ua-tracer by Paul Kinlan

ua-tracer

what does a user agent actually fetch, follow & run?

← all traces

Trace M9ZtuwLZ

First seen: 2026-07-03 04:36:35.499 UTC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_0) AppleWebKit/536.3 (KHTML, like Gecko) Chrome/19.0.1063.0 Safari/536.3
Bot verification: Not a known bot (no IP-range check applies).

What this user agent did

Directly-referenced assets:

✗ fetched CSS ✗ fetched JS ✗ fetched image ✗ fetched font (HTML)

Document-level link hints:

✗ fetched favicon ✗ fetched apple-touch-icon ✗ fetched web manifest ✗ fetched preload ✗ fetched prefetch

Second-level follows (proves it parsed the linking file):

✗ followed CSS background-image ✗ followed CSS @font-face ✗ followed manifest icon ✗ followed CSS @import

Frames (does it descend into iframes?):

✗ fetched iframe document ✗ descended into iframe (loaded inner image)

Reporting (a report-only CSP is violated by inline styles; reports can arrive via HTTP headers with no JS, or via in-page beacons):

✗ sent a CSP/Reporting report (any path) ✗ delivered via report-uri/Report-To header (no JS) ✗ delivered via in-page beacon (securitypolicyviolation / ReportingObserver)

Social embed (Open Graph / Twitter card images):

✓ fetched og:image ✗ fetched twitter:image

JavaScript execution:

✗ EXECUTED classic JS ✗ EXECUTED ES module ✗ posted client timing

Server-side request waterfall

Every request the server received for this trace, in receive order. +ms is the delta from the homepage request.

ReceivedΔKindMethodUser-Agent
2026-07-03 04:36:35.499 UTC +0 ms homepage GET Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_0) AppleWebKit/536.3 (KHTML, like Gecko) Chrome/19.0.1063.0 Safari/536.3
request headers (7)
{
  "accept": "*/*",
  "accept-encoding": "gzip;q=1.0,deflate;q=0.6,identity;q=0.3",
  "host": "uatracer.com",
  "traceparent": "00-397cb35bd7bbeae129c426f15fc16a8e-40918c162804201f-01",
  "tracestate": "",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_0) AppleWebKit/536.3 (KHTML, like Gecko) Chrome/19.0.1063.0 Safari/536.3",
  "via": "HTTP/1.1 ord.vultr.prod.deno-cluster.net"
}
2026-07-03 04:36:36.857 UTC +1358 ms Open Graph image GET Ruby
request headers (8)
{
  "accept": "*/*",
  "accept-encoding": "identity",
  "connection": "close",
  "host": "uatracer.com",
  "traceparent": "00-1c73275030c21abb93920ab26957add1-bfde57fbb21cf624-01",
  "tracestate": "",
  "user-agent": "Ruby",
  "via": "HTTP/1.1 ord.vultr.prod.deno-cluster.net"
}
2026-07-03 04:36:37.333 UTC +1834 ms Open Graph image GET Ruby
request headers (8)
{
  "accept": "*/*",
  "accept-encoding": "identity",
  "connection": "close",
  "host": "uatracer.com",
  "traceparent": "00-744289e5cc660d3ff5f0111699a6c378-3ab21a2747001730-01",
  "tracestate": "",
  "user-agent": "Ruby",
  "via": "HTTP/1.1 ord.vultr.prod.deno-cluster.net"
}