liSync=true&e_ipv6=AQLfzeLqQa3YBQAAAY7xcvZ2EziNEWx5p0SoNOXAqg76-IaMtNk-A6MaRKUJlAggljdp8wlKDdowwwvgeQ x-li-proto http/2 content-length 0 x-li-uuid AAYWXykSm00Y+C0wsEU+yA==
GET H2	200	adsct t.co/1/i/	43 B 378 B	312ms 216ms	Image image/gif	104.244.42.197 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=25a8c77a-9d0d-406c-aaaf-cfba3b6b7d6c&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=10af78bc-ea14-4f22-98fb-b84f3cbdf0c6&tw_document_href=https%3A%2F%2Fde1.xyz01.fun%2F&tw_iframe_status=0&txn_id=oci2o&type=javascript&version=2.3.30 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.197 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 180 date Thu, 18 Apr 2024 13:43:45 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 1514a00df97f14c8 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 30d0e37c176ba12777f9390d7e7c977170e38d70dd3f9c3cd35f18b9f8fc5c4a content-length 43
GET H2	200	adsct analytics.twitter.com/1/i/	43 B 726 B	312ms 216ms	Image image/gif	104.244.42.131 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=25a8c77a-9d0d-406c-aaaf-cfba3b6b7d6c&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=10af78bc-ea14-4f22-98fb-b84f3cbdf0c6&tw_document_href=https%3A%2F%2Fde1.xyz01.fun%2F&tw_iframe_status=0&txn_id=oci2o&type=javascript&version=2.3.30 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.131 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 181 date Thu, 18 Apr 2024 13:43:45 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 273470149439206c cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 694a17e7b8717e20a2e155e0dfac2a65b9f072c5a2ba37001b3ca5f4dd468edf content-length 43
GET H2	204	4027808.js Show response bat.bing.com/p/action/	0 118 B	34ms 34ms	Script text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/4027808.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Thu, 18 Apr 2024 13:43:45 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8C64A07EBA7249F4A6721F1A7A792FA8 Ref B: AMS04EDGE2606 Ref C: 2024-04-18T13:43:46Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 288 B	89ms 89ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=4027808&tm=gtm002&Ver=2&mid=303ace2e-3ab1-41f0-b368-922420a8c49d&sid=adbbba40fd8911eea4f84f0eaca7c7d9&vid=adbbfab0fd8911ee979e47192af59877&vids=1&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=International%20Landing%20Page%20%7C%20PETA&p=https%3A%2F%2Fde1.xyz01.fun%2F&r=&lt=1693&evt=pageLoad&sv=1&rn=695298 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 18 Apr 2024 13:43:45 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 3E6706307E6C4EB78403BE72EC55F603 Ref B: AMS04EDGE2606 Ref C: 2024-04-18T13:43:46Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1553612424888078 Show response connect.facebook.net/signals/config/	295 KB 92 KB	327ms 320ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1553612424888078?v=2.9.154&r=stable&domain=de1.xyz01.fun&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ae623a8aaffd22a68d19c4b1ee2ffe35feef7f1fcec3980d56b06fb551abf421 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 18 Apr 2024 13:43:46 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=26, rtx=0, c=64, mss=1294, tbw=63184, tp=-1, tpl=-1, uplat=278, ullat=0 pragma public x-fb-debug R6Ik9xDX2xzxyD3j8CezWvWa7rJjXPXULWWx49nXCGT51hAnlDx24ScvVcSdQz5P59RvgOBDsCqio+x+FZDCpA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	p13n.min.js Show response cdn.boomtrain.com/p13n/peta/	92 KB 30 KB	105ms 32ms	Script application/javascript	18.173.233.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.boomtrain.com/p13n/peta/p13n.min.js Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.173.233.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-233-34.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash de77be5a15b0c7eeaa00dd90cd9c2e887a6f7c1cd774cc6058913ce3ff4e8b30 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id JTmJwcYV3339NLoaAjc0gVnqLLr.Je9l Content-Encoding gzip Via 1.1 49d84581801ea6dd3f53c478c337f294.cloudfront.net (CloudFront) Date Thu, 18 Apr 2024 12:59:20 GMT X-Amz-Cf-Pop DUS51-P3 Age 2852 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Wed, 17 Apr 2024 13:31:13 GMT Server AmazonS3 ETag W/"a3668ecf7f180968a1e652a552a5e9c4" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=3600 X-Amz-Cf-Id sL7TF5vDgrhOCL5hp89PZNeCbfbhgr6Ws2SmC55CzMWapC3p_A7FnQ==
GET H/1.1	200 OK	64581 i.liadm.com/s/	0 180 B	419ms 100ms	Image text/plain	18.208.123.89 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://i.liadm.com/s/64581?bidder_id=200442&bidder_uuid=8b759514-fab6-4f78-99e1-08e479dcb80d:1713447826.2664835 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.208.123.89 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-123-89.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:46 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 0 Request-Time 0
GET H2	200	sa.css tags.srv.stackadapt.com/	65 B 204 B	112ms 112ms	Stylesheet text/css	3.69.41.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.css Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-69-41-26.eu-central-1.compute.amazonaws.com Software / Resource Hash 6afdbe5ca48c0fcbc70ff9bfe431054333fdaafeb2a62758a46e0cb461fcf227 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Thu, 18 Apr 2024 13:43:46 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 65 content-type text/css
GET H2	200	sa.jpeg Show response tags.srv.stackadapt.com/	0 2 KB	162ms 114ms	Fetch image/jpeg	3.69.41.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.jpeg Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-69-41-26.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Thu, 18 Apr 2024 13:43:46 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 651 content-type image/jpeg
GET H/1.1	200 OK	resolve Show response people.api.boomtrain.com/identify/	138 B 453 B	497ms 126ms	XHR application/json	52.2.87.170 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiOGI3NTk1MTQtZmFiNi00Zjc4LTk5ZTEtMDhlNDc5ZGNiODBkOjE3MTM0NDc4MjYuMjY2NDgzNSJ9fQ%3D%3D&site_id=peta Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.2.87.170 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-2-87-170.compute-1.amazonaws.com Software nginx / Resource Hash 2cfdfcbd4752567ec22326a78ccc4ee8453043f4c41631c207b78264575449c4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:46 GMT Server nginx Access-Control-Allow-Methods GET,PUT,POST,DELETE Content-Type application/json Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers X-Requested-With,Content-Type,Authorization,x-app-id Content-Length 138
GET H2	200	main.MWUwMmM4N2RjMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	431 KB 114 KB	72ms 71ms	Script application/javascript	104.126.37.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMmM4N2RjMQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLF1KL3C77U022B46TF0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-146.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 07fc6d38db626c1d81623f87f5ad2232c3c818ca47cb20cda302b18024c74703 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 24bc47d9 date Thu, 18 Apr 2024 13:43:46 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202404181232206A8043691919A5526646 x-tt-trace-id 00-2404181232206A8043691919A5526646-7A00DD6A70E73F2C-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01e83347a3adc10a758a23ef82168773a914106ef3f5c8601234eeed5d273313f3db75aedbeb631c2f8e372ac93e98b914a8f8757faac48ab893cee6d36724e06b92c2138f9a2a917c5062a8d7be0e80f5f40dc0919159caca42f32f0688698d31 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15 content-length 116286
GET H2	200	saq_pxl Show response tags.srv.stackadapt.com/	94 B 287 B	118ms 118ms	XHR text/plain	3.69.41.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/saq_pxl?uid=5KVXaeIGP4Cwt0ThcZNg8w&is_js=true&landing_url=https%3A%2F%2Fde1.xyz01.fun%2F&t=International%20Landing%20Page%20%7C%20PETA&tip=FI-9enEfI2Oad6MoulsJCxstWDig360egVf9pduIiTw&host=https%3A%2F%2Fde1.xyz01.fun&sa_conv_data_css_value=%270-3e9bc40a-da11-5698-498c-32662ba86459%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd93e9bc40ada115698498c32662ba864595fd3c791&sa-user-id-v3=s%253AAQAKIJ_jCSFPbnLfd40evJ9aSryXyue2TopJJIvFYhu3AfTTEHwYBCCSx4SxBjABOgS9M-cxQgQJWnmP.PUdFVymlYR9KfnJyEcskQ%252BkxerWBHzMC9YZPKsIXYF8&sa-user-id-v2=s%253APpvECtoRVphJjDJmK6hkWV_Tx5E.xE%252Fb%252BwrgneqsSBI%252FEdq%252BpyDYpEYUPosj48dKx7%252FwJ98&sa-user-id=s%253A0-3e9bc40a-da11-5698-498c-32662ba86459.HhGW%252FGhAx2PYlZUvoWdkPbqOYgks4W1QfoGVLhL9YQw Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.69.41.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-69-41-26.eu-central-1.compute.amazonaws.com Software / Resource Hash 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://de1.xyz01.fun date Thu, 18 Apr 2024 13:43:46 GMT access-control-allow-credentials true access-control-allow-headers * content-length 94 access-control-allow-methods GET content-type text/plain; charset=utf-8
GET H/1.1	200 OK	is Show response 52.71.121.170/	32 B 437 B	433ms 103ms	Fetch text/plain	52.71.121.170 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://52.71.121.170/is Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.71.121.170 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-71-121-170.compute-1.amazonaws.com Software istio-envoy / Resource Hash f5e7df8a31d77d01084d3c4a92777287c40de1f5809c6608aa58e7cf7ed9bb66 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:46 GMT server istio-envoy access-control-allow-methods GET, POST, OPTIONS content-type text/plain;charset=utf-8 access-control-allow-origin * x-envoy-upstream-service-time 1 connection close access-control-allow-headers Accept, Content-Type, x-requested-with, X-Custom-Header content-length 32 x-application-context application:prod:8080
GET H2	200	identify_cc80e.js Show response analytics.tiktok.com/i18n/pixel/static/	139 KB 37 KB	33ms 33ms	Script application/javascript	104.126.37.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_cc80e.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMmM4N2RjMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-146.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 24bc4947 date Thu, 18 Apr 2024 13:43:46 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202404181232206D59EDCFA0E646634F3D x-tt-trace-id 00-2404181232206D59EDCFA0E646634F3D-0494A5C81EFCA743-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 014dcd51eb78288b89616c95924c84aea0fc38152fd06081ec8bc0214146cf52621169654f5e8990fe48e4e642089a31ef2b13cdc7773329ed9050639108f1065173f8dd2c9b3151ad9d2da3b406d9704680400bb2da1a2743653f95c0fc2bb431 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10 content-length 37064
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 703 B	292ms 288ms	Ping text/plain	104.126.37.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMmM4N2RjMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-146.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 24bc4bcc date Thu, 18 Apr 2024 13:43:47 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2404181343461FC289F957EF705560D9-5433BF0119187292-00 x-cache TCP_MISS from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) server-timing inner; dur=42, cdn-cache; desc=MISS, edge; dur=9, origin; dur=129 content-length 0 pragma no-cache server nginx x-tt-logid 202404181343461FC289F957EF705560D9 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 129,104.126.37.142 x-tt-trace-host 017cac3744e42e5ff987ced0c0fce392e8b68d402d7e85691bc33485c2fc96c55a8d7dbb8265bfefad2265274e7d9545e5c38bce0a90b79e970835f290ca73ee9e2353bee1bb50cd0330d810ad78d51571847e929ebc4fa3f3d150850e1ac65d61 access-control-allow-headers Authorization,* expires Thu, 18 Apr 2024 13:43:47 GMT
GET H2	204	pixel flask.nextdoor.com/	0 113 B	542ms 172ms	Image text/plain	44.227.41.148 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://flask.nextdoor.com/pixel?pid=a3632f9d-0fab-418d-b992-b9dcdef0f38e&vrs=8.3&ev=PAGE_VIEW&pl=https%3A%2F%2Fde1.xyz01.fun%2F&ndclid=&ndclid_src=0&rf=&sem=&tm=GTM&iid=bf18903f-8dfb-4e36-a5ac-43e2904f4ec4&pageid=ce7bbb7f-7339-4c3c-ba95-08d8895205bc&sessionid=82309f42-73d1-4819-a364-d2d254d0bd5a&cd=%7B%7D Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.227.41.148 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-227-41-148.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:47 GMT x-envoy-upstream-service-time 4 server istio-envoy context-id 2a8666a7-b0c9-4efd-8edd-e658d727dfaf
GET H3	200	787220167986438 Show response connect.facebook.net/signals/config/	24 KB 3 KB	129ms 129ms	Script application/x-javascript	157.240.251.9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/787220167986438?v=2.9.154&r=stable&domain=de1.xyz01.fun&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C145%2C208%2C209%2C207%2C128%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra5.fbcdn.net Software / Resource Hash db82774f1ff6877117a9f418d50a8426ef122c871bc9783bd827a4a8921d89ba Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 18 Apr 2024 13:43:46 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=30, rtx=0, c=38, mss=1232, tbw=4308, tp=9, tpl=0, uplat=103, ullat=0 pragma public x-fb-debug NEjCSo7/oY3CmiVEHt5KRJd6l/YaxieSy84z6eJBCbeQ75cx9ye5I1qEVRQoPI1NFgQP3fJNwj8aS1EGu06Kvw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	ef4dc23a9f025a6bd09d4dfcc68c55030e13ff0a27cdf1f38fa237e9d239296f Show response convert.fsaptech.com/events/	0 163 B	463ms 108ms	XHR text/plain	3.145.11.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://convert.fsaptech.com/events/ef4dc23a9f025a6bd09d4dfcc68c55030e13ff0a27cdf1f38fa237e9d239296f Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.145.11.115 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-145-11-115.us-east-2.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://de1.xyz01.fun date Thu, 18 Apr 2024 13:43:47 GMT strict-transport-security max-age=15724800; includeSubDomains access-control-allow-credentials true content-length 0 vary origin
GET H2	200	/ www.facebook.com/tr/	0 103 B	87ms 26ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1553612424888078&ev=PageView&dl=https%3A%2F%2Fde1.xyz01.fun%2F&rl=&if=false&ts=1713447826937&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713447826932.1385746449&eid=ob3_plugin-set_d8996d2265ca374d6df0bee49e967a815e2c6fc7ed36d8bb54098ddf9d38886b&cs_est=true&ler=empty&cdl=API_unavailable&it=1713447826253&coo=false&rqm=GET Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1294, tbw=3098, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 18 Apr 2024 13:43:47 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 275 B	84ms 23ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=787220167986438&ev=PageView&dl=https%3A%2F%2Fde1.xyz01.fun%2F&rl=&if=false&ts=1713447826945&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713447826932.1385746449&cs_est=true&ler=empty&cdl=API_unavailable&it=1713447826253&coo=false&rqm=GET Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1294, tbw=2810, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 18 Apr 2024 13:43:47 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H/1.1	200 OK	persons Show response people.api.boomtrain.com/	138 B 453 B	168ms 168ms	XHR application/json	52.2.87.170 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://people.api.boomtrain.com/persons?data=eyIkc2V0Ijp7InRpdGxlS2V5IjoicGV0YWZvdW5kYXRpb24iLCJ3ZWJUaW1lc3RhbXAiOiIyMDI0LTA0LTE4VDEzOjQzOjQ2LjM2MVoifSwiYnNpbiI6InJlQXZSaWxyYmJwaWhJMmdVSmcwVW5hUHpLT0p0Nk9EbjhzODJkVEhrMysxM29hdTh2NGhCdXlXZ3owK2t5dXBic3p2Y0NPOHBYNjBnNmE4dnZLZFF3PT0ifQ%3D%3D&site_id=peta Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.2.87.170 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-2-87-170.compute-1.amazonaws.com Software nginx / Resource Hash df04a49b4b0cccd1663afdc1a40e0b634eb8d86c499fda9cfae2000e2da7555e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 13:43:47 GMT Server nginx Access-Control-Allow-Methods GET,PUT,POST,DELETE Content-Type application/json Access-Control-Allow-Origin * Connection keep-alive Access-Control-Allow-Headers X-Requested-With,Content-Type,Authorization,x-app-id Content-Length 138
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 848 B	196ms 195ms	Ping text/plain	104.126.37.146 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMmM4N2RjMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-146.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 6b1fc9f0.24bc4de8 date Thu, 18 Apr 2024 13:43:47 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240418134347B843C60256569A5D1835-781C8420893BDF39-00 x-cache TCP_MISS from a104-126-37-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) x-parent-response-time 155,104.126.37.142 server-timing cdn-cache; desc=MISS, edge; dur=108, origin; dur=59, inner; dur=18 content-length 0 pragma no-cache server nginx x-tt-logid 20240418134347B843C60256569A5D1835 x-cache-remote TCP_MISS from a23-220-106-217.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 59,23.220.106.217 x-tt-trace-host 017cac3744e42e5ff987ced0c0fce392e8b68d402d7e85691bc33485c2fc96c55a10d3a045d223bc7dd602ca73d2e6875449d44c8c881b68d7b3820bde91e2bcecac8797967e308de2c5bf488d8075f2fdedff900d49f635a06aaa2a26d6a358f550db706ae802ebfcf8ff4f2669d799af access-control-allow-headers Authorization,* expires Thu, 18 Apr 2024 13:43:47 GMT
GET H/1.1	200 OK	st Show response px.mountain.com/	2 KB 2 KB	1360ms 170ms	Script application/javascript	35.85.106.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://px.mountain.com/st?ga_tracking_id=G-FRGVLF1FYN&ga_client_id=970527109.1713447826&shpt=International%20Landing%20Page%20%7C%20PETA&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-FRGVLF1FYN%22%2C%22ga_client_id%22%3A%22970527109.1713447826%22%2C%22shpt%22%3A%22International%20Landing%20Page%20%7C%20PETA%22%2C%22dcm_cid%22%3A%22970527109.1713447826%22%2C%22mntnis%22%3A%22Tc%2BtXnXXpVItnNfO0lKlQJ8svSZfhDbc%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=970527109.1713447826&available_ga=%5B%7B%22id%22%3A%22G-FRGVLF1FYN%22%2C%22sess_id%22%3A%221713447826%22%7D%5D&hardcoded_ga=G-FRGVLF1FYN&dxver=4.0.0&shaid=34436&plh=https%3A%2F%2Fde1.xyz01.fun%2F&cb=8007275824940296term%3Dvalue&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue Requested by Host: dx.mountain.com URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=34436&tdr=&plh=https%3A%2F%2Fde1.xyz01.fun%2F&cb=8007275824940296term=value Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-85-106-161.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash 287b3e73fd29c08612416fd966db2ee67e417dfd9786d85eec0dc0a214ba71aa Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:48 GMT content-encoding gzip server istio-envoy transfer-encoding chunked content-type application/javascript;charset=utf-8 access-control-allow-origin * p3p CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE" x-envoy-upstream-service-time 1 connection close
POST H2	200	track Show response events.api.boomtrain.com/event/	2 B 210 B	315ms 111ms	XHR text/plain	34.197.201.171 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.api.boomtrain.com/event/track Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.197.201.171 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-197-201-171.compute-1.amazonaws.com Software nginx / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Thu, 18 Apr 2024 13:43:47 GMT server nginx access-control-allow-headers X-Requested-With, Content-Type, Authorization, x-app-id content-length 2 access-control-allow-methods GET, PUT, POST, DELETE content-type text/plain
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 197 B	199ms 199ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://de1.xyz01.fun/ sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:46 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 47377033DB95439DBFB49FA36F1215AF Ref B: DUS30EDGE0816 Ref C: 2024-04-18T13:43:47Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://de1.xyz01.fun x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYWXykZavdw5iJOapY8UQ==
GET H/1.1	200 OK	gs Show response gs.mountain.com/	144 B 733 B	859ms 189ms	Script application/javascript	34.212.4.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gs.mountain.com/gs Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-212-4-35.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash 10c5a4c37ca681bf02322f44436e80efc21bb968f5495f1077c425722dfd921f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:49 GMT last-modified Thu, 01 Jan 1970 00:00:00 GMT server istio-envoy access-control-allow-methods GET, POST, OPTIONS content-type application/javascript;charset=utf-8 access-control-allow-origin * p3p CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE" cache-control public, max-age=31536000 x-envoy-upstream-service-time 5 connection close access-control-allow-headers Accept, Content-Type, x-requested-with, X-Custom-Header content-length 144 x-application-context application:prod:8080
GET H/1.1	200 OK	st Show response px.mountain.com/	2 KB 1 KB	529ms 188ms	Script application/javascript	35.85.106.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://px.mountain.com/st?ga_tracking_id=G-FRGVLF1FYN&ga_client_id=970527109.1713447826&shpt=International%20Landing%20Page%20%7C%20PETA&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-FRGVLF1FYN%22%2C%22ga_client_id%22%3A%22970527109.1713447826%22%2C%22shpt%22%3A%22International%20Landing%20Page%20%7C%20PETA%22%2C%22dcm_cid%22%3A%22970527109.1713447826%22%2C%22mntnis%22%3A%22Tc%2BtXnXXpVItnNfO0lKlQJ8svSZfhDbc%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=970527109.1713447826&available_ga=%5B%7B%22id%22%3A%22G-FRGVLF1FYN%22%2C%22sess_id%22%3A%221713447826%22%7D%5D&hardcoded_ga=G-FRGVLF1FYN&dxver=4.0.0&shaid=34436&plh=https%3A%2F%2Fde1.xyz01.fun%2F&shadditional=multiple_conv_types%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue&cb=171344782839617&shguid=89f0a316-5a40-3df8-aaf9-265a733f4326&shgts=1713447829256 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.85.106.161 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-85-106-161.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:49 GMT content-encoding gzip server istio-envoy transfer-encoding chunked content-type application/javascript;charset=utf-8 access-control-allow-origin * p3p CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE" x-envoy-upstream-service-time 16 connection close
GET H2	200	nr-full-1.256.1.min.js Show response js-agent.newrelic.com/	92 KB 30 KB	217ms 35ms	Script application/javascript	2602:816:5001::39 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-full-1.256.1.min.js Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2602:816:5001::39 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d1b01a66e28f8cfe7eb5f04b892d6687530ffa6cf755fc47a0f23425c4b55280 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Origin https://de1.xyz01.fun Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id gTW4678nIyzjBI0OgWHM.KJ4E4VlOXBR content-encoding br via 1.1 varnish date Thu, 18 Apr 2024 13:43:50 GMT strict-transport-security max-age=300 x-amz-request-id 0H62NRR8660CFHVA x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 30022 x-amz-id-2 6UXxvmQaWJt48aoKEWCsJLZvW9/QjllQAeJjk0LSOrsIhZRCPPVxa+qKqLh8bWJ/SvNHdS30lgA= x-served-by cache-mrs10573-MRS last-modified Mon, 15 Apr 2024 13:59:46 GMT server AmazonS3 etag "ba0f1ebcc91a5806051d7633025a0875" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 accept-ranges bytes x-cache-hits 14712
POST H3	200	rum Show response de1.xyz01.fun/cdn-cgi/	0 73 B	95ms 51ms	XHR text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de1.xyz01.fun/cdn-cgi/rum? Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" X-NewRelic-ID VwcAWFRXGwAJU1dbAgE= Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type application/json Referer https://de1.xyz01.fun/ sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:49 GMT x-content-type-options nosniff server cloudflare cf-ray 876516092f971c04-AMS x-frame-options DENY
GET H3	520	favicon.ico de1.xyz01.fun/	7 KB 8 KB	212ms 180ms	Other text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://de1.xyz01.fun/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 573300498248f41b9af95cf55f34e7d8f9b1971cb4ff68b3af3e7d2fa216f619 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 13:43:50 GMT referrer-policy same-origin nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GpP9ZwOQiXKlrqCAg%2BckjcDKz3TX2wt4QfpE1yZUBNwxDCCuDiXhWLFhDDeOLngGwevyROvciiGJuvp7dqGduUyU38rJEj6WKDJ%2FcHQjzv4GI5nf7A8cotScsX43Lvcv"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 876516093fa21c04-AMS alt-svc h3=":443"; ma=86400 content-length 7174 expires Thu, 01 Jan 1970 00:00:01 GMT
POST H/1.1	200	02dde9c89f Show response bam.nr-data.net/1/	146 B 577 B	453ms 147ms	XHR text/plain	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/02dde9c89f?a=3976950&v=1.256.1&to=Z1UHYEpTWkFQAhAIDF4fJFdMW1tcHhUBDBNcURFRFVFVXEcAFw%3D%3D&rst=6046&ck=0&s=5f69699581f1d33c&ref=https://de1.xyz01.fun/&hr=0&af=err,xhr,stn,ins&ap=427&be=1063&fe=4734&dc=630&at=SxIEFgJJSU8%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1713447824098,%22n%22:0,%22f%22:1,%22dn%22:3,%22dne%22:47,%22c%22:47,%22s%22:47,%22ce%22:329,%22rq%22:329,%22rp%22:1063,%22rpe%22:1113,%22di%22:1600,%22ds%22:1690,%22de%22:1693,%22dc%22:5794,%22l%22:5794,%22le%22:5797%7D,%22navigation%22:%7B%7D%7D&fp=1523&fcp=1523 Requested by Host: de1.xyz01.fun URL: https://de1.xyz01.fun/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 65fa518a2be0c62ed4d61a5855c3e5d0c34a5e9e9c4ea164b2b91a595fb78013 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 content-type text/plain Response headers date Thu, 18 Apr 2024 13:43:50 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/plain access-control-allow-origin https://de1.xyz01.fun access-control-expose-headers Date access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection close timing-allow-origin https://de1.xyz01.fun Content-Length 146 x-served-by cache-mrs10522-MRS
POST H2	204	collect region1.analytics.google.com/g/	0 45 B	23ms 22ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-FRGVLF1FYN&gtm=45je44f0v9102481821za200&_p=1713447825527&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=970527109.1713447826&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&dt=international%20landing%20page%20%7C%20peta&dl=https%3A%2F%2Fde1.xyz01.fun%2F&sid=1713447826&sct=1&seg=0&en=scroll&ep.anonymize_ip=true&epn.percent_scrolled=90&_et=34&tfd=7030 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-FRGVLF1FYN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://de1.xyz01.fun/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 18 Apr 2024 13:43:51 GMT server Golfe2 content-type text/plain access-control-allow-origin https://de1.xyz01.fun cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT