urlscan.io logo urlscan.io
SecurityTrails logo

k8s-production.rdops.systems Open in urlscan Pro
35.223.116.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://k8s-production.rdops.systems/
Effective URL: https://k8s-production.rdops.systems/
Submission Tags: falconsandbox
Submission: On September 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 34 HTTP transactions. The main IP is 35.223.116.65, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is k8s-production.rdops.systems. The Cisco Umbrella rank of the primary domain is 270942.
TLS certificate: Issued by Kubernetes Ingress Controller Fake Ce... on September 24th 2024. Valid for: a year.
This is the only time k8s-production.rdops.systems was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 35.223.116.65 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
3 18.239.47.197 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
4 13.32.99.92 16509 (AMAZON-02)
3 2620:1ec:33::10 8075 (MICROSOFT...)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2620:1ec:bdf::60 8075 (MICROSOFT...)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 4.227.249.197 8075 (MICROSOFT...)
1 34.68.90.188 396982 (GOOGLE-CL...)
34 16
3    35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com
k8s-production.rdops.systems
pageview-notify.rdstation.com.br
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    18.239.47.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-47-197.ams58.r.cloudfront.net
d3ndvx6e67vt0s.cloudfront.net
4    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:480:15::213:7e4a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    13.32.99.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-92.fra60.r.cloudfront.net
d335luupugsy2.cloudfront.net
3    2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    4.227.249.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
u.clarity.ms
1    34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com
popups.rdstation.com.br
Apex Domain
Subdomains		 Transfer
7 cloudfront.net
d3ndvx6e67vt0s.cloudfront.net
d335luupugsy2.cloudfront.net
101 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 715
u.clarity.ms — Cisco Umbrella Rank: 6919
28 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 358
px4.ads.linkedin.com — Cisco Umbrella Rank: 6989
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
393 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 378
16 KB
2 rdstation.com.br
pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 106001
popups.rdstation.com.br — Cisco Umbrella Rank: 90910
808 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
72 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
21 KB
2 rdops.systems
k8s-production.rdops.systems — Cisco Umbrella Rank: 270942
5 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 906
14 KB
1 gstatic.com
fonts.gstatic.com
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
34 13
Domain Requested by
4 d335luupugsy2.cloudfront.net www.googletagmanager.com
d335luupugsy2.cloudfront.net
4 www.googletagmanager.com k8s-production.rdops.systems
www.googletagmanager.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 bat.bing.com k8s-production.rdops.systems
bat.bing.com
3 d3ndvx6e67vt0s.cloudfront.net k8s-production.rdops.systems
2 u.clarity.ms www.clarity.ms
2 www.facebook.com k8s-production.rdops.systems
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 connect.facebook.net k8s-production.rdops.systems
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 k8s-production.rdops.systems
1 popups.rdstation.com.br d335luupugsy2.cloudfront.net
1 pageview-notify.rdstation.com.br d335luupugsy2.cloudfront.net
1 px4.ads.linkedin.com k8s-production.rdops.systems
1 snap.licdn.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com k8s-production.rdops.systems
34 17

This site contains links to these domains. Also see Links.

Domain
status.rdstation.com.br
ajuda.rdstation.com
Subject Issuer Validity Valid
Kubernetes Ingress Controller Fake Certificate
Kubernetes Ingress Controller Fake Certificate		 2024-09-24 -
2025-09-24		 a year crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-03 -
2024-10-01		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-09-11 -
2025-03-11		 6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.rdstation.com.br
Sectigo RSA Domain Validation Secure Server CA		 2024-05-23 -
2025-06-23		 a year crt.sh
popups.rdstation.com.br
E5		 2024-07-21 -
2024-10-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://k8s-production.rdops.systems/
Frame ID: BC4D5A784DDC834DB779D904B6BF9FE8
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RD Station Marketing | 404 Página Não Encontrada

Page URL History Show full URLs

  1. http://k8s-production.rdops.systems/ HTTP 307
    https://k8s-production.rdops.systems/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

Page Statistics

34
Requests

91 %
HTTPS

63 %
IPv6

13
Domains

17
Subdomains

16
IPs

2
Countries

670 kB
Transfer

1987 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://k8s-production.rdops.systems/ HTTP 307
    https://k8s-production.rdops.systems/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=19323&time=1727203348352&url=https%3A%2F%2Fk8s-production.rdops.systems%2F&tm=gtmv2 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=19323&time=1727203348352&url=https%3A%2F%2Fk8s-production.rdops.systems%2F&tm=gtmv2&e_ipv6=AQL1dgQdnIzGEQAAAZIlV5AZ-AFDoEmJGI_9vrg1_nG5Q8nS8DkqOl_cFNzebNEt8NcAF7h3fqZd8ArcL6y1FJb-ZhzIYQ

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
k8s-production.rdops.systems/
Redirect Chain
  • http://k8s-production.rdops.systems/
  • https://k8s-production.rdops.systems/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://k8s-production.rdops.systems/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.116.223.35.bc.googleusercontent.com
Software
/
Resource Hash
816944ced2a06a1fbf01b1f10479122e786f0c6fdc5263cc6cd9dea06f5e4eba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type
text/html
date
Tue, 24 Sep 2024 18:42:28 GMT

Redirect headers

Location
https://k8s-production.rdops.systems/
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans&display=swap
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4491f05e8c016a3b0ad7d11117de58e4930fba3f859d4df76decc1498eeaec8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 18:42:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 24 Sep 2024 18:09:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
error_pages.css
d3ndvx6e67vt0s.cloudfront.net/assets/error_page2/stylesheets/ 		2 KB
963 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3ndvx6e67vt0s.cloudfront.net/assets/error_page2/stylesheets/error_pages.css
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.47.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-47-197.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d5fba5065e588124f7cbddebf8fd4602aff6414be06b15cb344e96bc3c7eb66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
gzip
etag
W/"057b2a414f8d5c8e58fb2f4e09d88fa2"
age
15958
via
1.1 40fb5e8791e3cb1337e56d76d11ee8fa.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
kyZEN9pSzaHIQyvsl0pDazdsZ2-C22v5fn_c62Jrl92x0rMT4HTZfg==
date
Tue, 24 Sep 2024 14:16:30 GMT
content-type
text/css
last-modified
Thu, 29 Sep 2022 12:24:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P3
vary
Accept-Encoding
rdstation-logo-mkt.svg
d3ndvx6e67vt0s.cloudfront.net/assets/error_page2/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ndvx6e67vt0s.cloudfront.net/assets/error_page2/images/rdstation-logo-mkt.svg
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.47.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-47-197.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
359c8a2afc77bb97c4bcf9a615317cb10741cf1707aa22c847292581e43665a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
gzip
etag
W/"85655f2aadf294a542f08a50e2a61d95"
age
26012
via
1.1 40fb5e8791e3cb1337e56d76d11ee8fa.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
kLO-24ixdMilrQApDQmd06Jl9FatP9b5ni18QsnDjt8Y5074lMHSgg==
date
Tue, 24 Sep 2024 11:28:57 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Sep 2022 12:23:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P3
vary
Accept-Encoding
img-404.svg
d3ndvx6e67vt0s.cloudfront.net/assets/error_page2/images/ 		90 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ndvx6e67vt0s.cloudfront.net/assets/error_page2/images/img-404.svg
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.47.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-47-197.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ea0b515dc012e0b791f5f75a86787f945efb4d165ce6b3eec4ba82af61aec0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

x-amz-cf-pop
AMS58-P3
content-encoding
gzip
etag
W/"59ea3dec6cf235992583671484bb8db5"
via
1.1 40fb5e8791e3cb1337e56d76d11ee8fa.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
hb4VEIZsa1R6tKm_LFQKAAHs5ajmZOAlkAPEBOsyZEAWCI_80T5NIQ==
date
Tue, 24 Sep 2024 18:42:29 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
AmazonS3
last-modified
Thu, 29 Sep 2022 12:23:58 GMT
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		323 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NVX78QP
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80e59d9a69daa6a472c0162db168c3d916dae6516ca5d802033c4e1680a6289b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
br
expires
Tue, 24 Sep 2024 18:42:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
112421
x-xss-protection
0
server
Google Tag Manager
pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1Ul.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1Ul.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38a3a7b587a96ccb845942e710e2f7063a11406ecd054e98772160e2e49a77ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://k8s-production.rdops.systems
Referer
https://fonts.googleapis.com/

Response headers

age
37820
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 08:12:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 08:12:08 GMT
last-modified
Thu, 27 Apr 2023 00:20:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13860
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		276 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-751955820&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVX78QP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86a7867326aed7bd56a030f10cca21c4554f19ddf1872ab57fb3a3d96b41cff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
br
expires
Tue, 24 Sep 2024 18:42:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
96257
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVX78QP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
content-encoding
gzip
age
4340
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 19:30:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
date
Tue, 24 Sep 2024 17:30:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
server
Golfe2
vary
Accept-Encoding
destination
www.googletagmanager.com/gtag/ 		276 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-751955820&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVX78QP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
373f7e5fd954199b6a433c262667b76100948d5fa77c97cf6eefe14926c17e14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
br
expires
Tue, 24 Sep 2024 18:42:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
96186
x-xss-protection
0
server
Google Tag Manager
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVX78QP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

cache-control
max-age=78370
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Tue, 24 Sep 2024 18:42:28 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
destination
www.googletagmanager.com/gtag/ 		276 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-791253033&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVX78QP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b27cd9993228a8bbaa633f6db280243b373103b2b4f5abfad4b9d6bd22aa174d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
br
expires
Tue, 24 Sep 2024 18:42:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
96669
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=23, mss=1232, tbw=4519, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
CZqPlUXxFcCPLMtYXCxqiu03Uh3yghdLIaKHHToAVcvB4fxuex9/q83cyJrmzM/f340iNelhp3mNYpUyI1TbOg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
origin-agent-cluster
?0
0216b4ce-a5b0-47ae-84c1-2638c3c7e40e-loader.js
d335luupugsy2.cloudfront.net/js/loader-scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/loader-scripts/0216b4ce-a5b0-47ae-84c1-2638c3c7e40e-loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVX78QP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bc08d5cff534865370692ef7c825992a3c28ca88ec7c122fc6bdb2199e8faa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

cache-control
no-cache
content-encoding
gzip
x-amz-version-id
IdCXoFAfujXDd1ADTaRtBo_RIlOivfQ8
etag
W/"c3b9f4e6ea2fc25b1e77d0d20e04da5b"
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
pymlCaavi1CurWVlpG1m8erATHqK1Y-sMI__wiN22HrHktl3duTJ9g==
date
Tue, 24 Sep 2024 18:42:30 GMT
content-type
application/javascript
last-modified
Mon, 26 Sep 2022 12:52:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
vary
Accept-Encoding
bat.js
bat.bing.com/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"803483b3aaadb1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F8BFCE02D1EF43AE8E491090311B8C58 Ref B: FRAEDGE1220 Ref C: 2024-09-24T18:42:28Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14402
date
Tue, 24 Sep 2024 18:42:27 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 15:43:41 GMT
vary
Accept-Encoding
/
px.ads.linkedin.com/wa/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://k8s-production.rdops.systems/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D2A8569FA6694722BF2BB2D72FAA121B Ref B: FRAEDGE1308 Ref C: 2024-09-24T18:42:28Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYi4d4KybjnKcLX/Ku/fA==
x-li-proto
http/2
access-control-allow-origin
https://k8s-production.rdops.systems
x-cache
CONFIG_NOCACHE
date
Tue, 24 Sep 2024 18:42:27 GMT
vary
Origin
attribution_trigger
px.ads.linkedin.com/ 		2 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=19323&time=1727203348352&url=https%3A%2F%2Fk8s-production.rdops.systems%2F&tm=gtmv2
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Referer
https://k8s-production.rdops.systems/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
000622e1de0a50aac9c9df72465baabf
x-msedge-ref
Ref A: 8E20BD72C24F46C4ABBB8E8D58A6EE71 Ref B: FRAEDGE1317 Ref C: 2024-09-24T18:42:28Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYi4d4KUKrJyd9yRluqvw==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 24 Sep 2024 18:42:27 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=19323&time=1727203348352&url=https%3A%2F%2Fk8s-production.rdops.systems%2F&tm=gtmv2
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=19323&time=1727203348352&url=https%3A%2F%2Fk8s-production.rdops.systems%2F&tm=gtmv2&e_ipv6=AQL1dgQdnIzGEQAAAZIlV5AZ-AFDoEmJGI_9vrg1_nG5Q8nS8DkqOl...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=19323&time=1727203348352&url=https%3A%2F%2Fk8s-production.rdops.systems%2F&tm=gtmv2&e_ipv6=AQL1dgQdnIzGEQAAAZIlV5AZ-AFDoEmJGI_9vrg1_nG5Q8nS8DkqOl_cFNzebNEt8NcAF7h3fqZd8ArcL6y1FJb-ZhzIYQ
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A974A04B4D1F4E36B73FAD6CD2310066 Ref B: AMS04EDGE3007 Ref C: 2024-09-24T18:42:28Z
x-li-fabric
prod-lor1
x-li-uuid
AAYi4d4OafCTI6a8EcwrEg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=19323&time=1727203348352&url=https%3A%2F%2Fk8s-production.rdops.systems%2F&tm=gtmv2&e_ipv6=AQL1dgQdnIzGEQAAAZIlV5AZ-AFDoEmJGI_9vrg1_nG5Q8nS8DkqOl_cFNzebNEt8NcAF7h3fqZd8ArcL6y1FJb-ZhzIYQ
x-msedge-ref
Ref A: 5DA47AB54A424328BC536DF23FA8F2DC Ref B: FRAEDGE1308 Ref C: 2024-09-24T18:42:28Z
x-li-fabric
prod-lor1
x-li-uuid
AAYi4d4KyiDh1cU6pcM6eA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 24 Sep 2024 18:42:27 GMT
collect
www.google-analytics.com/j/ 		3 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=881026459&t=pageview&_s=1&dl=https%3A%2F%2Fk8s-production.rdops.systems%2F&ul=de-de&de=UTF-8&dt=RD%20Station%20Marketing%20%7C%20404%20P%C3%A1gina%20N%C3%A3o%20Encontrada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=491441447&gjid=1476203260&cid=1231982521.1727203348&tid=UA-17276574-1&_gid=812385655.1727203348&_r=1&_slc=1&gtm=45He49j0n81NVX78QPv810115785za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671034&npa=1&z=1505744124
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://k8s-production.rdops.systems/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://k8s-production.rdops.systems
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
date
Tue, 24 Sep 2024 18:42:28 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
server
Golfe2
603627196779020
connect.facebook.net/signals/config/ 		72 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/603627196779020?v=2.9.167&r=stable&domain=k8s-production.rdops.systems&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d09d11dc75db1a62b3dbf1023471ee16be7ca64f674237c52d80e1532723d94
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=68, mss=1232, tbw=67191, tp=63, tpl=0, uplat=153, ullat=0
pragma
public
x-fb-debug
YNtZf+d7UvVYyiFnzkyAe2PG2VcrUWCgP47uUpY6H/NEyQ83BpT6oNRfYPFPXHwuUvXOk4q3DQ/tPmrLzhCWmA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
17540222.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17540222.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dc9dcbc5dd070c47f14afc4bb2f7279493d6a7b7f091e3210fff86e7ad2facc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 104CC867E2D44EC385DA91902E7475F5 Ref B: FRAEDGE1220 Ref C: 2024-09-24T18:42:28Z
x-cache
CONFIG_NOCACHE
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
17540222
www.clarity.ms/tag/uet/ 		691 B
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/17540222?insights=1
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/17540222.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba9336c5889d986a7e95860ef3f5646dae953c450ebae7b6fd85f6646bea0725

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
691
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
application/x-javascript
x-azure-ref
20240924T184228Z-176d4fdd79chrddt35yyuwybzg000000071g000000005tr3
0
bat.bing.com/action/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17540222&Ver=2&mid=ae45b537-4e7f-44a0-9c61-418f95c02384&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=RD%20Station%20Marketing%20%7C%20404%20P%C3%A1gina%20N%C3%A3o%20Encontrada&p=https%3A%2F%2Fk8s-production.rdops.systems%2F&r=&lt=471&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=429740
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 33A12B30EE0C4A3C908089F9AD3D779B Ref B: FRAEDGE1220 Ref C: 2024-09-24T18:42:28Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 24 Sep 2024 18:42:28 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=603627196779020&ev=PageView&dl=https%3A%2F%2Fk8s-production.rdops.systems%2F&rl=&if=false&ts=1727203348554&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727203348552.619829389518386179&cs_est=true&ler=empty&cdl=API_unavailable&it=1727203348370&coo=false&exp=f0&rqm=GET
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2794, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=603627196779020&ev=PageView&dl=https%3A%2F%2Fk8s-production.rdops.systems%2F&rl=&if=false&ts=1727203348554&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727203348552.619829389518386179&cs_est=true&ler=empty&cdl=API_unavailable&it=1727203348370&coo=false&exp=f0&rqm=FGET
Requested by
Host: k8s-production.rdops.systems
URL: https://k8s-production.rdops.systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7418281893497092053"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
MIIeGiY9oWTEYbNduwZ3KCytTWriaaWp57lY0MpI2k3tOrK0Tn81UERRIZdAgZz6w+1x01taA4kE17G9mklBLg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7418281893497092053", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3111, tp=-1, tpl=-1, uplat=148, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
clarity.js
www.clarity.ms/s/0.7.47/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.47/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/17540222?insights=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

x-azure-ref
20240924T184228Z-176d4fdd79chrddt35yyuwybzg000000071g000000005ts0
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCDBE0D6532B77"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
17c5c230-c01e-0066-0ef5-0d61fb000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 24 Sep 2024 18:42:28 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 23 Sep 2024 15:03:09 GMT
collect
u.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://k8s-production.rdops.systems/

Response headers

Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin
https://k8s-production.rdops.systems
Date
Tue, 24 Sep 2024 18:42:28 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
lead-tracking.min.js
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/0216b4ce-a5b0-47ae-84c1-2638c3c7e40e-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a051734178d663aa73623379c6755f7bf495b91fb589cf90e363bd54c714789

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
gzip
x-amz-version-id
KA6MjE46yC6vUpmxXZps4we9o_WdFxfa
etag
"ad91b9e2f84a6c09ff103389c7199da0"
age
60984
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1166
x-amz-cf-id
0-AqE8i8cnAffQhTra1bYdFbkM0mfQK_nLvZloTj9MGsRVhCWz7qVQ==
date
Tue, 24 Sep 2024 01:46:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 08 Jul 2024 14:05:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
traffic-source-cookie.min.js
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/0216b4ce-a5b0-47ae-84c1-2638c3c7e40e-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"dae3ed517b23abad11d0bd6b79f24080"
x-amz-version-id
QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
age
61186
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
EbSztBQJaAOi3w5T_rdLGEnEHBEmxYBUd8uG4bG8344Vr1SoVf-rcg==
date
Tue, 24 Sep 2024 01:42:43 GMT
content-type
application/javascript
last-modified
Mon, 09 Jan 2023 17:04:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
send
pageview-notify.rdstation.com.br/ 		83 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pageview-notify.rdstation.com.br/send
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.116.223.35.bc.googleusercontent.com
Software
/
Resource Hash
d17e242dca6e074013937b085fdfd052703a433695a73d07a45397366bccd4ec
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://k8s-production.rdops.systems/

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
1728000
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://k8s-production.rdops.systems
content-length
83
date
Tue, 24 Sep 2024 18:42:29 GMT
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
access-control-allow-headers
*, Content-Type, Accept, AUTHORIZATION, Cache-Control
favicon.ico
k8s-production.rdops.systems/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://k8s-production.rdops.systems/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.116.223.35.bc.googleusercontent.com
Software
/
Resource Hash
816944ced2a06a1fbf01b1f10479122e786f0c6fdc5263cc6cd9dea06f5e4eba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

date
Tue, 24 Sep 2024 18:42:29 GMT
content-type
text/html
rdstation-popup.min.js
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 		204 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/0216b4ce-a5b0-47ae-84c1-2638c3c7e40e-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8210540cd95d13c7862bbe2a5d0343b5a308caadc48490564775ca994811c6f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

content-encoding
gzip
x-amz-version-id
eagz.5ZnL_xhueoT6dqmt3Hj82m2502Y
etag
"a8af6cb30baef97569c7b7d9843e15b8"
age
61009
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
57438
x-amz-cf-id
iqcPupi9ADKRE5QDPGLQjRPkNNXRmIEtIAQ3VF_bKtCAsa5rTljoBA==
date
Tue, 24 Sep 2024 18:16:11 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 22 Aug 2024 13:25:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
show.json
popups.rdstation.com.br/popup/ 		13 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://popups.rdstation.com.br/popup/show.json?account_id=60080&uniq=_kte5jgv7x&ref=aHR0cHM6Ly9rOHMtcHJvZHVjdGlvbi5yZG9wcy5zeXN0ZW1zLw%3D%3D
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.90.68.34.bc.googleusercontent.com
Software
/
Resource Hash
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://k8s-production.rdops.systems/

Response headers

strict-transport-security
max-age=7776000
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
content-length
13
date
Tue, 24 Sep 2024 18:42:30 GMT
content-type
application/json
x-frame-options
sameorigin
collect
u.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://k8s-production.rdops.systems/

Response headers

Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin
https://k8s-production.rdops.systems
Date
Tue, 24 Sep 2024 18:42:30 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| fbq function| _fbq object| uetq function| lintrk object| ORIBILI object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| ueto_e56862cbde function| clarity object| clarityuetq object| RDStation object| RDCookieControl boolean| RDStationTrackingCodeChecker object| LeadTracking object| TrafficSourceCookie object| RdstationPopup object| credentials

8 Cookies

Domain/Path Name / Value
.rdops.systems/ Name: _gcl_au
Value: 1.1.208519782.1727203348
.rdops.systems/ Name: _ga
Value: GA1.2.1231982521.1727203348
.rdops.systems/ Name: _gid
Value: GA1.2.812385655.1727203348
.rdops.systems/ Name: _gat_UA-17276574-1
Value: 1
.rdops.systems/ Name: _fbp
Value: fb.1.1727203348552.619829389518386179
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2978:u=1:x=1:i=1727203348:t=1727289748:v=2:sig=AQHlKYTtR18wKnC64xyRtkh-hmjR7Ts2"
.linkedin.com/ Name: bcookie
Value: "v=2&11cb479f-de4e-41eb-8010-04a6a668da45"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjcyMDMzNDg7MjswMjFfNpwqNZCyQgyC5Maaf5xjmOC8Z2JEQqgRJCYzItzFFQ==

3 Console Messages

Source Level URL
Text
network error URL: https://k8s-production.rdops.systems/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://k8s-production.rdops.systems/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pageview-notify.rdstation.com.br/send
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
connect.facebook.net
d335luupugsy2.cloudfront.net
d3ndvx6e67vt0s.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
k8s-production.rdops.systems
pageview-notify.rdstation.com.br
popups.rdstation.com.br
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
u.clarity.ms
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.107.42.14
13.32.99.92
18.239.47.197
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:bdf::60
2a00:1450:4001:80b::200a
2a00:1450:4001:812::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a02:26f0:480:15::213:7e4a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.68.90.188
35.223.116.65
4.227.249.197
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d5fba5065e588124f7cbddebf8fd4602aff6414be06b15cb344e96bc3c7eb66
2a051734178d663aa73623379c6755f7bf495b91fb589cf90e363bd54c714789
2dc9dcbc5dd070c47f14afc4bb2f7279493d6a7b7f091e3210fff86e7ad2facc
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa
359c8a2afc77bb97c4bcf9a615317cb10741cf1707aa22c847292581e43665a0
373f7e5fd954199b6a433c262667b76100948d5fa77c97cf6eefe14926c17e14
38a3a7b587a96ccb845942e710e2f7063a11406ecd054e98772160e2e49a77ce
3d09d11dc75db1a62b3dbf1023471ee16be7ca64f674237c52d80e1532723d94
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4491f05e8c016a3b0ad7d11117de58e4930fba3f859d4df76decc1498eeaec8b
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
7ea0b515dc012e0b791f5f75a86787f945efb4d165ce6b3eec4ba82af61aec0b
80e59d9a69daa6a472c0162db168c3d916dae6516ca5d802033c4e1680a6289b
816944ced2a06a1fbf01b1f10479122e786f0c6fdc5263cc6cd9dea06f5e4eba
8210540cd95d13c7862bbe2a5d0343b5a308caadc48490564775ca994811c6f3
86a7867326aed7bd56a030f10cca21c4554f19ddf1872ab57fb3a3d96b41cff2
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8bc08d5cff534865370692ef7c825992a3c28ca88ec7c122fc6bdb2199e8faa5
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b27cd9993228a8bbaa633f6db280243b373103b2b4f5abfad4b9d6bd22aa174d
ba9336c5889d986a7e95860ef3f5646dae953c450ebae7b6fd85f6646bea0725
d17e242dca6e074013937b085fdfd052703a433695a73d07a45397366bccd4ec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5