www.crews-control.registrations.events Open in urlscan Pro
110.232.143.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.crews-control.registrations.events/
Submission: On July 01 via automatic, source certstream-suspicious (July 1st 2022, 1:36:54 pm UTC) — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 48 HTTP transactions. The main IP is 110.232.143.90, located in Brisbane, Australia and belongs to SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU. The main domain is www.crews-control.registrations.events.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 1st 2022. Valid for: 3 months.

This is the only time www.crews-control.registrations.events was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	110.232.143.90 110.232.143.90	45638 (SYNERGYWH...) (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD)
8	2606:4700:e4:... 2606:4700:e4::ac40:a704	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.65.39.65 18.65.39.65	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400e:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:27::... 2620:1ec:27::cafe:2277	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:a200:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	20.120.65.166 20.120.65.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.211.132.125 34.211.132.125	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	108.138.17.67 108.138.17.67	16509 (AMAZON-02) (AMAZON-02)
3	13.225.78.95 13.225.78.95	16509 (AMAZON-02) (AMAZON-02)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
48	20

5 110.232.143.90 (Brisbane, Australia)

ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU)
PTR: s05ae.syd6.hostingplatform.net.au

www.crews-control.registrations.events	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:e4::ac40:a704 (United States)

ASN13335 (CLOUDFLARENET, US)

api.miniextensions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.miniextensions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.39.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-65.ams1.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2277 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:a200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.132.125 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-132-125.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.67 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-67.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-95.fra2.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	miniextensions.com api.miniextensions.com app.miniextensions.com — Cisco Umbrella Rank: 631057	1 MB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 615 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 521	3 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 l.clarity.ms — Cisco Umbrella Rank: 5137 c.clarity.ms — Cisco Umbrella Rank: 1113	27 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 1748 q.stripe.com — Cisco Umbrella Rank: 12728 m.stripe.com — Cisco Umbrella Rank: 1533	79 KB
5	registrations.events www.crews-control.registrations.events	146 KB
3	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2853	144 KB
3	gstatic.com fonts.gstatic.com	55 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	131 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1852	16 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 182	554 B
1	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 2859	248 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1325	5 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 429	2 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741	25 KB
48	16

	Domain	Requested by
7	app.miniextensions.com	api.miniextensions.com app.miniextensions.com
5	www.crews-control.registrations.events	www.crews-control.registrations.events
3	js.intercomcdn.com	widget.intercom.io
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	app.miniextensions.com connect.facebook.net
3	fonts.googleapis.com	app.miniextensions.com
3	js.stripe.com	app.miniextensions.com js.stripe.com
2	firebaseremoteconfig.googleapis.com	app.miniextensions.com
2	firebaseinstallations.googleapis.com	app.miniextensions.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	app.miniextensions.com
2	l.clarity.ms	app.miniextensions.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	www.crews-control.registrations.events
2	www.clarity.ms	app.miniextensions.com www.clarity.ms
1	c.bing.com	1 redirects
1	widget.intercom.io	1 redirects
1	m.stripe.com	m.stripe.network
1	www.google-analytics.com	app.miniextensions.com
1	static.cloudflareinsights.com	app.miniextensions.com
1	cdn.jsdelivr.net	app.miniextensions.com
1	maxcdn.bootstrapcdn.com	app.miniextensions.com
1	api.miniextensions.com	www.crews-control.registrations.events
48	23

This site contains no links.

Subject Issuer	Validity	Valid
crews-control.registrations.events cPanel, Inc. Certification Authority	`2022-07-01` - `2022-09-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-24` - `2023-05-24`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-09` - `2022-07-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.crews-control.registrations.events/
Frame ID: F3B06BB013945E5945B124B3DBA5461A
Requests: 6 HTTP requests in this frame

Frame: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1
Frame ID: 2B33185E4D1E7FA3CAD51E1F238308E0
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: BF276373165E628F531637D2B03180E0
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8602BE2EEE5C75D3A06D25C4B3D0E5B9
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.b28c7fad.js
Frame ID: 0A1A082524B44C85032FD8CD77639BEB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

48
Requests

96 %
HTTPS

64 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

2028 kB
Transfer

7735 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://widget.intercom.io/widget/ge1hk6b6 HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 35

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=2F53D94FCEC44F6DA5C5C8949D5C412D&RedC=c.clarity.ms&MXFR=1D30E0112E57651B314BF1C52A576BFA HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=2F53D94FCEC44F6DA5C5C8949D5C412D&MUID=27321244F557613B21DC0390F43C60E6

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.crews-control.registrations.events/ 2 KB
1 KB 1362ms
309ms Document
text/html 110.232.143.90
SYNERGYWHOLESALE-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crews-control.registrations.events/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 110.232.143.90 Brisbane, Australia, ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU),
Reverse DNS: s05ae.syd6.hostingplatform.net.au
Software: LiteSpeed /
Resource Hash: ad62b9bc28a66c0f6320aeee3877309e9c23fa248adca3d5ff3d43d9bc335aff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 948
content-type: text/html
date: Fri, 01 Jul 2022 13:36:48 GMT
last-modified: Fri, 01 Jul 2022 13:32:53 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 all.css
www.crews-control.registrations.events/ 166 KB
22 KB 314ms
313ms Stylesheet
text/css 110.232.143.90
SYNERGYWHOLESALE-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crews-control.registrations.events/all.css?7020
Requested by: Host: www.crews-control.registrations.events
URL: https://www.crews-control.registrations.events/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 110.232.143.90 Brisbane, Australia, ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU),
Reverse DNS: s05ae.syd6.hostingplatform.net.au
Software: LiteSpeed /
Resource Hash: f290b337295b0962870ff9bbdc6438d87789325b3f70b05148180c7f846175ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crews-control.registrations.events/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:48 GMT
content-encoding: br
last-modified: Fri, 01 Jul 2022 13:32:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22806
expires: Fri, 08 Jul 2022 13:36:48 GMT

GET
H2 200 Crews-Control-Logo.png
www.crews-control.registrations.events/img/ 50 KB
50 KB 623ms
622ms Image
image/png 110.232.143.90
SYNERGYWHOLESALE-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crews-control.registrations.events/img/Crews-Control-Logo.png
Requested by: Host: www.crews-control.registrations.events
URL: https://www.crews-control.registrations.events/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 110.232.143.90 Brisbane, Australia, ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU),
Reverse DNS: s05ae.syd6.hostingplatform.net.au
Software: LiteSpeed /
Resource Hash: 7365bd3face25fac70f03aace24fc1aca86ba0d845c5a99b187002b0360f0521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crews-control.registrations.events/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:48 GMT
last-modified: Fri, 01 Jul 2022 13:32:56 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 51263
expires: Fri, 08 Jul 2022 13:36:48 GMT

GET
H2 200 dfxTTMw3YKJD1DyyUEf4.js Show response
api.miniextensions.com/v1/iframe-embed/ 8 KB
3 KB 406ms
314ms Script
text/html 2606:4700:e4::ac40:a704
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.miniextensions.com/v1/iframe-embed/dfxTTMw3YKJD1DyyUEf4.js?absoluteShareUrl=https%3A%2F%2Fapp.miniextensions.com%2Fuser-portal-grid%2FdfxTTMw3YKJD1DyyUEf4&height=860

Requested by

Host: www.crews-control.registrations.events
URL: https://www.crews-control.registrations.events/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a704 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9df75a6cce015ea1f8f31a1c01f7ee62082cbf567bf17754dd5677580fd5d22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crews-control.registrations.events/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:48 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-cache: MISS
x-orig-accept-language: de-DE,de;q=0.9
content-disposition: attachment; filename="dfxTTMw3YKJD1DyyUEf4.js"
strict-transport-security: max-age=31556926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-hhn4026-HHN
server: cloudflare
x-timer: S1656682608.487166,VS0,VE247
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,cookie,need-authorization, x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtEyULr65YX4X0JA%2Br7p%2BYc9XqOnZRN7LADbwaBmnP8qwuZVy4zExU%2FkvSczMEty7QxEhthrmzuxsiDR7dPaQ3YiuL1X0NMH4hQQNP893f82Ka3eTSJss29AXTnM28mb1rA1sEkQ9RTDYFTgd1LgurGjxHLz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 73a8a6c222acf0731de1fe9d6495802c
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
function-execution-id: isk7eg9iibta
cf-ray: 723f885eea396910-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-country-code: DE
x-cache-hits: 0

GET
H2 200 all.js Show response
www.crews-control.registrations.events/js/ 104 KB
30 KB 914ms
914ms Script
application/javascript 110.232.143.90
SYNERGYWHOLESALE-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.crews-control.registrations.events/js/all.js?9122
Requested by: Host: www.crews-control.registrations.events
URL: https://www.crews-control.registrations.events/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 110.232.143.90 Brisbane, Australia, ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU),
Reverse DNS: s05ae.syd6.hostingplatform.net.au
Software: LiteSpeed /
Resource Hash: 8c84312081dd1159a40382bb16c1450e96087a059f4860d60755960799c64353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crews-control.registrations.events/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:48 GMT
content-encoding: br
last-modified: Fri, 01 Jul 2022 13:32:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30287
expires: Fri, 08 Jul 2022 13:36:48 GMT

GET
H2 200 dfxTTMw3YKJD1DyyUEf4 Show response
app.miniextensions.com/user-portal-grid/ Frame 2B33 3 KB
2 KB 257ms
247ms Document
text/html 2606:4700:e4::ac40:a704
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1

Requested by

Host: api.miniextensions.com
URL: https://api.miniextensions.com/v1/iframe-embed/dfxTTMw3YKJD1DyyUEf4.js?absoluteShareUrl=https%3A%2F%2Fapp.miniextensions.com%2Fuser-portal-grid%2FdfxTTMw3YKJD1DyyUEf4&height=860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a704 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13bf830bdc68d70fdd14462ad3b8cbb9d1a6033d9d7f8a8b472b25817ce55ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.crews-control.registrations.events/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-apo-via: origin,host
cf-cache-status: MISS
cf-ray: 723f88623f3a6910-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Jul 2022 13:36:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XeF2Q%2BhcqiqTTI49bLVME4VpQXXsutnsCFZudEkE6sJFWZ3xQCOUljjr1jGgdpTG9GN5Mb4liK%2FxYDac4kVTRTKZQPS81UALpr0DXs8nMrsT%2BI7fdtBCx9oYgUmYN5qaZzNlb9HnhzfO4g35cEzLvxCKZ3r"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding, accept,amp-cache-transform
x-nf-request-id: 01G6WZMYDNE508Q434BDSYD9FZ

GET
H3 200 pageload-spinner.gif
www.crews-control.registrations.events/img/ 42 KB
42 KB 309ms
309ms Image
image/gif 110.232.143.90
SYNERGYWHOLESALE-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.crews-control.registrations.events/img/pageload-spinner.gif
Requested by: Host: www.crews-control.registrations.events
URL: https://www.crews-control.registrations.events/all.css?7020
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 110.232.143.90 Brisbane, Australia, ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU),
Reverse DNS: s05ae.syd6.hostingplatform.net.au
Software: LiteSpeed /
Resource Hash: e027796009c6479b66cf028b2175395dce517e069ffc379792ea830ee1e3f9d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.crews-control.registrations.events/all.css?7020
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:49 GMT
last-modified: Fri, 01 Jul 2022 13:32:55 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 43018
expires: Fri, 08 Jul 2022 13:36:49 GMT

GET
H2 200 iuAXmQsMFJTjqS_tY82J2-FNcwM.js Show response
app.miniextensions.com/cdn-cgi/apps/head/ Frame 2B33 7 KB
3 KB 350ms
49ms Script
application/javascript 2606:4700:e4::ac40:a704
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.miniextensions.com/cdn-cgi/apps/head/iuAXmQsMFJTjqS_tY82J2-FNcwM.js
Requested by: Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a704 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e9f2890970d2a8539c1f8eeffa06f6823025dcbe5031844b3b4ad32e7faa8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329091
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 38VMX371GG6HKWYK
x-amz-id-2: ZCewYGcJzeRSWdO92PnAl8ctTvCRUVMDjeXAFtTKunM+Z2Kolzb7IVzCYnhTEZAsnsApyMFsazc=
last-modified: Mon, 14 Feb 2022 12:00:49 GMT
server: cloudflare
etag: W/"bbcd21bb51b77c936134e7ad2a353ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2B%2BtSmhvMRBzYGRl9%2FTwMrh7PZqHCp89Eut37oQ77MVM%2F9ReePFBnPOgVqhtXNDUlhR8yEzezyliwjyuO61vSK96MZtlgmTDaokhoGX1X%2FX%2B2G%2Bvg7%2BuWnIO74zqpkB1TFcQDMyCZGDBvES5l6Jc%2BLhoarbQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: NMB69IjH2ml2fhX5hWYIDLlfqn_nPt.N
cf-ray: 723f8865bc8e6910-FRA

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 2B33 315 KB
75 KB 257ms
45ms Script
text/javascript 18.65.39.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-65.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

289ac96339e8c74805f1cb72959ce65000c005b9c1594b0e77aab57eb485abbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 13:36:03 GMT
via: 1.1 de7a608ee8aa91b02488536faf8169a0.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 22:11:47 GMT
server: Cloudfront
etag: W/"560ac9b3c6ccd02b33d8964a7bd13769"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-P1
timing-allow-origin: *
x-amz-cf-id: PYncq_Dd9Fi-GcKNW3W35tA40bUlceqFR43XN4VsyIUjOkZNOK4i-A==

GET
H2 200 css
fonts.googleapis.com/ Frame 2B33 8 KB
807 B 134ms
48ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 12:17:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Jul 2022 13:36:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Jul 2022 13:36:49 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ Frame 2B33 152 KB
25 KB 132ms
52ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.miniextensions.com/
Origin: https://app.miniextensions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 25181397
cdn-cachedat: 08/11/2021 05:41:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a671ab041b1e749054912e52c3929fc5
cf-ray: 723f886459115b68-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 rrweb.min.css
cdn.jsdelivr.net/npm/rrweb@latest/dist/ Frame 2B33 2 KB
2 KB 125ms
45ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/rrweb@latest/dist/rrweb.min.css

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5d1ccfa0caa14db8875d14d826a8f54f38de1e2383526ac92152b2ebdfd725c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25293
x-jsd-version: 1.1.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"720-vjqo4AbJncD7ChgKi6/Jjs+zz9U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbH1FAguosAETzyGM5LLrCbFneFxKKEFJLaRYRIA7FR%2FqTnNA0ZtH7KIWqX2Z505gwz0fIn4aymgyd0WuVRfO1%2FuCKZb1UtVmmIiGCP9hYsH2Qh9p%2FevP6Mu0EqkGzgvklHe4mS7wkWoGkVtcGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 723f88645a399b25-FRA

GET
H2 200 icon
fonts.googleapis.com/ Frame 2B33 569 B
868 B 133ms
48ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5a4c217a4fdc86c00b2226d6f98c1c286a444e1d75d88c4676c0953b75120a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 13:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Jul 2022 13:36:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Jul 2022 13:36:49 GMT

GET
H2 200 main.css
app.miniextensions.com/ Frame 2B33 1 MB
209 KB 360ms
59ms Stylesheet
text/css 2606:4700:e4::ac40:a704
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.miniextensions.com/main.css

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a704 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe45d57e9930d87d21b7f6714087ecb4b4969f5653605561bfdf0c783f37900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id: 01G6WZMMWDJ5MNA1JW2AAMS33K
date: Fri, 01 Jul 2022 13:36:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1408023
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"d334f81285c512ad4cae5098f93da39c-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C87OlrI3L0%2BR7F6U%2FI63cFAYM%2FZoNGAE%2FygyL7u6uYTAnl5cQtiy0VsNPM54%2BJED8JMe6Ln0gAiI83jUcNYXEY08Z2PTxcF7kTh9PtA%2BIxuXIEnEOyqO2KDjJ8I9GukE7o35f7aeoWHiyxdGMx%2BqyzVMVWJa"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 723f8865bc8f6910-FRA

GET
H2 200 main.js Show response
app.miniextensions.com/ Frame 2B33 3 MB
917 KB 398ms
97ms Script
application/javascript 2606:4700:e4::ac40:a704
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.miniextensions.com/main.js

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a704 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11cb2411d4de02b3a4afb57bb8f1fbb10ae7716cbc0dba4acf5e9d360188e396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id: 01G6WZJQEXA1620BCTPDMQ5A0Q
date: Fri, 01 Jul 2022 13:36:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3f88b683ab22baeb4519dfef166df04d-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAmJqb7MRq2v45wKBU4c3NoVsopY0q0Dx%2FYXe522a6b5uqUs9hXGa%2Bs8hN7ymPPU3lcbBTtlqPViu4GQp2332NFkfv6WmisqqooO9MdXj0LRmKNOhrFBuExqBlAaWb4xWWMe7E%2F0vGBGNKYaVrttExMh%2FDJ%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
strict-transport-security: max-age=31536000
cf-ray: 723f8865bc916910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 2B33 14 KB
5 KB 155ms
68ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://app.miniextensions.com/
Origin: https://app.miniextensions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:49 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 723f8866bc2f6993-FRA

GET
H2 200 4mfsl6ifqh Show response
www.clarity.ms/tag/ Frame 2B33 3 KB
3 KB 346ms
174ms Script
application/x-javascript 2620:1ec:27::cafe:2277
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/4mfsl6ifqh
Requested by: Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2277 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: fda2887396e49c71f2b72c41e48c883543fde7825e9a111cae66094263539ba5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:49 GMT
x-powered-by: ASP.NET
x-azure-ref: 0cfi+YgAAAADqI00OgzdjTaufHTbI9RSwUkJBMzBFREdFMDgxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
content-length: 2678
expires: -1

GET
H3 200 css
fonts.googleapis.com/ Frame 2B33 3 KB
459 B 134ms
46ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 12:11:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Jul 2022 13:36:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Jul 2022 13:36:49 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2B33 98 KB
26 KB 120ms
38ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: fbHZ0uGCR7Otu0ucDD7A9kATXiAZoAY//Hj609gcgmY1tYdpz1+pXHOL2VuqJd58rrXkxlTrvKDMwJZK//ei3Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 01 Jul 2022 13:36:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2B33 49 KB
20 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1921
date: Fri, 01 Jul 2022 13:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 01 Jul 2022 15:04:49 GMT

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame BF27 240 B
979 B 39ms
39ms Document
text/html 18.65.39.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-65.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.miniextensions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1772
cache-control: max-age=31536000
content-length: 240
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 13:07:26 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Fri, 10 Jun 2022 18:43:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 de7a608ee8aa91b02488536faf8169a0.cloudfront.net (CloudFront)
x-amz-cf-id: pyAAR_xGLiYdY5XVoxAh-1U4_DEYht8uJT3FJ1yRbh6r8pUyWNhFsw==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-e/s/0.6.34/ Frame 2B33 53 KB
23 KB 172ms
172ms Script
application/javascript 2620:1ec:27::cafe:2277
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-e/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/4mfsl6ifqh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2277 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:49 GMT
content-encoding: br
etag: "1d88bc3d8d26054"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0cvi+YgAAAAA/mjBDdMYCRJ1bYXAoq6q5UkJBMzBFREdFMDgxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 12.chunk.js Show response
app.miniextensions.com/ Frame 2B33 846 KB
242 KB 374ms
74ms Script
application/javascript 2606:4700:e4::ac40:a704
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.miniextensions.com/12.chunk.js

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a704 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0c32dfc064cc31be5c81ae3b244d6bb1fc6753e422bc67f990a0f16c5c9f95e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id: 01G6WY9E52G8EJ6EBM9WCAFQGD
date: Fri, 01 Jul 2022 13:36:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"efa5adb4ae2f4e4827039d43688b951d-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gc5LSRj1dJRksKzizWS0nNOaL1zNZoXWCRI8XUYGnc0JPJBA5i74AqnD%2B6eC0tiBlmputGnhXkidq%2FUXoZVao8AaOZTfR%2FnGSZGhmwgWXMF%2FbVvt6oT14h0Ifa5HMvQPyTLMyT8JNEkdyyaywuPRLRh3hnSv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
strict-transport-security: max-age=31536000
cf-ray: 723f886b6dc06910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 csp-report
q.stripe.com/ Frame BF27 0
570 B 629ms
209ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.crews-control.registrations.events
URL: https://www.crews-control.registrations.events/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Jul 2022 13:36:50 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BF27 1 KB
1 KB 39ms
39ms Script
application/javascript 18.65.39.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-65.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 24
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 13:36:42 GMT
via: 1.1 de7a608ee8aa91b02488536faf8169a0.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:57 GMT
server: Cloudfront
etag: W/"77711798ecf99b8bb8207cf88a10d73c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: AMS1-P1
timing-allow-origin: *
x-amz-cf-id: Csq2MduGzsBjGzUVnQm6oPcR3aDgXbV1oOF_iFgMY8NKXh3x6ssiQA==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ Frame 2B33 64 KB
20 KB 78ms
38ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.64

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

53564b513bb9ea2e70b6218aaff24c15852c942d10fa698c983e4be59dce27ac

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20716
x-xss-protection: 0
pragma: public
x-fb-debug: JaHJftTgcEEwCsQYfWJ1eW5jPAancbWjtjkaH4dHu7wObj5VTJOFeX/7i31zQap5oqbXk5mY+GTTAW4H1KlgaQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 01 Jul 2022 13:36:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 845860509266643 Show response
connect.facebook.net/signals/config/ Frame 2B33 293 KB
84 KB 436ms
398ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/845860509266643?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c683590bd152e4973c7a24405852f3802c435bcec05b0fc85ca7b7daa72494d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: QfwN5jMQvNNBcanE35DiKCZT9pEnGNpUPFoktcxiEEVlJsqT+JmJ+MSA06TUro/gZWnv/Hk+ptE5kMPElGQGcA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 01 Jul 2022 13:36:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656682610640
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 8602 930 B
2 KB 187ms
39ms Document
text/html 2600:9000:2156:a200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 99
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 13:35:12 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-amz-cf-id: PuGjRu-lnTLO77OW9E_FhNC8IBa_-RKD-cDKeobC3HhFBs-NbAdduw==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 204 collect Show response
l.clarity.ms/ Frame 2B33 0
179 B 376ms
124ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: app.miniextensions.com
URL: https://app.miniextensions.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://app.miniextensions.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://app.miniextensions.com
date: Fri, 01 Jul 2022 13:36:50 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 200 csp-report
q.stripe.com/ Frame 8602 0
345 B 386ms
207ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.crews-control.registrations.events
URL: https://www.crews-control.registrations.events/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 13:36:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 8602 86 KB
14 KB 45ms
45ms Script
text/javascript 2600:9000:2156:a200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 16
date: Fri, 01 Jul 2022 13:36:50 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BVpa6BvzwrNYioZEi1sIxT5TWgDAXaqs6zuAZ4Dmu-5dTMgrSoU2Og==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

POST
H2 200 6 Show response
m.stripe.com/ Frame 8602 156 B
523 B 648ms
215ms XHR
application/json 34.211.132.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.132.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-132-125.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

acc2283859b9fd79ee1d2fb639cc2ff13c9c20ca8e9106e9d626b600f1bd5d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 13:36:51 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2B33 15 KB
16 KB 121ms
38ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.miniextensions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 325735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 19:07:55 GMT

POST
H2 200 api Show response
app.miniextensions.com/.netlify/functions/ Frame 2B33 933 B
899 B 1508ms
1206ms Fetch
text/plain 2606:4700:e4::ac40:a704
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.miniextensions.com/.netlify/functions/api?job=fetchLookupFields
Requested by: Host: app.miniextensions.com
URL: https://app.miniextensions.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a704 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a47ef987adc76c072ad58cbad729efd77f6333d890bd772736b1f07211094ff9

Request headers

Referer: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-nf-request-id: 01G6WZN0AKFG4S994PHRY0WZW7
date: Fri, 01 Jul 2022 13:36:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ6RyJfa%2BDxjZTvN632fl%2BENg31DKyiOxxbReH4KzBA35%2BvnOw8oK4D9p9SHBOepz6CQ7F2eNgUAbYla6BqfxzZt%2Bvvz7tyVm0FPaopPhXq5xpywyexrgQmB3bOPmIooLQhMvgTIJS0Zfv927OWkcliPfWWd"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 723f886ecaeb6910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ Frame 2B33 44 B
297 B 124ms
37ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=845860509266643&ev=PageView&dl=https%3A%2F%2Fapp.miniextensions.com%2Fuser-portal-grid%2FdfxTTMw3YKJD1DyyUEf4%3FiframeMessageId%3DPsvG8JZfUJ%26iframeIsFixedHeight%3D1&rl=https%3A%2F%2Fwww.crews-control.registrations.events%2F&if=true&ts=1656682610713&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222913699992084872%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22794965774362545%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&it=1656682610221&coo=false&rqm=GET

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 01 Jul 2022 13:36:50 GMT

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/ Frame 2B33
Redirect Chain

https://widget.intercom.io/widget/ge1hk6b6
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

135ms
39ms

Script
application/javascript

13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ff884b275306bdb6c40b433687e92878ebf7a4add8076a4125de49b54416cc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:33:57 GMT
content-encoding: gzip
age: 175
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6156
last-modified: Thu, 30 Jun 2022 16:23:43 GMT
server: AmazonS3
etag: "510c77b158e4d073395c11ae6ff8f1c7"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: pDyuQG61lH92GkTV1Xv-hctfhyaaFv-nbMvi7Hky05QbcuVGkVosLQ==

Redirect headers

date: Fri, 01 Jul 2022 13:12:36 GMT
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
server: AmazonS3
age: 1454
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA56-P7
content-length: 0
x-amz-cf-id: dF7oYLWxp6GakuUXIiAEFfzc8wu3vbGgSfJ94XjoPVxDB4cHHz7Csg==

GET
H2

200

c.gif
c.clarity.ms/ Frame 2B33
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=2F53D94FCEC44F6DA5C5C8949D5C412D&RedC=c.clarity.ms&MXFR=1D30E0112E57651B314BF1C52A576BFA
https://c.clarity.ms/c.gif?CtsSyncId=2F53D94FCEC44F6DA5C5C8949D5C412D&MUID=27321244F557613B21DC0390F43C60E6

42 B
390 B

55ms
54ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=2F53D94FCEC44F6DA5C5C8949D5C412D&MUID=27321244F557613B21DC0390F43C60E6
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 13:36:50 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 01 Jul 2022 13:36:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FB9778FBEF7C4831BC4554A40C9512B7 Ref B: FRAEDGE1407 Ref C: 2022-07-01T13:36:51Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=2F53D94FCEC44F6DA5C5C8949D5C412D&MUID=27321244F557613B21DC0390F43C60E6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 rum Show response
app.miniextensions.com/cdn-cgi/ Frame 2B33 0
261 B 342ms
41ms XHR
text/plain 2606:4700:e4::ac40:a704
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.miniextensions.com/cdn-cgi/rum?

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e4::ac40:a704 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.miniextensions.com/user-portal-grid/dfxTTMw3YKJD1DyyUEf4?iframeMessageId=PsvG8JZfUJ&iframeIsFixedHeight=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Jul 2022 13:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://app.miniextensions.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 723f886fcc526910-FRA
vary: Origin

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/app-store-81d55/ Frame 2B33 579 B
476 B 350ms
271ms Fetch
application/json 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/app-store-81d55/installations

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f59b0d7d8bfb4937d51d066bcca1e1462050ffac16f826bfc6ca18bde403b6c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://app.miniextensions.com/
x-goog-api-key: AIzaSyBOrcIEflJE9j0ZB2zVZVcmmt9AOjSQfhI
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Jul 2022 13:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.miniextensions.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 453
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/app-store-81d55/ Frame 0
0 144ms
48ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/app-store-81d55/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://app.miniextensions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.miniextensions.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 01 Jul 2022 13:36:50 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 frame-modern.b28c7fad.js Show response
js.intercomcdn.com/ Frame 0A1A 318 KB
85 KB 44ms
43ms Script
application/javascript 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.b28c7fad.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ge1hk6b6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bfb750587288e54be130e53bcce50205a4091a532af61c7b2ef228780081c2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 12:23:57 GMT
content-encoding: gzip
age: 4375
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 86282
last-modified: Thu, 30 Jun 2022 16:22:30 GMT
server: AmazonS3
etag: "2732a0727688a8501d78a83dc5f81f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: roZDXrmLTF5VXK_bMGmycFlshG3T8y5-W3eMHPY8Xe98u-8TAhhblA==

GET
H2 200 vendor-modern.35975c92.js Show response
js.intercomcdn.com/ Frame 0A1A 170 KB
53 KB 97ms
97ms Script
application/javascript 13.225.78.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.35975c92.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ge1hk6b6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-95.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 657d50e8837f78d769c335548d37dd8dca01d01141a03035b826e2611878f698

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:23:34 GMT
content-encoding: gzip
age: 798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 53338
last-modified: Thu, 30 Jun 2022 15:22:22 GMT
server: AmazonS3
etag: "acd4557fe386ef1178c6e62d70b1cde5"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: yP_CzR4TLaTc3LLAxsEgqdeFYwOouyjqi7eAmFS4TUGexkrAsIQ1pg==

POST
H3 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/app-store-81d55/namespaces/ Frame 2B33 1 KB
468 B 129ms
53ms Fetch
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/app-store-81d55/namespaces/fireperf:fetch?key=AIzaSyBOrcIEflJE9j0ZB2zVZVcmmt9AOjSQfhI

Requested by

Host: app.miniextensions.com
URL: https://app.miniextensions.com/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1356b9d4e233d4e1a8ecebd20822e0b4a7d37d329d3e6d7af0e8d4386cf00fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://app.miniextensions.com/
accept-language: de-DE,de;q=0.9
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6NzAyNDQzNDc5MjczOndlYjpjY2MwNjk4ODA4MDdjNDQ2YmIxMDc4IiwiZXhwIjoxNjU3Mjg3NDExLCJmaWQiOiJlbEEwZFIwUU5RYzFKMm1Vb1Q5aW5YIiwicHJvamVjdE51bWJlciI6NzAyNDQzNDc5MjczfQ.AB2LPV8wRgIhAOw6LxnLDNlczxkQ2z3UR85QuC2FdYVPDRzOEsaJXMySAiEApHfZdQYmBIxFUOxmSFRBJet1i9LmlY3fTPr9jMbRhRk
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 13:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
etag: etag-app-store-81d55-fireperf-fetch-25542244
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.miniextensions.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 444
x-xss-protection: 0

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/app-store-81d55/namespaces/ Frame 0
0 150ms
45ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/app-store-81d55/namespaces/fireperf:fetch?key=AIzaSyBOrcIEflJE9j0ZB2zVZVcmmt9AOjSQfhI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://app.miniextensions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.miniextensions.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 01 Jul 2022 13:36:51 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 204 collect Show response
l.clarity.ms/ Frame 2B33 0
48 B 125ms
125ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: app.miniextensions.com
URL: https://app.miniextensions.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://app.miniextensions.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://app.miniextensions.com
date: Fri, 01 Jul 2022 13:36:51 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2B33 15 KB
16 KB 116ms
38ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.miniextensions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 276670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 08:45:42 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 2B33 23 KB
23 KB 116ms
42ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.miniextensions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 246578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:07:14 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 2B33 44 B
91 B 78ms
38ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=845860509266643&ev=Microdata&dl=https%3A%2F%2Fapp.miniextensions.com%2Fuser-portal-grid%2FdfxTTMw3YKJD1DyyUEf4%3FiframeMessageId%3DPsvG8JZfUJ%26iframeIsFixedHeight%3D1&rl=https%3A%2F%2Fwww.crews-control.registrations.events%2F&if=true&ts=1656682612217&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22miniExtensions%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&it=1656682610221&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.miniextensions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 13:36:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 01 Jul 2022 13:36:52 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-20 12:56:58	Name: CLID Value: cc286299243b47c883091caae4691e75.20220701.20230701
.c.bing.com/	1970-01-20 13:32:58	Name: SRM_B Value: 27321244F557613B21DC0390F43C60E6
m.stripe.com/	1970-01-20 21:42:34	Name: m Value: 11b0def3-519c-44ae-bf1d-73dc833b4396a3a735
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:32:58	Name: MUID Value: 27321244F557613B21DC0390F43C60E6
.c.clarity.ms/	1970-01-20 04:11:23	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.miniextensions.com
app.miniextensions.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
connect.facebook.net
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
js.stripe.com
l.clarity.ms
m.stripe.com
m.stripe.network
maxcdn.bootstrapcdn.com
q.stripe.com
static.cloudflareinsights.com
widget.intercom.io
www.clarity.ms
www.crews-control.registrations.events
www.facebook.com
www.google-analytics.com
108.138.17.67
110.232.143.90
13.225.78.95
18.65.39.65
20.120.65.166
20.234.93.27
2600:9000:2156:a200:19:7d10:bd80:93a1
2606:4700:440e::ac40:9c1a
2606:4700::6810:5514
2606:4700::6812:acf
2606:4700:e4::ac40:a704
2620:1ec:27::cafe:2277
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:801::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2003
2a00:1450:400e:80e::200a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.211.132.125
54.187.159.182
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11cb2411d4de02b3a4afb57bb8f1fbb10ae7716cbc0dba4acf5e9d360188e396
13bf830bdc68d70fdd14462ad3b8cbb9d1a6033d9d7f8a8b472b25817ce55ba5
289ac96339e8c74805f1cb72959ce65000c005b9c1594b0e77aab57eb485abbd
4fe45d57e9930d87d21b7f6714087ecb4b4969f5653605561bfdf0c783f37900
53564b513bb9ea2e70b6218aaff24c15852c942d10fa698c983e4be59dce27ac
5c683590bd152e4973c7a24405852f3802c435bcec05b0fc85ca7b7daa72494d
5ff884b275306bdb6c40b433687e92878ebf7a4add8076a4125de49b54416cc8
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
657d50e8837f78d769c335548d37dd8dca01d01141a03035b826e2611878f698
7365bd3face25fac70f03aace24fc1aca86ba0d845c5a99b187002b0360f0521
8c84312081dd1159a40382bb16c1450e96087a059f4860d60755960799c64353
8e9f2890970d2a8539c1f8eeffa06f6823025dcbe5031844b3b4ad32e7faa8f9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9df75a6cce015ea1f8f31a1c01f7ee62082cbf567bf17754dd5677580fd5d22d
a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a47ef987adc76c072ad58cbad729efd77f6333d890bd772736b1f07211094ff9
a5d1ccfa0caa14db8875d14d826a8f54f38de1e2383526ac92152b2ebdfd725c
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
acc2283859b9fd79ee1d2fb639cc2ff13c9c20ca8e9106e9d626b600f1bd5d79
ad62b9bc28a66c0f6320aeee3877309e9c23fa248adca3d5ff3d43d9bc335aff
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
b1356b9d4e233d4e1a8ecebd20822e0b4a7d37d329d3e6d7af0e8d4386cf00fa
bfb750587288e54be130e53bcce50205a4091a532af61c7b2ef228780081c2a7
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
e027796009c6479b66cf028b2175395dce517e069ffc379792ea830ee1e3f9d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a4c217a4fdc86c00b2226d6f98c1c286a444e1d75d88c4676c0953b75120a3
f0c32dfc064cc31be5c81ae3b244d6bb1fc6753e422bc67f990a0f16c5c9f95e
f290b337295b0962870ff9bbdc6438d87789325b3f70b05148180c7f846175ad
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f59b0d7d8bfb4937d51d066bcca1e1462050ffac16f826bfc6ca18bde403b6c6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fda2887396e49c71f2b72c41e48c883543fde7825e9a111cae66094263539ba5

www.crews-control.registrations.events Open in urlscan Pro 110.232.143.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

96 %HTTPS

64 %IPv6

16 Domains

23 Subdomains

20 IPs

4 Countries

2028 kBTransfer

7735 kBSize

6 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.crews-control.registrations.events Open in urlscan Pro
110.232.143.90 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

96 %
HTTPS

64 %
IPv6

16
Domains

23
Subdomains

20
IPs

4
Countries

2028 kB
Transfer

7735 kB
Size

6
Cookies

48 HTTP transactions
0 data transactions