hypothesise-ghosts.click Open in urlscan Pro
172.67.184.48  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response hypothesise-ghosts.click/	18 KB 6 KB	114ms 81ms	Document text/html	172.67.184.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hypothesise-ghosts.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 466902a9d9f07ddcd6854dd7cb165a96028296f9fdcff71b3bf4ce33ebff6a46 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 8a86808eedf45d65-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 24 Jul 2024 20:01:26 GMT expires Wed, 24 Jul 2024 20:01:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hOiQCyftKIOBUN8YF9xpes%2BQ9yywfzumbEmaTlpuKmW7H1pcilCjZpPVzHss3onLm1W%2FI58IEopce679g0Bv2290HGjI%2FexEYyDOAl%2BGg6J4LG4Lgmo3UyX0XfCrUqt3v1GRKBuz7NrfHdo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33
GET H3	200	landing_6f2a_1.css hypothesise-ghosts.click/lander/test_1676024554/css/	19 KB 5 KB	52ms 48ms	Stylesheet text/css	172.67.184.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hypothesise-ghosts.click/lander/test_1676024554/css/landing_6f2a_1.css Requested by Host: hypothesise-ghosts.click URL: https://hypothesise-ghosts.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4beee426e1efcac0954b557c795490748405ec1020cbe40891038e01ce9d6a7f Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 20:01:27 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 10 Feb 2023 10:37:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63e61e6a-4d3d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2FKzQCWBWxWr%2F2e0tE1Kuo7JgxWjwrwLH4PvF1isph%2F%2B1g3S6k27o%2B3I2WrAuLGeK4ChFNS2ujwx9JnbF8l%2BQSEzR76hBEuWm0ftqkxB%2B7PkRfqCBJdtWGjOPp0I0I9PZTlxwmPufkWW8Nw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 8a8680905f9b5d65-FRA alt-svc h3=":443"; ma=86400 expires Sat, 03 Aug 2024 20:01:27 GMT
GET H2	200	css2 fonts.googleapis.com/	10 KB 1 KB	84ms 24ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;600;700;800&display=swap Requested by Host: hypothesise-ghosts.click URL: https://hypothesise-ghosts.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3040e2e798f2ea5db394494a6df3efa766ae6e6f53f58b2819575b6c49d99099 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 24 Jul 2024 20:01:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 24 Jul 2024 20:01:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 24 Jul 2024 20:01:27 GMT
GET H2	200	vue.js Show response cdn.jsdelivr.net/npm/vue@2/dist/	425 KB 102 KB	82ms 23ms	Script application/javascript	2606:4700::6812:ba1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/vue@2/dist/vue.js Requested by Host: hypothesise-ghosts.click URL: https://hypothesise-ghosts.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36b10d3b4920592a4ec26c064c429e9a3dfb4689235fdfc91e1736b681c76786 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 20:01:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3538 x-jsd-version 2.7.16 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 104026 x-served-by cache-fra-etou8220071-FRA, cache-lga21947-LGA x-jsd-version-type version server cloudflare etag W/"6a2b7-buf7VCmnnkwlKXAm8TvVUJOx0PI" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sr56LUSNBS6XqlAlEu9ezqync1qrYNTgOD0jw2IFmRq35R6MWGGp7%2FuSmd4q%2BYIqoqMRb7tTSFgXit4h3NmQd4Gsi6sb2ulSUWAb%2FNqC8lnIHlvj4drGBkRKeH82LH4D8RJ%2B9ppMhrVurXnhjpU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin * cf-ray 8a868090bf6f9100-FRA
GET H3	200	bg_5fa8_8.jpg hypothesise-ghosts.click/lander/test_1676024554/img/	140 KB 141 KB	57ms 53ms	Image image/jpeg	172.67.184.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hypothesise-ghosts.click/lander/test_1676024554/img/bg_5fa8_8.jpg Requested by Host: hypothesise-ghosts.click URL: https://hypothesise-ghosts.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17bb4a598ade67e3f2691b42c99a07fd227dfae878fbe201d7c6f6805b9b0d72 Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 20:01:27 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 143628 last-modified Fri, 10 Feb 2023 10:37:30 GMT server cloudflare etag "63e61e6a-2310c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WZ%2BBi9T6jblzdjiEW7OwEw6UkpGOUSv4LAe44KU5vQHSJheYzDqnHCk5Y%2BMyNjx2w6WfpmwFqsqqnapc7eJPpLLlFb9y5lWVc8fw1SWgRzbQIP7wx38jnVa%2BnhZSohFiSPe66Z%2BW3ySdams%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 8a8680905fa75d65-FRA expires Sat, 03 Aug 2024 20:01:27 GMT
GET H3	200	email-decode.min.js Show response hypothesise-ghosts.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	32ms 29ms	Script application/javascript	172.67.184.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hypothesise-ghosts.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: hypothesise-ghosts.click URL: https://hypothesise-ghosts.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 20:01:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 16 Jul 2024 17:14:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6696aa7b-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDM5PuuN17jVp1%2FDj55FwpqByMp2X2LiGUZ6tDHyQaIvYtqkI1k2%2Fubnkmb8wiGXE%2BtzvHW1PNlNttBHqEiDuSvmX%2FBDQjCBpNDZSFj0jc3I6gHq%2F0MSf59Z3qhczUAlyqCWDVfQmMFURcU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 8a8680905fad5d65-FRA expires Fri, 26 Jul 2024 20:01:27 GMT
GET H2	200	vue-slider-component.umd.min.js Show response cdn.jsdelivr.net/npm/vue-slider-component@3.2.11/dist/	54 KB 15 KB	65ms 33ms	Script application/javascript	2606:4700::6812:ba1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/vue-slider-component@3.2.11/dist/vue-slider-component.umd.min.js Requested by Host: hypothesise-ghosts.click URL: https://hypothesise-ghosts.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ced10a99167d683b395a748b656c0314d6e758b76f996e606b781bb18e87c4e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 20:01:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 6848991 x-jsd-version 3.2.11 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 15139 x-served-by cache-fra-etou8220047-FRA, cache-lga21976-LGA x-jsd-version-type version server cloudflare etag W/"d768-M2Vj/7ZChsqlwtMKZz4822Lq0Js" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dWeV5PW%2FZu72Wk8lGLlGbzoqEgxu2cnnffHzPWZAFZ8k4aTnR6v7lZbzR8%2FAoTAuzFXATyrNaes10Ph9gu%2F6H6oMVY%2B95hR%2B5i1Sh%2BzESMC8oePuEPNo53GgfS%2BEQCVYe5U57v1%2B%2BUdXELLBudk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin * cf-ray 8a868090bf719100-FRA
GET H3	200	vendor_2bb2_2.js Show response hypothesise-ghosts.click/lander/test_1676024554/js/	605 KB 171 KB	85ms 84ms	Script application/javascript	172.67.184.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hypothesise-ghosts.click/lander/test_1676024554/js/vendor_2bb2_2.js Requested by Host: hypothesise-ghosts.click URL: https://hypothesise-ghosts.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecef31c46ce02b9219d0b55179ddd5b38bebd76ad86309e6407121c1500ca872 Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 20:01:27 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 10 Feb 2023 10:37:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63e61e6a-973bf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJLNcUV06fTQOdNup8HhQ6HJ8VIcVnIn9InBDt7DzQs6RW4uInkLfFM0VREWdNTtZilqAjxjnLiQ%2B6n70yZvI2UBxBU5U%2Ben72F03EfwX2FiCouh%2B08%2Bm%2FMMJdvAf%2BsKSthLiZ1bhRGNfFA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 8a8680908fd95d65-FRA alt-svc h3=":443"; ma=86400 expires Sat, 03 Aug 2024 20:01:27 GMT
GET H3	200	main_fcd1_3.js Show response hypothesise-ghosts.click/lander/test_1676024554/js/	16 KB 4 KB	62ms 61ms	Script application/javascript	172.67.184.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hypothesise-ghosts.click/lander/test_1676024554/js/main_fcd1_3.js Requested by Host: hypothesise-ghosts.click URL: https://hypothesise-ghosts.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75f489a80b7a2f51b181969402b0a9dbf4ad2b93dd8aa95659ccc9fc14df2129 Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 20:01:27 GMT content-encoding gzip cf-cache-status MISS last-modified Fri, 10 Feb 2023 10:37:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63e61e6a-414c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3j1ThXGJjfjQ%2B8AvTZ8GlmkCDaKhdvuhA%2BQkL3DuKa0oxIO4pJm5tPFDUvk974GtY0RhrF2stdLRnrwlJiYoRn7uNauYlvWwdw82rZacyRcDaI8cy%2FCMCoy9gbTmCoEf7uIDh43IfoqvkI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=864000 cf-ray 8a8680908fda5d65-FRA alt-svc h3=":443"; ma=86400 expires Sat, 03 Aug 2024 20:01:27 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 2 KB	152ms 105ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid={ttpix}&lib=ttq Requested by Host: hypothesise-ghosts.click URL: https://hypothesise-ghosts.click/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 56eb3550c21ac1b861afbec021970ae7c9f821425c946b4a83d9ab5f138bc9bf Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-akamai-request-id 13629a90 date Wed, 24 Jul 2024 20:01:27 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24072420012797ABB9E4C14327F0AD31-1082A4177D181CD2-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=93 content-length 1556 pragma no-cache server nginx x-tt-logid 2024072420012797ABB9E4C14327F0AD31 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 93,2.20.179.79 x-tt-trace-host 01481e7357d79d0549bf363a9d94c0f2d124de436e20e31e606325ee0054a04066a437458e5bbf176e663a0efd887f42e2873ad269448b22517fd52d9b894cba7674c410f4430789279ce7461c2a4f4f2cfb540aa3de18dfd5a14d33ae1b59544a expires Wed, 24 Jul 2024 20:01:27 GMT
GET H2	200	main.MTNjMWMzYmIwMA.js Show response analytics.tiktok.com/i18n/pixel/static/	338 KB 98 KB	10ms 10ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMA.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid={ttpix}&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f2fa89943d9a52c65748b2d7e1ca06b40fe37e4fb6a459a5fef84b8a9b6261d3 Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-akamai-request-id 13629ce0 date Wed, 24 Jul 2024 20:01:27 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240723172111596F1E5BC0982EB0EBD7 x-tt-trace-id 00-240723172111596F1E5BC0982EB0EBD7-101BFA39D99BB65A-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 0196ad7821ad46ebe6874a7594074525b06efbfa2f408a2c31c064f6fb1b46019dd0503a26af4233e6c99712a206c3bc1e1cde20deeca4dccdfeb1116d338d9680a6679ca412d119cc1890a8a29f5eb5b947196e46b39fd621aa9d725f2b04d133 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15 content-length 99801
GET H2	200	xn7gYHE41ni1AdIRggexSg.woff2 fonts.gstatic.com/s/manrope/v15/	24 KB 24 KB	103ms 32ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Manrope:wght@300;400;600;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hypothesise-ghosts.click User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:56:39 GMT x-content-type-options nosniff age 115488 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24376 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:22:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 11:56:39 GMT
GET H2	200	identify_59f29ac9.js Show response analytics.tiktok.com/i18n/pixel/static/	147 KB 40 KB	13ms 12ms	Script application/javascript	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_59f29ac9.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2 Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-akamai-request-id 13629e62 date Wed, 24 Jul 2024 20:01:27 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240723172110A5783681237BE6325AEE x-tt-trace-id 00-240723172110A5783681237BE6325AEE-5DFBC67976BBB326-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 014cf0e2ae59ab73fa756858375d5467efcbb76d5aeb8ddfe11bb8e1c6dea3516b1e6858dd2ce74316c0a4abe2f8489f65111299de585e9495fd42abcaf1ae282f1d4ae7102a652b25c5163e5c68297a6519b152c8c2561c374809713157611ff6 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4 content-length 39956
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 699 B	178ms 116ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 13629eb3 date Wed, 24 Jul 2024 20:01:27 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240724200127583D1F9A3D162E3EF48F-7FD029B6D51A4423-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=23, cdn-cache; desc=MISS, edge; dur=34, origin; dur=115 content-length 0 pragma no-cache server nginx x-tt-logid 20240724200127583D1F9A3D162E3EF48F access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 116,2.20.179.79 x-tt-trace-host 01481e7357d79d0549bf363a9d94c0f2d124de436e20e31e606325ee0054a04066e0754d3bdf337a5080801400257b1704058a990fabe53d2c7b2c5673bad0e5865b705d4d6a1ff8c5b0b00faceb47d2ab510676a0c0f3a1c1ed9a7dc71bc0dbc9 access-control-allow-headers Authorization,* expires Wed, 24 Jul 2024 20:01:27 GMT
GET H3	200	favicon-16x16_1f66_5.png hypothesise-ghosts.click/lander/test_1676024554/img/	470 B 956 B	74ms 73ms	Other image/png	172.67.184.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hypothesise-ghosts.click/lander/test_1676024554/img/favicon-16x16_1f66_5.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.184.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03dbfbaa1507e124daa2afd973badb3ebd1c3bf9450f9233303ea0d22a481e38 Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 20:01:27 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 470 last-modified Fri, 10 Feb 2023 10:37:30 GMT server cloudflare etag "63e61e6a-1d6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90OpoCgpHGfHNhHvtyjTiApjSzLwflgxIMK%2FBLIjBpYkbup%2FKCaSpolHc5DnlpbXrnkw8cvg9NDTjTAH1NVFATBpEvlQrgdgr5RjJxvGh3aA3Xe%2BWfP8mdAVFEwbDJFxkrOa1eHQxdesa7k%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 8a8680938b605d65-FRA expires Sat, 03 Aug 2024 20:01:27 GMT
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 700 B	496ms 494ms	Ping text/plain	2.18.64.15 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-64-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hypothesise-ghosts.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 1362a223 date Wed, 24 Jul 2024 20:01:28 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2407242001278DA59BDDE123A54704C5-63BA2276BC7C168D-00 x-cache TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) server-timing inner; dur=386, cdn-cache; desc=MISS, edge; dur=5, origin; dur=476 content-length 0 pragma no-cache server nginx x-tt-logid 202407242001278DA59BDDE123A54704C5 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 476,2.20.179.79 x-tt-trace-host 01481e7357d79d0549bf363a9d94c0f2d124de436e20e31e606325ee0054a040661997528c91b41471210e729cf26dfb24761689adce3fa049f18b059d8c693577f9c18d9e1be41fb29dd75562ecd7890572449e6a790976ccd69211f2bdf7de36 access-control-allow-headers Authorization,* expires Wed, 24 Jul 2024 20:01:28 GMT

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| TiktokAnalyticsObject object| ttq function| Vue function| vue-slider-component string| FUNC_ERROR_TEXT string| symbolTag object| reTrim object| reIsBadHex object| reIsBinary object| reIsOctal function| freeParseInt object| freeSelf object| root object| objectProto function| objectToString function| nativeMax function| nativeMin function| now function| debounce function| isObject function| isObjectLike function| isSymbol function| toNumber function| $ function| jQuery function| AirDatepicker object| VueCountdown function| Inputmask function| default function| openStepsModal object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hypothesise-ghosts.click/	1970-01-20 23:02:09	Name: _subid Value: 2p2hloo42gmes
			hypothesise-ghosts.click/	1970-01-21 07:53:31	Name: f5771 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU3NjE5XCI6MTcyMTg1MTI4Nn0sXCJjYW1wYWlnbnNcIjp7XCI0NzUyOFwiOjE3MjE4NTEyODZ9LFwidGltZVwiOjE3MjE4NTEyODZ9In0.NDFR1aa_DQzKs-wBHIycgaJpP-9HvjtWihm4oz6Se7s
			hypothesise-ghosts.click/	1970-01-20 23:02:09	Name: _token Value: uuid_2p2hloo42gmes_2p2hloo42gmes66a15d96ddc928.76799080
			.tiktok.com/	1970-01-21 07:39:07	Name: _ttp Value: 2jhtlVTTu1oy76UylyItyCXCsDp

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
hypothesise-ghosts.click
172.67.184.48
2.18.64.15
2606:4700::6812:ba1f
2a00:1450:4001:809::2003
2a00:1450:4001:827::200a
03dbfbaa1507e124daa2afd973badb3ebd1c3bf9450f9233303ea0d22a481e38
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
17bb4a598ade67e3f2691b42c99a07fd227dfae878fbe201d7c6f6805b9b0d72
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3040e2e798f2ea5db394494a6df3efa766ae6e6f53f58b2819575b6c49d99099
36b10d3b4920592a4ec26c064c429e9a3dfb4689235fdfc91e1736b681c76786
466902a9d9f07ddcd6854dd7cb165a96028296f9fdcff71b3bf4ce33ebff6a46
4beee426e1efcac0954b557c795490748405ec1020cbe40891038e01ce9d6a7f
56eb3550c21ac1b861afbec021970ae7c9f821425c946b4a83d9ab5f138bc9bf
75f489a80b7a2f51b181969402b0a9dbf4ad2b93dd8aa95659ccc9fc14df2129
a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2
ced10a99167d683b395a748b656c0314d6e758b76f996e606b781bb18e87c4e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecef31c46ce02b9219d0b55179ddd5b38bebd76ad86309e6407121c1500ca872
f2fa89943d9a52c65748b2d7e1ca06b40fe37e4fb6a459a5fef84b8a9b6261d3