urlscan.io logo urlscan.io
SecurityTrails logo

ktar.com Open in urlscan Pro
104.198.205.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.secondstreetapp.com/m_c_t/38149948/103913935
Effective URL: https://ktar.com/shortal/dayandnight/
Submission: On January 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 41 HTTP transactions. The main IP is 104.198.205.129, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is ktar.com. The Cisco Umbrella rank of the primary domain is 199560.
TLS certificate: Issued by R3 on December 13th 2021. Valid for: 3 months.
This is the only time ktar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.197.229.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-229-45.compute-1.amazonaws.com
api.secondstreetapp.com
9    104.198.205.129 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 129.205.198.104.bc.googleusercontent.com
ktar.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
16    107.178.240.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.240.178.107.bc.googleusercontent.com
koi-3qnc0nox20.marketingautomation.services
app-3qnc0nox20.marketingautomation.services
7    2a00:1450:400f:803::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
16 marketingautomation.services
koi-3qnc0nox20.marketingautomation.services
app-3qnc0nox20.marketingautomation.services
241 KB
9 ktar.com
ktar.com — Cisco Umbrella Rank: 199560
783 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 13
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
185 KB
1 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 348
715 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 367
13 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5557
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
437 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 680
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 secondstreetapp.com
api.secondstreetapp.com — Cisco Umbrella Rank: 33918
394 B
41 13
Domain Requested by
15 app-3qnc0nox20.marketingautomation.services 1 redirects koi-3qnc0nox20.marketingautomation.services
app-3qnc0nox20.marketingautomation.services
9 ktar.com 2 redirects ktar.com
7 www.googletagmanager.com ktar.com
2 www.google.com ktar.com
app-3qnc0nox20.marketingautomation.services
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com ktar.com
1 www.gstatic.com www.google.com
1 www.google.de ktar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 koi-3qnc0nox20.marketingautomation.services ktar.com
1 maxcdn.bootstrapcdn.com ktar.com
1 fonts.googleapis.com ktar.com
1 api.secondstreetapp.com 1 redirects
41 15

This site contains links to these domains. Also see Links.

Domain
localmediathatworks.com
Subject Issuer Validity Valid
ktar.com
R3		 2021-12-13 -
2022-03-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.marketingautomation.services
Sectigo RSA Organization Validation Secure Server CA		 2020-03-12 -
2022-06-10		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ktar.com/shortal/dayandnight/
Frame ID: 0D7DC98C2959E4CC1EC90655A70B9C8F
Requests: 25 HTTP requests in this frame

Frame: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Frame ID: 9F6A4A90241F4B8AC9CF0D0C08B23CD0
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Day & Night Air Conditioning Heating and Plumbing | Oldest A/C Contest

Page URL History Show full URLs

  1. https://api.secondstreetapp.com/m_c_t/38149948/103913935 HTTP 302
    https://ktar.com/story/3949459/oldest-a-c-contest/ HTTP 301
    http://ktar.com/shortal/dayandnight/ HTTP 301
    https://ktar.com/shortal/dayandnight/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

41
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

15
Subdomains

13
IPs

4
Countries

1301 kB
Transfer

2100 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.secondstreetapp.com/m_c_t/38149948/103913935 HTTP 302
    https://ktar.com/story/3949459/oldest-a-c-contest/ HTTP 301
    http://ktar.com/shortal/dayandnight/ HTTP 301
    https://ktar.com/shortal/dayandnight/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://app-3qnc0nox20.marketingautomation.services/prospector/form/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn HTTP 302
  • https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ktar.com/shortal/dayandnight/
Redirect Chain
  • https://api.secondstreetapp.com/m_c_t/38149948/103913935
  • https://ktar.com/story/3949459/oldest-a-c-contest/
  • http://ktar.com/shortal/dayandnight/
  • https://ktar.com/shortal/dayandnight/
14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.205.129 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.205.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
f35758f23514a4990cca0d83889728f33be5c0b52220ac966750581a8618d9d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 26 Jan 2022 22:13:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-powered-by
WP Engine
x-cacheable
YES:3600.000
cache-control
max-age=3600, must-revalidate
x-cache
HIT: 14
x-cache-group
normal
content-encoding
br

Redirect headers

Server
nginx
Date
Wed, 26 Jan 2022 22:13:12 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Keep-Alive
timeout=20
Location
https://ktar.com/shortal/dayandnight/
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 20:29:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 26 Jan 2022 22:13:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jan 2022 22:13:12 GMT
basics.css
ktar.com/shortal/astarter/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ktar.com/shortal/astarter/basics.css
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.205.129 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.205.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5c839e0cf1b9b3fba46152131e32a9f7768b9fb87f15800b2f3d9335d466bf68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/shortal/dayandnight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:12 GMT
content-encoding
br
last-modified
Tue, 17 Dec 2019 18:39:48 GMT
server
nginx
etag
W/"5df920f4-ac7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ktar.com/
Origin
https://ktar.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-08 14:35:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
796e036d323a23b72dda6fdb5bf73cc8
cf-ray
6d3d16511bc89058-FRA
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
style.css
ktar.com/shortal/dayandnight/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ktar.com/shortal/dayandnight/style.css
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.205.129 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.205.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9776b523a63e226d6878fb287e79bb29e1da5bf748802ae9363680e2c03b567d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/shortal/dayandnight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:12 GMT
content-encoding
br
last-modified
Tue, 26 Jan 2021 22:52:03 GMT
server
nginx
etag
W/"60109d13-e2c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
logo.png
ktar.com/shortal/dayandnight/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ktar.com/shortal/dayandnight/images/logo.png
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.205.129 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.205.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b628fbec3f7512e21076ef0c038eaa5a88fa71b87507fab4632748c665ae898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/shortal/dayandnight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:12 GMT
last-modified
Mon, 25 Jan 2021 22:19:53 GMT
server
nginx
etag
"600f4409-3cb9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15545
oldac.png
ktar.com/shortal/dayandnight/images/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ktar.com/shortal/dayandnight/images/oldac.png
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.205.129 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.205.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0412fa9ee27d1f750142a1678240aa73dfc5abc6d7b3ea42991f583205511ffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/shortal/dayandnight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:12 GMT
last-modified
Mon, 25 Jan 2021 23:55:56 GMT
server
nginx
etag
"600f5a8c-2d980"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
186752
form.js
koi-3qnc0nox20.marketingautomation.services/client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://koi-3qnc0nox20.marketingautomation.services/client/form.js?ver=2.0.1
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
14b63cf8d762d7118924d182b7f6bd9a45ca408b13dfeaca8da0735f26a70e85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:12 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:18:52 GMT
server
openresty
etag
W/"61f03f0c-a49"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 25 Feb 2022 22:13:12 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-333933-17
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3582917b2269cb4ead7729ac7b04189947183d32e92136ca27da0c804a5236e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36011
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 21:12:39 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Jan 2022 22:13:12 GMT
bg.jpg
ktar.com/shortal/dayandnight/images/ 		435 KB
435 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ktar.com/shortal/dayandnight/images/bg.jpg
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.205.129 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.205.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e30248c2f4c9895b7202d6388c017b24a6c54d136b9e6c6d555455b6d9671e7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/shortal/dayandnight/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:12 GMT
last-modified
Mon, 25 Jan 2021 22:19:53 GMT
server
nginx
etag
"600f4409-6cab4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
445108
NASHVILL.woff
ktar.com/shortal/dayandnight/images/ 		140 KB
140 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ktar.com/shortal/dayandnight/images/NASHVILL.woff
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.205.129 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.205.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
34d501c186c312854a0e17e3bf2a787bd474deed89690c090916ebf4d9f67ccf

Request headers

Referer
https://ktar.com/shortal/dayandnight/style.css
Origin
https://ktar.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:12 GMT
last-modified
Mon, 25 Jan 2021 22:19:53 GMT
server
nginx
etag
"600f4409-23044"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
143428
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ktar.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 21 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
462070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 21 Jan 2023 13:52:02 GMT
SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA
app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/ Frame 9F6A
Redirect Chain
  • https://app-3qnc0nox20.marketingautomation.services/prospector/form/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
  • https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
47 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Requested by
Host: koi-3qnc0nox20.marketingautomation.services
URL: https://koi-3qnc0nox20.marketingautomation.services/client/form.js?ver=2.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
nginx/1.21.4 /
Resource Hash
0d7f163564773635cc9238a9bd4d2874c113b6ff9aa786fa66ae8bde24eb4adb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/

Response headers

server
nginx/1.21.4
date
Wed, 26 Jan 2022 22:13:12 GMT
content-type
text/html
content-length
48274
x-guploader-uploadid
ADPycduI3L65OZ9h9eF7jite_b8lXNmNCTYLz4AnYJLi4GuR584HqHWzm4PQumJb1wfmxBxlyBM9eP82rikuEI2jGhiZe23xGA
cache-control
no-cache
expires
Thu, 26 Jan 2023 22:13:12 GMT
last-modified
Wed, 29 Dec 2021 20:22:24 GMT
etag
"361dc259beb7df421dac58d2393318ea"
x-goog-generation
1640809344045189
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
48274
x-goog-hash
crc32c=LL+8qQ== md5=Nh3CWb6330IdrFjSOTMY6g==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
via
1.1 google
alt-svc
clear

Redirect headers

server
openresty
date
Wed, 26 Jan 2022 22:13:12 GMT
content-type
text/html; charset=UTF-8
pod-hostname
koi-68786bc858-4tmsh
location
https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
x-xss-protection
1; mode=block
x-clacks-overhead
GNU Terry Pratchett
via
1.1 google
alt-svc
clear
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-333933-17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2298
date
Wed, 26 Jan 2022 21:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 26 Jan 2022 23:34:54 GMT
a
www.googletagmanager.com/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-333933-17&cv=1&v=3&t=t&pid=2023581905&rv=1o0&es=1&e=gtm.init_consent&eid=1&tc=1&z=0
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 22:13:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-333933-17&cv=1&v=3&t=t&pid=2023581905&rv=1o0&es=1&e=gtm.init&eid=2&tc=1&z=0
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 22:13:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-333933-17&cv=1&v=3&t=t&pid=2023581905&rv=1o0&es=1&e=gtm.js&eid=3&tc=1&tr=1rep&epr=1UA&ti=1rep&z=0
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 22:13:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-333933-17&cv=1&v=3&t=t&pid=2023581905&rv=1o0&es=1&e=gtm.dom&eid=5&tc=1&z=0
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 22:13:12 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=912638393&t=pageview&_s=1&dl=https%3A%2F%2Fktar.com%2Fshortal%2Fdayandnight%2F&ul=en-us&de=UTF-8&dt=Day%20%26%20Night%20Air%20Conditioning%20Heating%20and%20Plumbing%20%7C%20Oldest%20A%2FC%20Contest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=639282535&gjid=1808959991&cid=1132735993.1643235193&tid=UA-333933-17&_gid=691533246.1643235193&_r=1&gtm=2ou1o0&z=1994355248
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ktar.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 22:13:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ktar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-333933-17&cid=1132735993.1643235193&jid=639282535&gjid=1808959991&_gid=691533246.1643235193&_u=YEBAAUAAAAAAAC~&z=586263518
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ktar.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 26 Jan 2022 22:13:12 GMT
content-type
text/plain
access-control-allow-origin
https://ktar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-333933-17&cid=1132735993.1643235193&jid=639282535&_u=YEBAAUAAAAAAAC~&z=2042084192
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 22:13:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-333933-17&cid=1132735993.1643235193&jid=639282535&_u=YEBAAUAAAAAAAC~&z=2042084192
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 22:13:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
formbasics.css
app-3qnc0nox20.marketingautomation.services/includes/css/ Frame 9F6A 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/css/formbasics.css
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
2c42851f49a6eb6a0eb3fba8f344f473909f15998d33c94323e13c9cf90cb7ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:17:41 GMT
server
openresty
etag
W/"61f03ec5-1c3d"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-f757cdc6f-v24zv
alt-svc
clear
jquery-ui.min.css
app-3qnc0nox20.marketingautomation.services/includes/css/jquery/ Frame 9F6A 		31 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/css/jquery/jquery-ui.min.css
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
a1756adc350c37ea26d71ee00ad027bbf35204bff9fb040ecfb5c1a64971cffc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:16:44 GMT
server
openresty
etag
W/"61f03e8c-7d0a"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-f757cdc6f-v24zv
alt-svc
clear
base.css
app-3qnc0nox20.marketingautomation.services/includes/css/jquery/datepicker/ Frame 9F6A 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/css/jquery/datepicker/base.css
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
1a47e85dd8ec320d900f14082243d3af1051e6cb4e7fb8ba8807c6b903530e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:16:44 GMT
server
openresty
etag
W/"61f03e8c-f70"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-f757cdc6f-w4vvc
alt-svc
clear
datetimepicker.css
app-3qnc0nox20.marketingautomation.services/includes/css/ Frame 9F6A 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/css/datetimepicker.css
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
7379f6d1c8b7eb53ba56a08e3e5f690f4a79ca5a9a940f0b74769cb04d464d98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:17:41 GMT
server
openresty
etag
W/"61f03ec5-237e"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
pod-hostname
app-f757cdc6f-v24zv
alt-svc
clear
jquery-1.7.2.min.js
app-3qnc0nox20.marketingautomation.services/includes/js/core/ Frame 9F6A 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
103631f0296614d362e698668390c9c69484dec4579a12380cd0d8a7f197fa70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:18:45 GMT
server
openresty
etag
W/"61f03f05-16fa7"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 25 Feb 2022 22:13:13 GMT
jquery.validate.min.js
app-3qnc0nox20.marketingautomation.services/includes/js/core/ Frame 9F6A 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/js/core/jquery.validate.min.js?ver=5.75-35
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
3218b4125f473cd8e081f2d6f892e7e7dca85df9d4486a1e0d783f1f66b2731a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:18:49 GMT
server
openresty
etag
W/"61f03f09-5e52"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 25 Feb 2022 22:13:13 GMT
additional-methods.min.js
app-3qnc0nox20.marketingautomation.services/includes/js/core/ Frame 9F6A 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/js/core/additional-methods.min.js?ver=5.75-35
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
1e6f4e1fb3197d60d5c7f8f7f738deeff94b513f07e0ad5ca7c4ea85479eb4a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:18:38 GMT
server
openresty
etag
W/"61f03efe-4230"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 25 Feb 2022 22:13:13 GMT
jquery.form.js
app-3qnc0nox20.marketingautomation.services/includes/js/core/ Frame 9F6A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/js/core/jquery.form.js?ver=5.75-35
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
2537571109b8e5379ecc8b4c6e60449bf440b6f38e7bc5396e0189eb0512e691

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:18:46 GMT
server
openresty
etag
W/"61f03f06-3248"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 25 Feb 2022 22:13:13 GMT
jquery-ui.min.js
app-3qnc0nox20.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/ Frame 9F6A 		248 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/jquery-ui.min.js?ver=5.75-35
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:16:44 GMT
server
openresty
etag
W/"61f03e8c-3dee5"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 25 Feb 2022 22:13:13 GMT
datetimepicker.js
app-3qnc0nox20.marketingautomation.services/includes/js/core/ Frame 9F6A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/js/core/datetimepicker.js?ver=5.75-35
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
f00d09a3fe4fe39964b804f3c07eea15672c2586a184e1efba084eef721fbad9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:18:44 GMT
server
openresty
etag
W/"61f03f04-94d3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 25 Feb 2022 22:13:13 GMT
jquery.placeholder.js
app-3qnc0nox20.marketingautomation.services/includes/js/core/ Frame 9F6A 		2 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/js/core/jquery.placeholder.js?ver=5.75-35
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
ccc2bd16fa09fd02a0a51c4801453ae3b0baffe5b05ae4b18a9c9b00924239c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:18:47 GMT
server
openresty
etag
W/"61f03f07-7e4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=2592000, public
alt-svc
clear
expires
Fri, 25 Feb 2022 22:13:13 GMT
api.js
www.google.com/recaptcha/ Frame 9F6A 		850 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
47d6a05d6ad84b1c213f47647d1fb89523cf96bf0611728d5fc453fb89c83e23
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Wed, 26 Jan 2022 22:13:13 GMT
freeemailproviderlist.json
app-3qnc0nox20.marketingautomation.services/includes/js/app/ Frame 9F6A 		75 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/includes/js/app/freeemailproviderlist.json
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/forms-proxy/MzawMDEzNjEwAgA/SzY3MDAwsjDXTTE0tdA1MTdI0k0yNDbSNU41TjW0NE5LTEozBgA?instance=ofudgn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
fa86c94c6881caec397b1a58f358561f9bd6ef1dba058efafe3fb8e9e8d5e326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 18:16:44 GMT
server
openresty
etag
W/"61f03e8c-12aa5"
vary
Accept-Encoding
content-type
application/json
via
1.1 google
pod-hostname
app-f757cdc6f-nf9mk
alt-svc
clear
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-333933-17&cv=1&v=3&t=t&pid=2023581905&rv=1o0&e=gtm.js&eid=3&tc=1&tr=5rep&epr=2UA&ti=1rep&z=0
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 22:13:13 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 9F6A 		354 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://app-3qnc0nox20.marketingautomation.services
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 21:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143013
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Jan 2023 21:05:55 GMT
c7000287-d158-470b-b132-3e3e193fabf3
app-3qnc0nox20.marketingautomation.services/prospector/getFormData/MzawMDEzNjEwAgA/ Frame 9F6A 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app-3qnc0nox20.marketingautomation.services/prospector/getFormData/MzawMDEzNjEwAgA/c7000287-d158-470b-b132-3e3e193fabf3?instance=ofudgn&rf__doc=https%3A%2F%2Fktar.com%2F
Requested by
Host: app-3qnc0nox20.marketingautomation.services
URL: https://app-3qnc0nox20.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.240.178.107.bc.googleusercontent.com
Software
openresty /
Resource Hash
363e7b28db7903478a8dcb331d88192ac8183344864dd81d316eb5c33bd9c0a9
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 22:13:13 GMT
content-encoding
gzip
x-clacks-overhead
GNU Terry Pratchett
server
openresty
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
via
1.1 google
pod-hostname
koi-68786bc858-lkgnw
alt-svc
clear
x-xss-protection
1; mode=block
nr-1214.min.js
js-agent.newrelic.com/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1214.min.js
Requested by
Host: ktar.com
URL: https://ktar.com/shortal/dayandnight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0488245474d8936c20a8c05f06e2640e0242f5d44aa9dbbd025d859ca1713641

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
9SGCo4Tu7CQ6f76Rop9iQ50y_vaEgb87
content-encoding
gzip
etag
"8f16e3e6b3dfe5feb6c019492aedcc2d"
x-amz-request-id
XQ6WA8JKZCCDB3XA
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
13145
x-amz-id-2
Qy9PxgZz+JbOhvThVW5WDrf33R5NRu3uHnGPcM83+MeySJ16DK0IdYwpoUlItH+HLhlnJSqW4l8=
x-served-by
cache-hhn4067-HHN
last-modified
Tue, 04 Jan 2022 23:13:18 GMT
server
AmazonS3
x-timer
S1643235194.655333,VS0,VE0
date
Wed, 26 Jan 2022 22:13:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
17662
1502e4f90c
bam-cell.nr-data.net/1/ 		49 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/1502e4f90c?a=58634209&v=1214.62a3223&to=ZAYDZ0cFXxFVUxZZDF1MNEFcS0IKW0IWUQ8cBwBKVApVDF1XCkRMWg0FVk1KQQpE&rst=2721&ck=1&ref=https://ktar.com/shortal/dayandnight/&be=1533&fe=2693&dc=1728&perf=%7B%22timing%22:%7B%22of%22:1643235190944,%22n%22:0,%22f%22:1233,%22dn%22:1233,%22dne%22:1233,%22c%22:1233,%22ce%22:1233,%22rq%22:1233,%22rp%22:1355,%22rpe%22:1355,%22dl%22:1357,%22di%22:1727,%22ds%22:1728,%22de%22:1728,%22dc%22:2692,%22l%22:2692,%22le%22:2693%7D,%22navigation%22:%7B%7D%7D&fp=1709&fcp=1709&at=SEEAEQ8fTB8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1214.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 26 Jan 2022 22:13:14 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6d3d16588e9c90a2-FRA
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-333933-17&cv=1&v=3&t=t&pid=2023581905&rv=1o0&es=1&e=gtm.load&eid=6&tc=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ktar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jan 2022 22:13:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| NREUM object| newrelic function| __nr_require object| ss_form function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.ktar.com/ Name: _ga
Value: GA1.2.1132735993.1643235193
.ktar.com/ Name: _gid
Value: GA1.2.691533246.1643235193
.ktar.com/ Name: _gat_gtag_UA_333933_17
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: ff6443c2bf526fa0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.secondstreetapp.com
app-3qnc0nox20.marketingautomation.services
bam-cell.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
koi-3qnc0nox20.marketingautomation.services
ktar.com
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.198.205.129
107.178.240.224
151.101.194.137
162.247.243.147
2606:4700::6812:acf
2a00:1450:4001:802::2003
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:400c:c07::9c
2a00:1450:400f:803::2008
54.197.229.45
0412fa9ee27d1f750142a1678240aa73dfc5abc6d7b3ea42991f583205511ffe
0488245474d8936c20a8c05f06e2640e0242f5d44aa9dbbd025d859ca1713641
0d7f163564773635cc9238a9bd4d2874c113b6ff9aa786fa66ae8bde24eb4adb
103631f0296614d362e698668390c9c69484dec4579a12380cd0d8a7f197fa70
14b63cf8d762d7118924d182b7f6bd9a45ca408b13dfeaca8da0735f26a70e85
1a47e85dd8ec320d900f14082243d3af1051e6cb4e7fb8ba8807c6b903530e8a
1e6f4e1fb3197d60d5c7f8f7f738deeff94b513f07e0ad5ca7c4ea85479eb4a0
2537571109b8e5379ecc8b4c6e60449bf440b6f38e7bc5396e0189eb0512e691
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2c42851f49a6eb6a0eb3fba8f344f473909f15998d33c94323e13c9cf90cb7ae
3218b4125f473cd8e081f2d6f892e7e7dca85df9d4486a1e0d783f1f66b2731a
34d501c186c312854a0e17e3bf2a787bd474deed89690c090916ebf4d9f67ccf
3582917b2269cb4ead7729ac7b04189947183d32e92136ca27da0c804a5236e7
363e7b28db7903478a8dcb331d88192ac8183344864dd81d316eb5c33bd9c0a9
47d6a05d6ad84b1c213f47647d1fb89523cf96bf0611728d5fc453fb89c83e23
544b63f0d07b2a51e01e2ecc3986eb5d07838bb121c4f472f1178b7b94faf463
5c839e0cf1b9b3fba46152131e32a9f7768b9fb87f15800b2f3d9335d466bf68
62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6
6b628fbec3f7512e21076ef0c038eaa5a88fa71b87507fab4632748c665ae898
7379f6d1c8b7eb53ba56a08e3e5f690f4a79ca5a9a940f0b74769cb04d464d98
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9776b523a63e226d6878fb287e79bb29e1da5bf748802ae9363680e2c03b567d
a1756adc350c37ea26d71ee00ad027bbf35204bff9fb040ecfb5c1a64971cffc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ccc2bd16fa09fd02a0a51c4801453ae3b0baffe5b05ae4b18a9c9b00924239c0
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e30248c2f4c9895b7202d6388c017b24a6c54d136b9e6c6d555455b6d9671e7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00d09a3fe4fe39964b804f3c07eea15672c2586a184e1efba084eef721fbad9
f35758f23514a4990cca0d83889728f33be5c0b52220ac966750581a8618d9d2
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa86c94c6881caec397b1a58f358561f9bd6ef1dba058efafe3fb8e9e8d5e326