report.bitninja.io Open in urlscan Pro
2606:4700:3031::ac43:c0bd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bitninja.io/incidentReport.php?details=ed32a90b202f26414e
Effective URL:
https://report.bitninja.io/incident-report/ed32a90b202f26414e
Submission Tags: falconsandbox
Submission: On May 23 via api (May 23rd 2021, 2:30:14 am UTC) from US

Summary HTTP 103 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 49 IPs in 6 countries across 35 domains to perform 103 HTTP transactions. The main IP is 2606:4700:3031::ac43:c0bd, located in United States and belongs to CLOUDFLARENET, US. The main domain is report.bitninja.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.

This is the only time report.bitninja.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	85.195.75.217 85.195.75.217	20773 (GODADDY) (GODADDY)
16	2606:4700:303... 2606:4700:3031::ac43:c0bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	148.72.132.217 148.72.132.217	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a8::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	34.197.14.190 34.197.14.190	14618 (AMAZON-AES) (AMAZON-AES)
1	23.45.100.179 23.45.100.179	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f06... 2a03:2880:f067:e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
3	157.245.25.14 157.245.25.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f16... 2a03:2880:f164:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	136.143.191.67 136.143.191.67	2639 (ZOHO-AS) (ZOHO-AS)
2	2a02:26f0:710... 2a02:26f0:7100:481::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
9	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.149.80 52.222.149.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	107.178.240.159 107.178.240.159	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:edcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.222.18.181 3.222.18.181	14618 (AMAZON-AES) (AMAZON-AES)
2	185.20.209.147 185.20.209.147	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
2	3.88.94.204 3.88.94.204	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.233.167.154 64.233.167.154	15169 (GOOGLE) (GOOGLE)
103	49

2 85.195.75.217 (Ascension Island) 2 redirects

ASN20773 (GODADDY, DE)

bitninja.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3031::ac43:c0bd (United States)

ASN13335 (CLOUDFLARENET, US)

report.bitninja.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.72.132.217 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)

static.bitninja.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a8::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.14.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.100.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

a9855856441.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f067:e:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.245.25.14 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f164:81:face:b00c:0:25de (London, United Kingdom)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.143.191.67 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:481::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

rec.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-80.cdg52.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.240.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.18.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-18-181.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.20.209.147 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.88.94.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	bitninja.io 2 redirects bitninja.io report.bitninja.io static.bitninja.io	587 KB
9	tawk.to embed.tawk.to va.tawk.to	137 KB
7	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net	4 KB
6	google.de www.google.de	425 B
6	google.com www.google.com	432 B
5	facebook.net connect.facebook.net	164 KB
5	optimizely.com cdn.optimizely.com logx.optimizely.com a9855856441.cdn.optimizely.com errors.client.optimizely.com	77 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	hubspot.com api.hubspot.com track.hubspot.com	2 KB
3	bing.com bat.bing.com	9 KB
3	facebook.com www.facebook.com	323 B
3	optimonk.com front.optimonk.com	14 KB
3	googletagmanager.com www.googletagmanager.com	121 KB
2	zohocdn.com css.zohocdn.com js.zohocdn.com	30 KB
2	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	40 KB
2	licdn.com snap.licdn.com	4 KB
2	zoho.com salesiq.zoho.com	45 KB
2	twitter.com 1 redirects platform.twitter.com analytics.twitter.com	993 B
2	googleadservices.com www.googleadservices.com	30 KB
1	hubapi.com api.hubapi.com	969 B
1	hsforms.com forms.hsforms.com	523 B
1	hscollectedforms.net js.hscollectedforms.net	24 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hs-banner.com js.hs-banner.com	15 KB
1	usemessages.com js.usemessages.com	20 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	t.co t.co	455 B
1	mixpanel.com api-js.mixpanel.com	348 B
1	hs-scripts.com js.hs-scripts.com	1017 B
1	smartlook.com rec.smartlook.com	8 KB
1	reddit.com alb.reddit.com	125 B
1	mxpnl.com cdn.mxpnl.com	25 KB
1	redditstatic.com www.redditstatic.com	7 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
103	35

	Domain	Requested by
16	report.bitninja.io	report.bitninja.io
8	embed.tawk.to	report.bitninja.io embed.tawk.to
6	www.google.de	report.bitninja.io
6	www.google.com	report.bitninja.io
5	connect.facebook.net	report.bitninja.io connect.facebook.net
4	www.google-analytics.com	report.bitninja.io www.google-analytics.com
3	bat.bing.com	report.bitninja.io bat.bing.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.facebook.com	report.bitninja.io
3	front.optimonk.com	report.bitninja.io front.optimonk.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	www.googletagmanager.com	report.bitninja.io js.hsadspixel.net
3	static.bitninja.io	report.bitninja.io
2	errors.client.optimizely.com	cdn.optimizely.com
2	api.hubspot.com	js.usemessages.com
2	px.ads.linkedin.com	2 redirects
2	snap.licdn.com	report.bitninja.io js.hsadspixel.net
2	salesiq.zoho.com	report.bitninja.io salesiq.zoho.com
2	www.googleadservices.com	report.bitninja.io www.googletagmanager.com
2	bitninja.io	2 redirects
1	bid.g.doubleclick.net	www.googleadservices.com
1	va.tawk.to	embed.tawk.to
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	js.zohocdn.com	salesiq.zoho.com
1	css.zohocdn.com	salesiq.zoho.com
1	heapanalytics.com	report.bitninja.io
1	forms.hsforms.com	report.bitninja.io
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	t.co	report.bitninja.io
1	analytics.twitter.com	platform.twitter.com
1	px4.ads.linkedin.com	report.bitninja.io
1	www.linkedin.com	1 redirects
1	api-js.mixpanel.com	cdn.mxpnl.com
1	js.hs-scripts.com	www.googletagmanager.com
1	cdn.heapanalytics.com	report.bitninja.io
1	rec.smartlook.com	report.bitninja.io
1	alb.reddit.com	report.bitninja.io
1	cdn.mxpnl.com	report.bitninja.io
1	www.redditstatic.com	report.bitninja.io
1	a9855856441.cdn.optimizely.com	cdn.optimizely.com
1	logx.optimizely.com	cdn.optimizely.com
1	static.ads-twitter.com	report.bitninja.io
1	platform.twitter.com	1 redirects
1	cdn.optimizely.com	report.bitninja.io
103	49

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
admin.bitninja.io
docs.bitninja.io
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
*.bitninja.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-15` - `2021-09-27`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
logx.optimizely.com Amazon	`2020-09-21` - `2021-10-21`	a year	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2021-04-19` - `2022-05-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.zoho.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-14` - `2022-05-14`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
1610534878.rsc.cdn77.org R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.zohocdn.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://report.bitninja.io/incident-report/ed32a90b202f26414e
Frame ID: E35B642A0F2B96B149FBC5ABCFDBCC10
Requests: 100 HTTP requests in this frame

Frame: https://a9855856441.cdn.optimizely.com/client_storage/a9855856441.html
Frame ID: 5940293E882260C26097A8C79428E73E
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: B561D663A0CF09A4A4FE9962F6719734
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bitninja.io/incidentReport.php?details=ed32a90b202f26414e HTTP 308
https://bitninja.io/incidentReport.php?details=ed32a90b202f26414e HTTP 301
https://report.bitninja.io/incident-report/ed32a90b202f26414e Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

103
Requests

100 %
HTTPS

65 %
IPv6

35
Domains

49
Subdomains

49
IPs

6
Countries

1413 kB
Transfer

4192 kB
Size

23
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://admin.bitninja.io/
Title: Login

Search URL Search Domain Scan URL

URL: https://docs.bitninja.io/serverprotection/doc/#investigations
Title: investigation site

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bitninja.io
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/bitninjaio
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitninja-io
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bitninja.io/incidentReport.php?details=ed32a90b202f26414e HTTP 308
https://bitninja.io/incidentReport.php?details=ed32a90b202f26414e HTTP 301
https://report.bitninja.io/incident-report/ed32a90b202f26414e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 59

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1621736984547&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D559500%26time%3D1621736984547%26url%3Dhttps%253A%252F%252Freport.bitninja.io%252Fincident-report%252Fed32a90b202f26414e%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1621736984547&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1621736984547&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e&liSync=true&e_ipv6=AQLxzOz-9lhY8gAAAXmXDpOalTQ-VUpgsjzHhy3bSK5agLsamLbi3NKKuaUTRnRumeP0vTWY

103 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ed32a90b202f26414e Show response
report.bitninja.io/incident-report/
Redirect Chain

http://bitninja.io/incidentReport.php?details=ed32a90b202f26414e
https://bitninja.io/incidentReport.php?details=ed32a90b202f26414e
https://report.bitninja.io/incident-report/ed32a90b202f26414e?

34 KB
10 KB

1980ms
1942ms

Document
text/html

2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8313d3e169121893e826bc2506e89df9d60c93f701d48e2e2bc52cc1c2594d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: report.bitninja.io
:scheme: https
:path: /incident-report/ed32a90b202f26414e?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
content-type: text/html; charset=UTF-8
set-cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D; expires=Sun, 23-May-2021 04:29:43 GMT; Max-Age=7200; path=/; httponly
strict-transport-security: max-age=31536000
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0a38a79a7700004e5529362000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iUd762W%2BXmcWV0GicXslwh60A4Cpxx5WxlDjanqDiOx9HjWZEER0AvaMFQVZvQ6IxyQLduMSZK3p3CckB%2B4pF4QbDHl4mimSW1d%2BL2bx5jzXgqSsVitMIIxOOiRDz90%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 653adba3f8d14e55-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx/1.19.2
date: Sun, 23 May 2021 02:29:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3-29 200 0f7800724e8259fd8cc99616c05bfe16-1598438882
report.bitninja.io/combine/ 433 KB
51 KB 138ms
125ms Stylesheet
text/css 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5184d24cb91ce0e98b123e5d01b21ea34bbe213a5893053ec4f5da0382e314d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
pragma: no-cache
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: report.bitninja.io
referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7a22c0000537325b25000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"0f7800724e8259fd8cc99616c05bfe16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I%2Fv6MxgTNKldJ7mo7cuAOegAZjewR04VylLZGIZj693mTxidqyQ28rpTgYOf5bQ5WbhwMR1%2B7siFcgVH%2Fz4y%2BF5fKYpfuQDs9VRkN4fSWeal7t4y0a%2FCvZqNI11YElk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public private
cf-ray: 653adbb0494b5373-FRA

GET
H3-29 200 logo.png
report.bitninja.io/themes/bitninja/assets/images/ 3 KB
4 KB 70ms
58ms Image
image/png 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://report.bitninja.io/themes/bitninja/assets/images/logo.png

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31a09d63ab88373d5f7fe2785b274ea60c826d52f109b3ce4e88db440299091b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/bitninja/assets/images/logo.png
pragma: no-cache
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: report.bitninja.io
referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a38a7a22b00005373028fd000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5f463de2-d5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tvfn7tBnOPY1XRPFseYpgEDifOJ5K%2FoE1bwVfOMMPxRO03BPhwDO4dfoVPtLyGdgfTGHaor8lARlSLT0DE6%2FJESlxu5%2BwaBYIcmhublAhvD5%2FCxipV4AOTbUpidcuAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cache-control: max-age=2592000 private
cf-ray: 653adbb0494a5373-FRA
expires: Tue, 22 Jun 2021 02:29:43 GMT

GET
H3-29 200 logo-small.png
report.bitninja.io/themes/bitninja/assets/images/ 3 KB
4 KB 87ms
74ms Image
image/png 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://report.bitninja.io/themes/bitninja/assets/images/logo-small.png

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81e64118f1bf09843324b9d9b13fbbab22a0cad9edbda5737f42fb124e04a4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/bitninja/assets/images/logo-small.png
pragma: no-cache
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: report.bitninja.io
referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a38a7a22d00005373c08e5000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5f463de2-d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7xJOfZksSUHBApMKsZDlTI8ccO2oAfYdY12C7ihflExQwLBwx4%2FWAiiuGyjzv%2FfZrNBRef8towS0iO%2Bp3I4cufaGedd9JvBicOpsCdHYptN8ZXd%2BBQL%2B3RyRoen%2F9q4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cache-control: max-age=2592000 private
cf-ray: 653adbb0494f5373-FRA
expires: Tue, 22 Jun 2021 02:29:43 GMT

GET
H/1.1 200
OK ee.png
static.bitninja.io/themes/sbadmin/img/flags/ 429 B
815 B 406ms
129ms Image
image/png 148.72.132.217
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bitninja.io/themes/sbadmin/img/flags/ee.png
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.72.132.217 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ebe8f7e33db530652a0b1c6394ec4f50a2fcc0b4a31d1ab33db65d6815dd087

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 23 May 2021 02:29:43 GMT
last-modified: Wed, 19 May 2021 10:51:47 GMT
server: nginx
etag: "60a4edc3-1ad"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 429
expires: Sun, 23 May 2021 02:39:43 GMT

GET
H3-29 200 js_defer.I4cHjq6EEP.js Show response
report.bitninja.io/pagespeed_static/ 12 KB
4 KB 93ms
80ms Script
application/javascript 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59dbda86041a5f394b83391ffe0b939341aabb817fa60a6ea78c80f5835596b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /pagespeed_static/js_defer.I4cHjq6EEP.js
pragma: no-cache
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: report.bitninja.io
referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
content-encoding: br
x-content-type-options: nosniff nosniff
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a38a7a22c00005373bbbc4000000001
last-modified: Sun, 23 May 2021 02:29:43 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ntfyHmi2ZkyLZfGgG3hFC6kM%2BBipcA%2FElSwWXNlcPTiOdoaCYCvua97cc1aYZXIX0UbdaTkXiUuKSixVxDjP9vn6kENKpWcyAkhdR5OJqOnMZT2duqkK2CmqIl4UhyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cache-control: max-age=2592000 private
cf-ray: 653adbb0494d5373-FRA
expires: Tue, 22 Jun 2021 02:29:43 GMT

GET
H3-29 200 Roboto-Regular.woff2
report.bitninja.io/themes/bitninja/assets/fonts/roboto/ 48 KB
49 KB 64ms
64ms Font
font/woff2 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/fonts/roboto/Roboto-Regular.woff2
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

sec-fetch-mode: cors
origin: https://report.bitninja.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
:path: /themes/bitninja/assets/fonts/roboto/Roboto-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: report.bitninja.io
referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49236
cf-request-id: 0a38a7a31f00005373a794f000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-c054"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yGqHX%2BTkdKG97gZ1AqCmnk2gCNyAEvcbe9DB9BINJwJIgFkSp38n4S3Eg3yKzr9v2TBVNKRi8%2FD4dBpM5n22h0lEAVinPS%2BK1Z0IpTt8jigzQOIjAXqybXNf0Yr7Hx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 653adbb1cafb5373-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 world-map.png
report.bitninja.io/themes/bitninja/assets/images/ 4 KB
4 KB 105ms
102ms Image
image/png 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://report.bitninja.io/themes/bitninja/assets/images/world-map.png

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c114b978529bb527ee145a76e49651f83cb774274f510f7856499916b493f4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/bitninja/assets/images/world-map.png
pragma: no-cache
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: report.bitninja.io
referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a38a7a32f0000537339109000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5f463de2-e04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yiF3%2FP71DHD1t3afDOUWnJC8gEPWynf0LcacYsT3yGrxn0waf91WuA%2F3o6fBO6hvY0E4gbYd11DncXrpF%2BNLiUKjWFMjxp5HItaDu1vFB%2BYWyvBJX6jIFLCj5EYkz50%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cache-control: max-age=2592000 private
cf-ray: 653adbb1eb145373-FRA
expires: Tue, 22 Jun 2021 02:29:43 GMT

GET
H3-29 200 Roboto-Medium.woff2
report.bitninja.io/themes/bitninja/assets/fonts/roboto/ 49 KB
50 KB 76ms
74ms Font
font/woff2 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/fonts/roboto/Roboto-Medium.woff2
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d

Request headers

sec-fetch-mode: cors
origin: https://report.bitninja.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
:path: /themes/bitninja/assets/fonts/roboto/Roboto-Medium.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: report.bitninja.io
referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50224
cf-request-id: 0a38a7a32d00005373b6344000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-c430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JUqaVp8pYcjbMBva1sKN72NdsNR%2FhwHuxZTyUgeuAh9LAyaj7x%2FpF1kJneFEP8HUibek%2FjL2qj2Ot%2B%2FrdyjoVZ8G0Z3vu%2Fc0p6yWHScKMwBwoVAyoFIdJ%2B3faaYD8oI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 653adbb1eb0e5373-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 Roboto-Light.woff2
report.bitninja.io/themes/bitninja/assets/fonts/roboto/ 48 KB
49 KB 86ms
83ms Font
font/woff2 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/fonts/roboto/Roboto-Light.woff2
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

sec-fetch-mode: cors
origin: https://report.bitninja.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
:path: /themes/bitninja/assets/fonts/roboto/Roboto-Light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: report.bitninja.io
referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49380
cf-request-id: 0a38a7a32d00005373aa17b000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-c0e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nga35BcsXiv3lowo%2BmV4pu83BCCMjvv1NoyDA%2B9RajotxH4EZwrOak9fIGPLfMG6nYyjf%2FXaxoiI0JLVXsaVxzpseH9jvIT6kp1jqs%2F7M6YDce2eibCAsbpiOzFo22k%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 653adbb1eb0f5373-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 Roboto-Black.woff2
report.bitninja.io/themes/bitninja/assets/fonts/roboto/ 19 KB
20 KB 99ms
97ms Font
font/woff2 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/fonts/roboto/Roboto-Black.woff2
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbda4e32c2422a0c9a346a5ce6f039f7f17a27991b31d248d748574c0aa19120

Request headers

sec-fetch-mode: cors
origin: https://report.bitninja.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
:path: /themes/bitninja/assets/fonts/roboto/Roboto-Black.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: report.bitninja.io
referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19740
cf-request-id: 0a38a7a32e000053731596f000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-4d1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MnYxJcl%2BYj5UOj6pdyBmDW0e4%2BRKlq3O3YrEVPv%2BhPcds0QfRCnkcdjHcHTSEXJ063SI8pWtVFZnPrcJzVEGKG%2FmMOM69L8A6RuOQu5k5anzRbl2O%2B5Ts%2FQs0X2BP%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 653adbb1eb105373-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 icomoon.ttf
report.bitninja.io/themes/bitninja/assets/vendor/icomoon/fonts/ 190 KB
191 KB 59ms
56ms Font
application/octet-stream 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://report.bitninja.io/themes/bitninja/assets/vendor/icomoon/fonts/icomoon.ttf?195opb
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce4dc0d434cc27202dc77461c9873fd99da0b3e552b4262ce63d2fd50caa5c7

Request headers

sec-fetch-mode: cors
origin: https://report.bitninja.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
:path: /themes/bitninja/assets/vendor/icomoon/fonts/icomoon.ttf?195opb
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: report.bitninja.io
referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/combine/0f7800724e8259fd8cc99616c05bfe16-1598438882
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 194904
cf-request-id: 0a38a7a32e00005373c8310000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
etag: "5f463de2-2f958"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ml9LeXIQfCATh%2BQ9FXRHDUjK%2Bc7YUr9de550M2euvzLR7pOx3Pb%2BQn%2FN98a1NHRs%2BCLj3PJf5xNakXSxjuDBNX5GrURJmvAtYHH9HaQykaQo6maLOA7kvj5%2BaB0eLQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
accept-ranges: bytes
cf-ray: 653adbb1eb115373-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9863944102.js Show response
cdn.optimizely.com/js/ 246 KB
76 KB 693ms
110ms Script
text/javascript 2a02:26f0:6c00:2a8::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/9863944102.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a8::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4776ab4ac83d2d50183ec44db9f7f17740189de4ed8d5dfbca2e38b98979fc7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GO7lKWbupAJ9kGNKGmRjdfgcjrcDWpsB
content-encoding: gzip
etag: "9c7d87b62118ad36ab1a365bd67d6c2b"
x-amz-request-id: 26W295NWF04C2D2Q
x-amz-meta-revision: 18
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2a8::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 76631
x-amz-id-2: O8reD/ko/ZCsdHNmja9bkK67mU8wbEIsjxMfjywBCZHo6i6YHHPW+ku+ozQdYmM2Y94wYVF4PLg=
last-modified: Mon, 22 Jan 2018 12:16:16 GMT
server: AmazonS3
date: Sun, 23 May 2021 02:29:44 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H3-29 200 5da2c63aafe926c4e2e18ed995fc4b02-1598438882 Show response
report.bitninja.io/combine/ 263 KB
44 KB 164ms
151ms Script
application/javascript 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/combine/5da2c63aafe926c4e2e18ed995fc4b02-1598438882

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2de8d4f132044f39b69a3ccea9dcae78ac622d809f38463d85bfa823e4867454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /combine/5da2c63aafe926c4e2e18ed995fc4b02-1598438882
pragma: no-cache
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: report.bitninja.io
referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7a39d00005373b0bb0000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5da2c63aafe926c4e2e18ed995fc4b02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rBB4ihuJpkKseRP12IS5qfIQdyzGR%2FiEg5GaePM3r34xSmips4QueK934gTI7ATVBGhhNROM2TIVe%2FMrp0bBGQq4B80LHntsyz%2BUW0szejI79v66UbkAj90EYbqyc1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public private
cf-ray: 653adbb29bbf5373-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 42ms
28ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-879238219

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6a42551570efac6335b8af881b06a3519225e02ea845360512ee32f1846101f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34308
x-xss-protection: 0
last-modified: Sun, 23 May 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 May 2021 02:29:43 GMT

GET
H/1.1 200
OK incident-report.js Show response
static.bitninja.io/themes/sbadmin/js/modules/app-admin/views/iphistory/ 630 B
1 KB 162ms
133ms Script
application/javascript 148.72.132.217
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bitninja.io/themes/sbadmin/js/modules/app-admin/views/iphistory/incident-report.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.72.132.217 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: f54f48bed0d5056a57db5e71efaa1692a5e889acff2f69f3422a5ebc516ee99a

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 23 May 2021 02:29:43 GMT
last-modified: Wed, 19 May 2021 10:51:47 GMT
server: nginx
etag: "60a4edc3-276"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 630
expires: Sun, 23 May 2021 02:39:43 GMT

GET
H/1.1 200
OK index.js Show response
static.bitninja.io/themes/sbadmin/js/modules/app-admin/widgets/timeZoneWidget/ 2 KB
1 KB 294ms
128ms Script
application/javascript 148.72.132.217
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bitninja.io/themes/sbadmin/js/modules/app-admin/widgets/timeZoneWidget/index.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.72.132.217 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c23671b1bdfd9c2f6567d716fe2cec5b81342b328db7d8736393ce6e6c669a8

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 23 May 2021 02:29:43 GMT
content-encoding: gzip
last-modified: Wed, 19 May 2021 10:51:47 GMT
server: nginx
etag: W/"60a4edc3-959"
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600, public
access-control-allow-credentials: true
expires: Sun, 23 May 2021 02:39:43 GMT

GET
H3-29 200 27e2f5dc9cae55ef89fcc96b7d589eed-1598438882 Show response
report.bitninja.io/combine/ 118 KB
32 KB 162ms
151ms Script
application/javascript 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/combine/27e2f5dc9cae55ef89fcc96b7d589eed-1598438882

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b3e90398c657077f722fae1c3378f89cda72b842a560ff5b62e5b2a66dd38a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /combine/27e2f5dc9cae55ef89fcc96b7d589eed-1598438882
pragma: no-cache
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: report.bitninja.io
referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7a39d000053733bb39000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"27e2f5dc9cae55ef89fcc96b7d589eed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r50%2BEJTlpAHbpFyj2KjFiZsZe9%2F0vwPFMFy256P2InYjvUcFKrescLGbKv%2FkPehZxLOAlFdz%2Bsyuw8l2PFT0AjrhbXSWSOCFTtXEVJkmxKHe0PfqzNll4%2BFM6mVYsSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public private
cf-ray: 653adbb29bc35373-FRA

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 43 KB
16 KB 43ms
31ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

301e75715a47f3d7311ad19e5b1bb6f48d7db12893b122566509ace4458da2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16635
x-xss-protection: 0
server: cafe
etag: 14430038639082329330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 23 May 2021 02:29:43 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

82ms
27ms

Script
application/javascript

199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 2915
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1621736984.107744,VS0,VE0
x-served-by: cache-hhn11575-HHN

Redirect headers

x-tw-cdn: VZ
Date: Sun, 23 May 2021 02:29:44 GMT
Server: ECS (frb/6763)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H3-29 200 jquery.js Show response
report.bitninja.io/themes/bitninja/assets/vendor/jquery/ 252 KB
71 KB 162ms
152ms Script
application/javascript 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/themes/bitninja/assets/vendor/jquery/jquery.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a18aa92dea997bd71eb540d5f931620591e9dee27e5f817978bb385bab924d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /themes/bitninja/assets/vendor/jquery/jquery.js
pragma: no-cache
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: report.bitninja.io
referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0a38a7a39e00005373e3a52000000001
last-modified: Wed, 26 Aug 2020 10:48:02 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5f463de2-3f154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1ANw6bKbwyaVogNa1Cc2nlvosVD5FuiV6hsjpLjUH%2FVZ31LbF1vFc3jHmy8F5kcC88GsJ2EM7BGRbl%2FQEaCjr9V6a%2Bc0HP%2B7wf7yFZgdbkQ8FFpV4h5dks3zJz9YseI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cache-control: max-age=2592000 private
cf-ray: 653adbb29bc45373-FRA
expires: Tue, 22 Jun 2021 02:29:43 GMT

GET
DATA 200
OK truncated Show response
/ 27 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d190c985949e8a0962ca2cede3c214de8085dc9d11c726af6c00c1ae5bb7ba9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H/1.1 204
No Content event Show response
logx.optimizely.com/log/ 0
363 B 451ms
111ms XHR
text/plain 34.197.14.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/log/event
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9863944102.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.14.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 23 May 2021 02:29:44 GMT
Server: nginx/1.17.2
Content-Type: text/plain
Access-Control-Allow-Origin: https://report.bitninja.io
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: c11786ab-8438-4231-8386-b45699845967

GET
H2 200 a9855856441.html Show response
a9855856441.cdn.optimizely.com/client_storage/ Frame 5940 1 KB
1 KB 432ms
381ms Document
text/html 23.45.100.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a9855856441.cdn.optimizely.com/client_storage/a9855856441.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9863944102.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.45.100.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

689b4bf15ccbe5c9a73eefb514819352d2965eb097094151fe549e3b50102545

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a9855856441.cdn.optimizely.com
:scheme: https
:path: /client_storage/a9855856441.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://report.bitninja.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://report.bitninja.io/

Response headers

x-amz-id-2: JELZBqTMcTcq4E2iOuZ7ZoGYToAlreW9RZDuWDCTvoN9OUy/6swO5P0zjbp7PpZ+7Ode4/PbGJo=
x-amz-request-id: 24XXD06NPZ4G50N2
last-modified: Mon, 22 Jan 2018 12:16:05 GMT
etag: "de2df1e9ea5ea3ba4310e4714b5c01f9"
content-encoding: gzip
x-amz-version-id: cY1_d7Vs5gxHHlG8.C095NjpjoujWaLe
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 697
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
date: Sun, 23 May 2021 02:29:44 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="23.45.100.179";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 20 KB
7 KB 71ms
21ms Script
application/javascript 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 38c9e8d2dfaf439f732463b5ae80c7d5da32bd8594172a56041794f080b2a3bc

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 01 Apr 2021 21:20:31 GMT
server: snooserv
etag: "f130bbfe131c22854e51f461d761041d"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 6670

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3588
date: Sun, 23 May 2021 01:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 23 May 2021 03:29:56 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 22ms
20ms Script
application/x-javascript 2a03:2880:f067:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f067:e:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fafe8561b29ed51ec8d31a7820abf8e09aac6c6400f56de53b697003702d1370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DXDRw48bO4OpSSgTklpMvQ==
cross-origin-resource-policy: cross-origin
expires: Sun, 23 May 2021 02:33:08 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2161
x-fb-rlafr: 0
x-fb-debug: fG8xd8sWl5jHn4RQd9urJln9yQ0UvIDaSczdJdJDguceHqXdMUCAgnlXEpdXiOWoQXPlhop00IBzwTz1yUFDjA==
x-fb-trip-id: 1679558926
x-fb-content-md5: e09d98d9e9e5393f2925ea6abcbb513b
date: Sun, 23 May 2021 02:29:44 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "bc5d85b7fe570f7d3c80c117948e933f"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
54 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZ3KQ3

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e616576797f5545a063665255eb3d8a9de5bd7a57b0f09d1aabb764bd264ab76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55426
x-xss-protection: 0
last-modified: Sun, 23 May 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 May 2021 02:29:44 GMT

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 41ms
39ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-879238219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

992bba83c91506222322122d55e57b2a0b966f9e2362ddd604703bac3de4172e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14016
x-xss-protection: 0
server: cafe
etag: 992563924920100560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 23 May 2021 02:29:44 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1162634152&t=pageview&_s=1&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e&ul=en-us&de=UTF-8&dt=BitNinja.io%20-%20Incident%20report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2120209283&gjid=1387496915&cid=1635339281.1621736984&tid=UA-1975075-16&_gid=1883100577.1621736984&_r=1&_slc=1&z=1472359781

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://report.bitninja.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1975075-16&cid=1635339281.1621736984&jid=2120209283&gjid=1387496915&_gid=1883100577.1621736984&_u=IEBAAEAAAAAAAC~&z=1896364987

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 23 May 2021 02:29:44 GMT
content-type: text/plain
access-control-allow-origin: https://report.bitninja.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 79ms
79ms Script
application/x-javascript 2a03:2880:f067:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?ver=MU

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/combine/27e2f5dc9cae55ef89fcc96b7d589eed-1598438882

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f067:e:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0364d2485dfcf4c52eba347643732f6ae1ab659ad343dec8b1611c8dbd9b5837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ab8seTkJE0l5ZOUYNCeshg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: Ke5fOjS6AasiDj8j6+S4rGwHbc8x9V5mq9DhH7sX6BvtYIRiq0w+plPtnx5xk7OFRK82jFHAfA2U9FdlfpqntQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d6fbfa869b9a7cae067dfba809f3f132
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 23 May 2021 02:29:44 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8dad193c4053c5a2a3b5266158ddab40"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 23 May 2021 02:49:44 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 75 KB
25 KB 32ms
7ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:21:20 GMT
content-encoding: gzip
age: 504
x-guploader-uploadid: ABg5-UygQAj3a0NoYu2FRbGbpadOK-gNyfcpTAsbE-sILs9AoED3aV-d50YX6Ear1w64iFgy69IVUvoeas--cGBiwmA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 25572
last-modified: Thu, 28 Jan 2021 18:21:54 GMT
server: UploadServer
etag: "765779983eed1c9fc2821b4507eea08b"
vary: Accept-Encoding
x-goog-hash: crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation: 1611858114590219
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 25572
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 23 May 2021 02:31:20 GMT

GET
H2 200 preload.js Show response
front.optimonk.com/public/2717/js/ 56 KB
13 KB 93ms
30ms Script
application/javascript 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/public/2717/js/preload.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

20bd9e5bb962fdbbc85e1b5cd61e66a9937d791132bd0ef55946e6879ffdc118

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"de0c-BZtR5jJMOaYbc/+/nJl7sHkyQC8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1350
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
114 B 17ms
16ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1975075-16&cid=1635339281.1621736984&jid=2120209283&_u=IEBAAEAAAAAAAC~&z=481055102

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1975075-16&cid=1635339281.1621736984&jid=2120209283&_u=IEBAAEAAAAAAAC~&z=481055102

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 21ms
21ms Image
image/gif 2a03:2880:f164:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1442211302682868&ev=PixelInitialized&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&rl=&if=false&ts=1621736984412

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f164:81:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 23 May 2021 02:29:44 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/879238219/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/879238219/?random=1621736984415&cv=9&fst=1621736984415&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&tiba=BitNinja.io%20-%20Incident%20report&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0065c9314c5fbafc45233d0981f29f31e14798bc1d96c6d9f1155f319e845f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 170ms
119ms Image
image/gif 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1621736984428&id=t2_4x01z78z&event=PageVisit&uuid=ef3c0671-34ab-4f11-8f3c-206f926ee6ec&aaid=&em=&idfa=&opt_out=0&sh=1600&sw=1200&s=MsW%2FKEKEAMrTYnloAoEmsQHoGxsVH%2B%2Fu3QJBh44WnF4%3D
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/879238219/ 2 KB
1 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/879238219/?random=1621736984435&cv=9&fst=1621736984435&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&tiba=BitNinja.io%20-%20Incident%20report&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c67d7ca12d73af6ffe244067f12675e4f7830d2c4c0b86ec1e7829b30783ff3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1020
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 widget Show response
salesiq.zoho.com/ 104 KB
31 KB 697ms
180ms Script
text/javascript 136.143.191.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/widget

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

4214c333a482968581d7730b40deb91156949c746fee95ecab3349b5db4a745e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date: Sun, 23 May 2021 02:29:45 GMT
Content-Encoding: gzip
Server: ZGS
ETag: W/1809900229
vary: accept-encoding
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000
Expires: Sun, 23 May 2021 02:34:45 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 26ms
7ms Script
application/x-javascript 2a02:26f0:7100:481::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:481::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 02:29:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=18502
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 19ms
17ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1975075-25&cid=1635339281.1621736984&jid=1115785832&gjid=1991090998&_gid=1883100577.1621736984&_u=aGDAgEABAAAAAG~&z=1535358431

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 23 May 2021 02:29:44 GMT
content-type: text/plain
access-control-allow-origin: https://report.bitninja.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1975075-16&cid=1635339281.1621736984&jid=781124471&gjid=1908058658&_gid=1883100577.1621736984&_u=aGDAgEABAAAAAG~&z=1450855161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 23 May 2021 02:29:44 GMT
content-type: text/plain
access-control-allow-origin: https://report.bitninja.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recorder.js Show response
rec.smartlook.com/ 27 KB
8 KB 29ms
7ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://rec.smartlook.com/recorder.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

06a55eba27ec35f9551e07c28b7d9a42207d015016f16d4aef63e8030c094f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1ry/4p2LvAwAAAA==
date: Sun, 23 May 2021 02:29:44 GMT
content-encoding: br
etag: W/"60a53070-6d0b"
last-modified: Wed, 19 May 2021 15:36:16 GMT
server: CDN77-Turbo
x-77-nzt-ray: cb0JcrVc/tg=
strict-transport-security: max-age=31536000
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
x-cache: HIT
x-age: 3
x-77-pop: frankfurtDE

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f067:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f067:e:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24156
x-fb-rlafr: 0
pragma: public
x-fb-debug: KI0w8GLbxlOyF8WCCNqaCUby7VXBGTVftRs8ri6E6ZzJvb/NbPaVaPKKQaoEGrhcBPED46UQnOxDnFJCQeEijg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 23 May 2021 02:29:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1eeq7a96m Show response
embed.tawk.to/5df9f98fd96992700fccd5e9/ 1 KB
866 B 36ms
13ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5df9f98fd96992700fccd5e9/1eeq7a96m

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6015ebb3c5a15b29d0008c8164cdd6ec4acec71872b375c93632b966c3aba502

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1430
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7a7b50000c2bdf6be5000000001
server: cloudflare
etag: W/"stable-v4-60a9820aa38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 653adbb92f59c2bd-FRA
expires: Sun, 23 May 2021 03:29:44 GMT

GET
H2 200 heap-289765868.js Show response
cdn.heapanalytics.com/js/ 101 KB
40 KB 680ms
196ms Script
application/javascript 52.222.149.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-289765868.js

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.149.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-149-80.cdg52.r.cloudfront.net

Software

nginx /

Resource Hash

bf9343f4c7423fe24aecb5b52ebbe160bdb67159b6bbe10a780a0932d4b175e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: CDG52-P1
etag: W/"1957b-Jm6TUvAJDrPm4LT1It10ww"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
cache-control: public, max-age=120
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: t7Xagwqgjr411-eAfXFCkspjQARkWxo6aqrHOb9yLkBOlS3MJ6cS2Q==

GET
H2 200 14555117.js Show response
js.hs-scripts.com/ 2 KB
1017 B 140ms
115ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/14555117.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZ3KQ3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77e00056f87388b706aaf8a8e7a7707e17900a5d421e9793d297cf0a89be2842

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 0e0c92b4-1ad9-4c72-9de3-326ee6d8f3a6
cf-request-id: 0a38a7a7b900004ee0330d7000000001
server: cloudflare
x-trace: 2B2DACFB1D5EE5CFE3D37A7B814962F71E5F1785B7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://report.bitninja.io
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 653adbb92eb64ee0-FRA
expires: Sun, 23 May 2021 02:30:44 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 50ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6e44b9596bd11c9d0332e7f9a729f2488b67d3f458c4297e079b3e96c7011296

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
content-encoding: gzip
last-modified: Fri, 21 May 2021 00:51:47 GMT
x-msedge-ref: Ref A: 51D5A4A42D6F4DE2BA179AB8C41FD354 Ref B: FRAEDGE1418 Ref C: 2021-05-23T02:29:44Z
etag: "8013f579db4dd71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8911

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1162634152&t=pageview&_s=1&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e&ul=en-us&de=UTF-8&dt=BitNinja.io%20-%20Incident%20report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAAC~&jid=1115785832&gjid=1991090998&cid=1635339281.1621736984&tid=UA-1975075-25&_gid=1883100577.1621736984&gtm=2wg5j0NZ3KQ3&z=1596590828

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 05:29:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75619
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1162634152&t=pageview&_s=1&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e&ul=en-us&de=UTF-8&dt=BitNinja.io%20-%20Incident%20report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAAG~&jid=781124471&gjid=1908058658&cid=1635339281.1621736984&tid=UA-1975075-16&_gid=1883100577.1621736984&gtm=2wg5j0NZ3KQ3&z=1504986207

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 05:29:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75619
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
348 B 476ms
39ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1621736984518

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Sun, 23 May 2021 02:29:44 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://report.bitninja.io
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
alt-svc: clear
content-length: 1

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1975075-25&cid=1635339281.1621736984&jid=1115785832&_u=aGDAgEABAAAAAG~&z=1320021958

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1975075-25&cid=1635339281.1621736984&jid=1115785832&_u=aGDAgEABAAAAAG~&z=1320021958

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/879238219/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/879238219/?random=1621736984415&cv=9&fst=1621735200000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&tiba=BitNinja.io%20-%20Incident%20report&async=1&fmt=3&is_vtc=1&random=219872389&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/879238219/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/879238219/?random=1621736984415&cv=9&fst=1621735200000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&tiba=BitNinja.io%20-%20Incident%20report&async=1&fmt=3&is_vtc=1&random=219872389&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 21ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1975075-16&cid=1635339281.1621736984&jid=781124471&_u=aGDAgEABAAAAAG~&z=1622935701

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 46ms
44ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1975075-16&cid=1635339281.1621736984&jid=781124471&_u=aGDAgEABAAAAAG~&z=1622935701

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 216 KB
64 KB 29ms
21ms Script
application/x-javascript 2a03:2880:f067:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=07acab58ff5aaf1d65af74378a8e2f87&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?ver=MU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f067:e:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

432d178347545b373ebdd7210959b99ad967808559768b50ec9e94a2ee53743e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mjCZZeWFmaN1D8C5AaKcoA==
cross-origin-resource-policy: cross-origin
expires: Mon, 23 May 2022 00:12:15 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65261
x-fb-rlafr: 0
x-fb-debug: E3gvr062MH571aKqMyK5TRYKA5Jc98LYcvXOHF/aSwRQhiZaS0sOQ4lcS3zCgnLpbVYAWzuZ94FcQSZTP1W2Ww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: bd5ce4f9ec8451d86131d9e364d9669e
date: Sun, 23 May 2021 02:29:44 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2b8bb5796bbbc3d48b29a9bbc981ed1e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1621736984547&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D559500%26time%3D1621736984547%26url%3Dhttps%253A%252F%252Freport.bitninja.io%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1621736984547&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1621736984547&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e&liSync=true&e_ipv6=AQLxzOz-9lhY8gAAAXmXDpOa...

0
372 B

421ms
195ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1621736984547&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e&liSync=true&e_ipv6=AQLxzOz-9lhY8gAAAXmXDpOalTQ-VUpgsjzHhy3bSK5agLsamLbi3NKKuaUTRnRumeP0vTWY
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: zP3XQTKRgRZADX9UxyoAAA==

Redirect headers

date: Sun, 23 May 2021 02:29:45 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=559500&time=1621736984547&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e&liSync=true&e_ipv6=AQLxzOz-9lhY8gAAAXmXDpOalTQ-VUpgsjzHhy3bSK5agLsamLbi3NKKuaUTRnRumeP0vTWY
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: dbHRJzKRgRbQqDfttyoAAA==

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/879238219/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/879238219/?random=1621736984435&cv=9&fst=1621735200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&tiba=BitNinja.io%20-%20Incident%20report&fmt=3&is_vtc=1&random=3394338339&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/879238219/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/879238219/?random=1621736984435&cv=9&fst=1621735200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&tiba=BitNinja.io%20-%20Incident%20report&fmt=3&is_vtc=1&random=3394338339&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log Show response
front.optimonk.com/error/ 0
232 B 64ms
23ms XHR
text/plain 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/error/log

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/2717/js/preload.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

POST
H2 200 log Show response
front.optimonk.com/error/ 0
233 B 59ms
21ms XHR
text/plain 157.245.25.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://front.optimonk.com/error/log

Requested by

Host: front.optimonk.com
URL: https://front.optimonk.com/public/2717/js/preload.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
x-content-type-options: nosniff
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H3-29 200 1889755577830629 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 83ms
83ms Script
application/x-javascript 2a03:2880:f067:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1889755577830629?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f067:e:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c6b885e03b73147dcf0423c503edeb69f10b06b4538d5db4e8a5bcf53e64caf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: HmeprWua54X8etKjQYI9X5Obe7K1NMK2SNwRc8Ly+MSufNw+pJ+mo8wusb6jxY/iFsMuPjF9gNlGyhc/6dj8hg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 23 May 2021 02:29:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 134003891 Show response
bat.bing.com/p/action/ 0
127 B 31ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/134003891
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 23 May 2021 02:29:44 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: BF91A5865A1D41D08C1A8D11D638C06C Ref B: FRAEDGE1418 Ref C: 2021-05-23T02:29:44Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
148 B 32ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=134003891&Ver=2&mid=45c6257b-f32e-4e6c-88a5-7f7e2e3a9c0d&sid=bc6523b0bb6e11eb92627d2c56945ded&vid=bc686de0bb6e11ebaeea434687fb7a28&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=BitNinja.io%20-%20Incident%20report&p=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&r=&lt=2708&evt=pageLoad&msclkid=N&sv=1&rn=799221
Requested by: Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 23 May 2021 02:29:44 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: BAE062E822E5429F9A429B54B186F152 Ref B: FRAEDGE1418 Ref C: 2021-05-23T02:29:44Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 424ms
136ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=l65ql&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Sun, 23 May 2021 02:29:45 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 680c95f9a8146afb9065fba8049b990ccd2a3dd7c009e4817103c9a47bddb5be
x-transaction: 2bc4ff0152c87a2c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 428ms
141ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=l65ql&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sun, 23 May 2021 02:29:45 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e05388f77d499b16e7cdbe1c626b259d45d0d22a12b4ad903f1c5b0b4088bb50
x-transaction: d808a6d77cf3d019
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 276ms
14ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14555117.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b2305414c9bf43fa92261bef6e29c905907a74dac72bd4db0bc7c0564c2a1cf

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
via: 1.1 c34bd35d24f6df50307d1ac92d0f6110.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 175
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.236/bundles/pixels-release.js&cfRay=653ad770a84ddfeb-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0a38a7a98400004a5b8d3a7000000001
last-modified: Wed, 19 May 2021 01:36:15 UTC
server: cloudflare
etag: W/"9bf4a7e463a03f7ef4d23adef96f0eb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 7qr9esS2QpE6nCtS.kIl1u2Oe.WmUioR
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 653adbbc0c184a5b-FRA
x-amz-cf-id: 2dj_gRi8lE2DogMen93sVB_9JsIqFmQNrvVcFzu8EuNBMdnpCL88NQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.236/bundles/pixels-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 81 KB
20 KB 282ms
21ms Script
application/javascript 2606:4700::6811:edcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14555117.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3122ef66ff9e6b4de9cfaeb484881af52bded234f8bed33643f515e68f33ceff

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
via: 1.1 38ecebcaa39c8742da2b6336935bb446.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 150
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8820/bundles/project.js&cfRay=653ad80d79362c36-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0a38a7a9840000d6b58a04a000000001
last-modified: Mon, 17 May 2021 06:57:52 UTC
server: cloudflare
etag: W/"b373692eef1fee419577ad498aa96201"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: cU6W2PpqfOpO_F40uZh.c4AX9rZjXHrX
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 653adbbc0857d6b5-FRA
x-amz-cf-id: kc5PeTdm3teieIX-gYwi4is00zxVDVNi4K2kw8g0bGv5qNzeSODuJQ==
x-hs-target-asset: conversations-embed/static-1.8820/bundles/project.js

GET
H2 200 14555117.js Show response
js.hs-banner.com/ 59 KB
15 KB 748ms
486ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/14555117.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14555117.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab387ca7a44566e97d712d42512cd007ec6a7a082a9fcf228ce48fd4d57702ab

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: C4JQ7T4DN5HNFD80
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: MElgRvR2EMGadsKA6IYzcOxap845SSwSt0fNAFFkiT0tJvqbDnYSnZ4bnyfsEkS2M5He6dRHBmg=
timing-allow-origin: *
last-modified: Wed, 12 May 2021 23:56:59 GMT
server: cloudflare
etag: W/"fa23d374275725236b5df065d33de2e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: r4.CEPuLo_UzMSxtbWfXXba0IV_FJwtl
access-control-allow-origin: https://console.bitninja.io
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 0a38a7a98500004ec7933a8000000001
cf-ray: 653adbbc0c594ec7-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Sun, 23 May 2021 02:34:45 GMT

GET
H2 200 14555117.js Show response
js.hs-analytics.net/analytics/1621736700000/ 62 KB
19 KB 841ms
580ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1621736700000/14555117.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14555117.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ecb19208af0fe05a6823398d20e534747dcc67c7f12cc49d8a2514bd9aaf3e4

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: W90AJZ07C9STKJMD
x-amz-server-side-encryption: AES256
cf-ray: 653adbbc0b9d2b4d-FRA
x-amz-id-2: 9lkyVUU3//eW7zes5NQiJajFgBvzs9nPyOHnEIsfoLzOUGs27OU2v751MUr3VRnZjALX2kiAygA=
last-modified: Thu, 13 May 2021 00:44:13 GMT
server: cloudflare
etag: W/"fa8688c97c7160da47c0edee2c206594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 0a38a7a98500002b4dfd065000000001
content-type: text/javascript
expires: Sun, 23 May 2021 02:34:45 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 81 KB
24 KB 282ms
22ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/14555117.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfabc4d333e327c32d9d62163c51df7b15e4d8a5a04683e9f024262ab9e3356d

Request headers

Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:44 GMT
via: 1.1 4db130e87be66fce9731567ae0669c56.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 43648
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.239/bundles/project.js&cfRay=6536b2160b243237-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0a38a7a9850000c2d6cf167000000001
cf-ray: 653adbbc0d29c2d6-FRA
last-modified: Fri, 14 May 2021 09:00:06 UTC
server: cloudflare
etag: W/"d4d11e37f3f418bbc582008a9d42401b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 4Ay4hkDNZ0cZB59AI9nL3xeHgWtkyIlk
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: GUhPNCQTVZI1_vXxxKR_1XoQHTq5Kr7zW1pANoZZYMm1IEF-KuNtDA==
x-hs-target-asset: collected-forms-embed-js/static-1.239/bundles/project.js

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 22ms
21ms Image
image/gif 2a03:2880:f164:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1889755577830629&ev=PageView&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&rl=&if=false&ts=1621736985013&sw=1600&sh=1200&v=2.9.40&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1621736985003.1866282871&it=1621736984627&coo=false&exp=l0&rqm=GET

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f164:81:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 23 May 2021 02:29:45 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 142ms
119ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=14555117&conversations-embed=static-1.8820&mobile=false&messagesUtk=092bcf93d45e4b68a4fd9625f5a29fb8&traceId=092bcf93d45e4b68a4fd9625f5a29fb8

Protocol

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://report.bitninja.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 653adbbcbc332b89-FRA
access-control-allow-origin: https://report.bitninja.io
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-request-id: 0a38a7a9f400002b897a984000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: 73951b44-b4ea-46ae-b7fa-85b8fdb77708
x-trace: 2B8848B5C6DA67D23648A074E9FE108D0555A1B2FF000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4UOw%2BhXyJ7U70uckc0z%2BC1kHBwH3Luhw3%2BneijdkXoEOn3ZBvRF6CYFtYfdsfUrpDyCjQg%2Bsiw5mntcx7CohcTzjZ%2Bx28XQWzr0CWUbAj9x0kITMzeE0ydT4vJQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 297 B
1 KB 161ms
151ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa700026f65e76dc1e8ab1f1a09c3b12bc781059e93fddf91668f1a8d9f9028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://report.bitninja.io/

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 83d44051-3fff-4308-a6d2-0f24480c28b5
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 233
cf-request-id: 0a38a7aa750000178ab1876000000001
server: cloudflare
x-trace: 2B18419F2EFA4BB0DA6A9C26A99A8D14499379E134000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FJXqtxmTmLzXa5aVfxqPb8%2F%2BLRLMhiHW6ZD%2B%2F3cqnmPvMaqUm1A7i4JDL09AmeJTa3OaeSS7mtEGSlta0yMuEXoPWk2Pe%2FojdppgCkrMBlwreTtwwHfAW6Tb0Vs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://report.bitninja.io
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 653adbbd8f16178a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
523 B 132ms
115ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: d39df3aa-9ca7-4375-9619-53a009e6dca1
x-trace: 2B34DAC6E31413A6902C7E6F02B57DF7BFAD6F47A5000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 653adbbce9ce4e26-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
cf-request-id: 0a38a7aa1300004e26f734c000000001

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 361ms
116ms Image
image/gif 3.222.18.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=289765868&u=1896205146726973&v=7014006869209977&s=6847621842999421&b=web&tv=4.0&z=0&h=%2Fincident-report%2Fed32a90b202f26414e&d=report.bitninja.io&t=BitNinja.io%20-%20Incident%20report&ts=1621736985194&st=1621736985196

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.222.18.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-222-18-181.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:45 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H/1.1 200 getembeddetails.ls Show response
salesiq.zoho.com/ 40 KB
14 KB 200ms
200ms XHR
application/json 136.143.191.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/getembeddetails.ls?widgetcode=bfa7e82fc35241522a511c08ee5c6dbcfe42e781ab852b534cca940e33f947d9&fetchavuid=true&fetchapilang=true&lang_browser=en&currdomain=https%3A%2F%2Freport.bitninja.io&pagetitle=BitNinja.io%20-%20Incident%20report

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

bfe1a1aaaf5de956cb5184c28713e80e8a972deb118e580f48ece4c2036ccf79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 02:29:45 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: ZGS
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://report.bitninja.io
Connection: keep-alive
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Credentials: true
vary: accept-encoding
X-XSS-Protection: 1

GET
H2 200 floatbutton_5d928aa68bbf3ad7271785d251c4d734_.css
css.zohocdn.com/salesiq/https/styles/ 107 KB
18 KB 115ms
40ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/https/styles/floatbutton_5d928aa68bbf3ad7271785d251c4d734_.css

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

da18b063a5ad4fd3b2ab2119a89c13f04089ce5b294672bcd7c7f9cc91e2878d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
x-cache: HIT
vary: Accept-Encoding
content-length: 18300
x-xss-protection: 1
x-sts-request-id: ex1-6f6164c7b85b4a06a728ecb87a7dc205
last-modified: Fri, 21 May 2021 16:25:57 GMT
server: ZGS
etag: "f9d67481e572d74629f663be3cc11fef"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 floatbutton_4f46a98b90d3204c9a51e4d759e527d8_.js Show response
js.zohocdn.com/salesiq/https/js/ 56 KB
12 KB 95ms
27ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/floatbutton_4f46a98b90d3204c9a51e4d759e527d8_.js

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

708d269702025d6df88eceaa9d5b8f17c85e199cf9838e75d7f15f8af6a4d151

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 11857
x-xss-protection: 1
x-sts-request-id: ex1-7e7c81e6376f4fd48608bf38f0ad481a
last-modified: Wed, 12 May 2021 11:16:55 GMT
server: ZGS
etag: "6b8f4874fbeae7e56d55b1b93bc92723"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 21ms
21ms Image
image/gif 2a03:2880:f164:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1889755577830629&ev=Microdata&dl=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&rl=&if=false&ts=1621736985522&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BitNinja.io%20-%20Incident%20report%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Freport.bitninja.io%2Fthemes%2Fbitninja%2Fassets%2Fimages%2Fbitninja.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1621736985003.1866282871&it=1621736984627&coo=false&es=automatic&tm=3&exp=l0&rqm=GET

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f164:81:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 23 May 2021 02:29:45 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 450ms
111ms Preflight
text/plain 3.88.94.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 3.88.94.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://report.bitninja.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://report.bitninja.io
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Sun, 23 May 2021 02:29:46 GMT
Content-Length: 13
Connection: keep-alive

GET
H3-29 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/60a9820aa38/js/ 121 B
505 B 33ms
19ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60a9820aa38/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5df9f98fd96992700fccd5e9/1eeq7a96m

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1431
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7ada80000c2db5e333000000001
last-modified: Sat, 22 May 2021 22:14:02 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 653adbc2a8ffc2db-FRA
expires: Tue, 22 Jun 2021 02:29:46 GMT

GET
H3-29 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/60a9820aa38/js/ 76 KB
26 KB 37ms
24ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60a9820aa38/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5df9f98fd96992700fccd5e9/1eeq7a96m

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bc29d017961ab6cdab5e37d7f71cf782e64bc2e88c17dee110766ea790e2d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1431
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7ada90000c2db4c22c000000001
last-modified: Sat, 22 May 2021 22:14:02 GMT
server: cloudflare
etag: W/"0f39891136019f798fa8b3392f334ff1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 653adbc2a901c2db-FRA
expires: Tue, 22 Jun 2021 02:29:46 GMT

GET
H3-29 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/60a9820aa38/js/ 273 KB
72 KB 56ms
43ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60a9820aa38/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5df9f98fd96992700fccd5e9/1eeq7a96m

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

627243ce2294317c88d1bd5f05bf22061962419620b5fa17415b3feb96caaf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1431
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7ada90000c2db1b8dd000000001
last-modified: Sat, 22 May 2021 22:14:02 GMT
server: cloudflare
etag: W/"95c3811c336440f6536fc617ab121ab8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 653adbc2a902c2db-FRA
expires: Tue, 22 Jun 2021 02:29:46 GMT

GET
H3-29 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/60a9820aa38/js/ 125 KB
31 KB 37ms
24ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60a9820aa38/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5df9f98fd96992700fccd5e9/1eeq7a96m

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

082ef9751b9e22407547eb03527dfd1594119a4056b083f688f7ceb8d467a5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1431
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7ada90000c2db269d0000000001
last-modified: Sat, 22 May 2021 22:14:02 GMT
server: cloudflare
etag: W/"67b2d69ea59853da719ad013c3a49a30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 653adbc2a900c2db-FRA
expires: Tue, 22 Jun 2021 02:29:46 GMT

GET
H3-29 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/60a9820aa38/js/ 2 KB
1 KB 33ms
20ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60a9820aa38/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5df9f98fd96992700fccd5e9/1eeq7a96m

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b90452abafa6d8cdd45b5842ba9f7562b88b6c3830e2ff8c481a3127a870b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1430
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7adaa0000c2db11920000000001
last-modified: Sat, 22 May 2021 22:14:02 GMT
server: cloudflare
etag: W/"db500d006aec77a8fc0e913c245af300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 653adbc2a903c2db-FRA
expires: Tue, 22 Jun 2021 02:29:46 GMT

GET
H3-29 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/60a9820aa38/js/ 151 B
565 B 31ms
19ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60a9820aa38/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5df9f98fd96992700fccd5e9/1eeq7a96m

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://report.bitninja.io
Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1430
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7adab0000c2db5e334000000001
last-modified: Sat, 22 May 2021 22:14:01 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 653adbc2a904c2db-FRA
expires: Tue, 22 Jun 2021 02:29:46 GMT

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
244 B 111ms
110ms XHR
text/plain 3.88.94.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/9863944102.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.94.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://report.bitninja.io
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Sun, 23 May 2021 02:29:46 GMT
Content-Type: text/plain

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 205 B
969 B 155ms
134ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=14555117

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d298a2938b517ba3639ee0357c4749ab69acd4ed8ad66b5de9ef99117ab25bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7801debc-168f-40ba-9163-814959bfba92
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7adb60000c27707a50000000001
server: cloudflare
x-trace: 2B7B9B8A18A278C3062E85FA64B4AD2B09C4E95B36000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d9WXZfcJGeenwdMW1Jm5w1lPRXZ04fHgshjJn78UsPuSw7MSsMTGCEktI6svQD9rT9NAIVv7SCu83VHJ%2B0nk0UNX4uEicxw%2BOPDvg6%2FhDGoZOXR8ZTK6o5AJlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://report.bitninja.io
access-control-allow-credentials: false
cf-ray: 653adbc2b847c277-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
791 B 58ms
25ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=14555117&pu=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&t=BitNinja.io+-+Incident+report&cts=1621736986028&vi=e2e05eeb0c5b66a00e3e3f3eedeb5ddf&nc=true&u=21521316.e2e05eeb0c5b66a00e3e3f3eedeb5ddf.1621736986020.1621736986020.1621736986020.1&b=21521316.1.1621736986020&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 92bed84a-2062-4614-b42b-f9d685c32d18
cf-ray: 653adbc2fb9adfe3-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0a38a7add70000dfe312a56000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=81o3tSz4XxdOcL5PEnTnkukI4%2FKFSSd74%2BiwUM1HMC%2FswLJdi5K%2FtPrqRgPhoKxWGld7%2FFWLxCA%2F4odHZxC%2FqPZ07yw6chp28wIKdJL7oNeWWytG1m2Ll9xw7%2F6JTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H3-29 204 ngx_pagespeed_beacon Show response
report.bitninja.io/ 0
526 B 38ms
37ms XHR
text/plain 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/ngx_pagespeed_beacon?url=http%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://report.bitninja.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D; optimizelyEndUserId=oeu1621736984239r0.22393619050299018; _ga=GA1.2.1635339281.1621736984; _gid=GA1.2.1883100577.1621736984; _gat=1; _rdt_uuid=1621736984428.ef3c0671-34ab-4f11-8f3c-206f926ee6ec; _gcl_au=1.1.797522472.1621736984; _dc_gtm_UA-1975075-25=1; _dc_gtm_UA-1975075-16=1; mp_6b52cb025104e4f948adb8e81433352f_mixpanel=%7B%22distinct_id%22%3A%20%22179970e8fbd1a8-075213164c7d37-5771e33-1d4c00-179970e8fbea5d%22%2C%22%24device_id%22%3A%20%22179970e8fbd1a8-075213164c7d37-5771e33-1d4c00-179970e8fbea5d%22%2C%22first_page%22%3A%20%22BitNinja.io%20-%20Incident%20report%22%2C%22first_contact%22%3A%20%22Sun%20May%2023%202021%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; optiMonkClientId=92c7b2ad-e508-f286-8848-630ce837836b; _uetsid=bc6523b0bb6e11eb92627d2c56945ded; _uetvid=bc686de0bb6e11ebaeea434687fb7a28; _fbp=fb.1.1621736985003.1866282871; _hp2_id.289765868=%7B%22userId%22%3A%221896205146726973%22%2C%22pageviewId%22%3A%227014006869209977%22%2C%22sessionId%22%3A%226847621842999421%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.289765868=%7B%22ts%22%3A1621736985194%2C%22d%22%3A%22report.bitninja.io%22%2C%22h%22%3A%22%2Fincident-report%2Fed32a90b202f26414e%22%7D; __hstc=21521316.e2e05eeb0c5b66a00e3e3f3eedeb5ddf.1621736986020.1621736986020.1621736986020.1; hubspotutk=e2e05eeb0c5b66a00e3e3f3eedeb5ddf; __hssrc=1; __hssc=21521316.1.1621736986020
content-length: 50
:path: /ngx_pagespeed_beacon?url=http%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: report.bitninja.io
referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IPxrl525jev7Y5r0hqgjh%2BSzU%2BdNoE85BBixldQBOno7dxjjJOkcaeEOTOyEFlszuFnx98CsqRGZHt4W2AfXJU3O7NNhuRc6kdSEg%2B3Q5iiQXdxsMstP1pwjdkjJrIo%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
cache-control: max-age=0, no-cache private
cf-ray: 653adbc2cda35373-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7adbc000053733e81d000000001

POST
H3-29 204 ngx_pagespeed_beacon Show response
report.bitninja.io/ 0
526 B 54ms
53ms XHR
text/plain 2606:4700:3031::ac43:c0bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://report.bitninja.io/ngx_pagespeed_beacon?url=http%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F

Requested by

Host: report.bitninja.io
URL: https://report.bitninja.io/incident-report/ed32a90b202f26414e?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c0bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://report.bitninja.io
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: october_session=eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D; optimizelyEndUserId=oeu1621736984239r0.22393619050299018; _ga=GA1.2.1635339281.1621736984; _gid=GA1.2.1883100577.1621736984; _gat=1; _rdt_uuid=1621736984428.ef3c0671-34ab-4f11-8f3c-206f926ee6ec; _gcl_au=1.1.797522472.1621736984; _dc_gtm_UA-1975075-25=1; _dc_gtm_UA-1975075-16=1; mp_6b52cb025104e4f948adb8e81433352f_mixpanel=%7B%22distinct_id%22%3A%20%22179970e8fbd1a8-075213164c7d37-5771e33-1d4c00-179970e8fbea5d%22%2C%22%24device_id%22%3A%20%22179970e8fbd1a8-075213164c7d37-5771e33-1d4c00-179970e8fbea5d%22%2C%22first_page%22%3A%20%22BitNinja.io%20-%20Incident%20report%22%2C%22first_contact%22%3A%20%22Sun%20May%2023%202021%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; optiMonkClientId=92c7b2ad-e508-f286-8848-630ce837836b; _uetsid=bc6523b0bb6e11eb92627d2c56945ded; _uetvid=bc686de0bb6e11ebaeea434687fb7a28; _fbp=fb.1.1621736985003.1866282871; _hp2_id.289765868=%7B%22userId%22%3A%221896205146726973%22%2C%22pageviewId%22%3A%227014006869209977%22%2C%22sessionId%22%3A%226847621842999421%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.289765868=%7B%22ts%22%3A1621736985194%2C%22d%22%3A%22report.bitninja.io%22%2C%22h%22%3A%22%2Fincident-report%2Fed32a90b202f26414e%22%7D; __hstc=21521316.e2e05eeb0c5b66a00e3e3f3eedeb5ddf.1621736986020.1621736986020.1621736986020.1; hubspotutk=e2e05eeb0c5b66a00e3e3f3eedeb5ddf; __hssrc=1; __hssc=21521316.1.1621736986020
content-length: 48
:path: /ngx_pagespeed_beacon?url=http%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: report.bitninja.io
referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://report.bitninja.io/incident-report/ed32a90b202f26414e?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SYwedC3hTBaKcMFX22ftfyaQWwuDblcEkj9iS6Q4FKIRTuFuzyrk79DNc2c3KPM4IEzYe8qlrkETfsfXUHP66mw5P3uidsCvuM%2B0hSIIIT3YpwuMDHikNo3h%2B51Gd%2BQ%3D"}],"group":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
cache-control: max-age=0, no-cache private
cf-ray: 653adbc2cda45373-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7adbd00005373e3abb000000001

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 27ms
18ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5df9f98fd96992700fccd5e9&widgetId=1eeq7a96m&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/60a9820aa38/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99c5b0c4dda4c118c47a981dc88aa3e607a81dc978456cb652cfefb6a4b09a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1429
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7ae330000c2bd598ed000000001
x-served-by: visitor-application-preemptive-xd1w
server: cloudflare
etag: W/"2-38-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 653adbc38812c2bd-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-879238219

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9d9f5594a673ab4cf310c708e7d5ce3e8246225429a6225abd9026dc9907ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34307
x-xss-protection: 0
last-modified: Sun, 23 May 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 May 2021 02:29:46 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/879238219/ 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/879238219/?random=1621736986176&cv=9&fst=1621736986176&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&tiba=BitNinja.io%20-%20Incident%20report&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acc0667bd6c77132026dedfab636ac0f95c517991b07068200f2a422a9ff4684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1072
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame B561 0
438 B 97ms
31ms Document
text/html 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bid.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=KAE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://report.bitninja.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm5h8H2uw2hZ7zH-GBmyLtTELR7LwjZS2xNKVkv9lzCKHew4njzb0XGD1gs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://report.bitninja.io/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 23 May 2021 02:29:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:7100:481::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:481::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 May 2021 02:29:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=18500
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H3-29 200 en.js Show response
embed.tawk.to/_s/v4/app/60a9820aa38/languages/ 16 KB
4 KB 31ms
14ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60a9820aa38/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/60a9820aa38/js/twk-chunk-common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef8a91d7e9984a2615372222eee92dd55dd0ff1011db66acbe8cfc5ed380e63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 02:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 817
x-cache-status: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a38a7ae5a0000d6e9e095c000000001
last-modified: Sat, 22 May 2021 22:14:02 GMT
server: cloudflare
etag: W/"08b2a0180a44aba775e17f2fe7a0a45c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
cf-ray: 653adbc3ccb7d6e9-FRA
expires: Tue, 22 Jun 2021 02:29:46 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/879238219/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/879238219/?random=1621736986176&cv=9&fst=1621735200000&num=1&bg=ffffff&guid=ON&eid=376635471%2C2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&tiba=BitNinja.io%20-%20Incident%20report&async=1&fmt=3&is_vtc=1&random=2339100431&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/879238219/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/879238219/?random=1621736986176&cv=9&fst=1621735200000&num=1&bg=ffffff&guid=ON&eid=376635471%2C2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Freport.bitninja.io%2Fincident-report%2Fed32a90b202f26414e%3F&tiba=BitNinja.io%20-%20Incident%20report&async=1&fmt=3&is_vtc=1&random=2339100431&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.bitninja.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 May 2021 02:29:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bitninja.io/	1970-01-19 18:28:58	Name: __hssc Value: 21521316.1.1621736986020
.bitninja.io/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.bitninja.io/	1970-01-20 03:50:32	Name: hubspotutk Value: e2e05eeb0c5b66a00e3e3f3eedeb5ddf
.bitninja.io/	1970-01-20 03:50:32	Name: __hstc Value: 21521316.e2e05eeb0c5b66a00e3e3f3eedeb5ddf.1621736986020.1621736986020.1621736986020.1
.bitninja.io/	1970-01-20 03:56:54	Name: _hp2_id.289765868 Value: %7B%22userId%22%3A%221896205146726973%22%2C%22pageviewId%22%3A%227014006869209977%22%2C%22sessionId%22%3A%226847621842999421%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.bitninja.io/	1970-01-20 03:50:32	Name: _uetvid Value: bc686de0bb6e11ebaeea434687fb7a28
.bitninja.io/	1970-01-19 18:30:23	Name: _uetsid Value: bc6523b0bb6e11eb92627d2c56945ded
.bitninja.io/	1970-01-19 18:28:57	Name: _dc_gtm_UA-1975075-16 Value: 1
.bitninja.io/	1970-01-19 18:28:58	Name: _hp2_ses_props.289765868 Value: %7B%22ts%22%3A1621736985194%2C%22d%22%3A%22report.bitninja.io%22%2C%22h%22%3A%22%2Fincident-report%2Fed32a90b202f26414e%22%7D
.bitninja.io/	1970-01-20 12:00:08	Name: _ga Value: GA1.2.1635339281.1621736984
.bitninja.io/	1970-01-19 18:28:57	Name: _dc_gtm_UA-1975075-25 Value: 1
.bitninja.io/	1970-01-20 03:14:32	Name: mp_6b52cb025104e4f948adb8e81433352f_mixpanel Value: %7B%22distinct_id%22%3A%20%22179970e8fbd1a8-075213164c7d37-5771e33-1d4c00-179970e8fbea5d%22%2C%22%24device_id%22%3A%20%22179970e8fbd1a8-075213164c7d37-5771e33-1d4c00-179970e8fbea5d%22%2C%22first_page%22%3A%20%22BitNinja.io%20-%20Incident%20report%22%2C%22first_contact%22%3A%20%22Sun%20May%2023%202021%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.bitninja.io/	1970-01-19 18:30:23	Name: _gid Value: GA1.2.1883100577.1621736984
.bitninja.io/	1970-01-19 20:38:32	Name: _rdt_uuid Value: 1621736984428.ef3c0671-34ab-4f11-8f3c-206f926ee6ec
.bitninja.io/	1970-01-19 20:38:32	Name: _gcl_au Value: 1.1.797522472.1621736984
.bitninja.io/	1970-01-19 18:28:57	Name: _gat Value: 1
report.bitninja.io/	1970-01-20 03:14:32	Name: optiMonkClientId Value: 92c7b2ad-e508-f286-8848-630ce837836b
.bitninja.io/	1970-01-23 10:04:56	Name: optimizelyEndUserId Value: oeu1621736984239r0.22393619050299018
report.bitninja.io/	1970-01-19 18:29:04	Name: october_session Value: eyJpdiI6ImJTQ2c2bnRtRDBjNVc5cW80Mkh3eEE9PSIsInZhbHVlIjoiMml4RCt6dnBEYitSN0wzTG9rMXZOc0pKVkVBS2hxNTBzNUVneUtUdFl1eFN1dDZSQ0IrdDFGWTVsZm9HT2R2OGNCOU14ek5mWUlWcUV4MytLa3J1Y3c9PSIsIm1hYyI6ImU5N2U3OTkxNDAxM2VjM2Y2YmUyNjlkYzkyY2FiNDQ4ODY5YzdjMThmNmQ5YzgyOTU1NWY5M2VmOTU3MTFjZDcifQ%3D%3D
.bitninja.io/	1970-01-19 20:38:32	Name: _fbp Value: fb.1.1621736985003.1866282871
report.bitninja.io/incident-report	1970-01-19 18:28:57	Name: ZLD367633000000002043avuid Value: %2211ea7f21-63a2-4812-9dfa-0714df8a58c9%22
report.bitninja.io/incident-report	1970-01-19 18:28:57	Name: bitninja-_zldp Value: %22Vr4ZOFVYbvCCgm%252FJp4GgFdePTcUr4n4vowPm3WgmuySAjaqh0jG%252Bm78g6HqVQEE%252BmKwM1K1ctjo%253D%22
report.bitninja.io/incident-report	1970-01-19 18:30:23	Name: ZLSLANGbfa7e82fc35241522a511c08ee5c6dbcfe42e781ab852b534cca940e33f947d9 Value: %22en%22

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://front.optimonk.com/public/2717/js/preload.js(Line 115) Message: TypeError: Cannot read property 'getItem' of null [object Object]
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a9855856441.cdn.optimizely.com
alb.reddit.com
analytics.twitter.com
api-js.mixpanel.com
api.hubapi.com
api.hubspot.com
bat.bing.com
bid.g.doubleclick.net
bitninja.io
cdn.heapanalytics.com
cdn.mxpnl.com
cdn.optimizely.com
connect.facebook.net
css.zohocdn.com
embed.tawk.to
errors.client.optimizely.com
forms.hsforms.com
front.optimonk.com
googleads.g.doubleclick.net
heapanalytics.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.usemessages.com
js.zohocdn.com
logx.optimizely.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
rec.smartlook.com
report.bitninja.io
salesiq.zoho.com
snap.licdn.com
static.ads-twitter.com
static.bitninja.io
stats.g.doubleclick.net
t.co
track.hubspot.com
va.tawk.to
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.244.42.133
104.244.42.195
107.178.240.159
108.174.10.14
136.143.191.67
142.250.184.194
148.72.132.217
151.101.113.140
157.245.25.14
185.20.209.147
199.232.136.157
23.45.100.179
2600:1901:0:bc29::
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:2642
2606:4700:3031::ac43:c0bd
2606:4700::6810:5805
2606:4700::6811:43b0
2606:4700::6811:73b0
2606:4700::6811:7fab
2606:4700::6811:c9cc
2606:4700::6811:d6cc
2606:4700::6811:edcc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c04::9c
2a00:1450:400c:c07::9b
2a02:26f0:6c00:2a8::13b8
2a02:26f0:7100:481::25ea
2a02:6ea0:c700::2
2a03:2880:f067:e:face:b00c:0:3
2a03:2880:f164:81:face:b00c:0:25de
3.222.18.181
3.88.94.204
34.197.14.190
52.222.149.80
64.233.167.154
85.195.75.217
0065c9314c5fbafc45233d0981f29f31e14798bc1d96c6d9f1155f319e845f20
0364d2485dfcf4c52eba347643732f6ae1ab659ad343dec8b1611c8dbd9b5837
06a55eba27ec35f9551e07c28b7d9a42207d015016f16d4aef63e8030c094f6f
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
082ef9751b9e22407547eb03527dfd1594119a4056b083f688f7ceb8d467a5aa
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1b90452abafa6d8cdd45b5842ba9f7562b88b6c3830e2ff8c481a3127a870b20
1bc29d017961ab6cdab5e37d7f71cf782e64bc2e88c17dee110766ea790e2d6b
1cd5c4b37938d932110ec043ce1cc766d18cacf7a4e7cffa6a539855d5bdc08d
20bd9e5bb962fdbbc85e1b5cd61e66a9937d791132bd0ef55946e6879ffdc118
2c23671b1bdfd9c2f6567d716fe2cec5b81342b328db7d8736393ce6e6c669a8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ce4dc0d434cc27202dc77461c9873fd99da0b3e552b4262ce63d2fd50caa5c7
2de8d4f132044f39b69a3ccea9dcae78ac622d809f38463d85bfa823e4867454
301e75715a47f3d7311ad19e5b1bb6f48d7db12893b122566509ace4458da2a3
3122ef66ff9e6b4de9cfaeb484881af52bded234f8bed33643f515e68f33ceff
31a09d63ab88373d5f7fe2785b274ea60c826d52f109b3ce4e88db440299091b
38c9e8d2dfaf439f732463b5ae80c7d5da32bd8594172a56041794f080b2a3bc
3d298a2938b517ba3639ee0357c4749ab69acd4ed8ad66b5de9ef99117ab25bb
4214c333a482968581d7730b40deb91156949c746fee95ecab3349b5db4a745e
432d178347545b373ebdd7210959b99ad967808559768b50ec9e94a2ee53743e
4776ab4ac83d2d50183ec44db9f7f17740189de4ed8d5dfbca2e38b98979fc7e
4b3e90398c657077f722fae1c3378f89cda72b842a560ff5b62e5b2a66dd38a0
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4ecb19208af0fe05a6823398d20e534747dcc67c7f12cc49d8a2514bd9aaf3e4
59dbda86041a5f394b83391ffe0b939341aabb817fa60a6ea78c80f5835596b5
5c6b885e03b73147dcf0423c503edeb69f10b06b4538d5db4e8a5bcf53e64caf
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6015ebb3c5a15b29d0008c8164cdd6ec4acec71872b375c93632b966c3aba502
627243ce2294317c88d1bd5f05bf22061962419620b5fa17415b3feb96caaf4b
689b4bf15ccbe5c9a73eefb514819352d2965eb097094151fe549e3b50102545
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d190c985949e8a0962ca2cede3c214de8085dc9d11c726af6c00c1ae5bb7ba9
6e44b9596bd11c9d0332e7f9a729f2488b67d3f458c4297e079b3e96c7011296
6ebe8f7e33db530652a0b1c6394ec4f50a2fcc0b4a31d1ab33db65d6815dd087
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
708d269702025d6df88eceaa9d5b8f17c85e199cf9838e75d7f15f8af6a4d151
77e00056f87388b706aaf8a8e7a7707e17900a5d421e9793d297cf0a89be2842
7b2305414c9bf43fa92261bef6e29c905907a74dac72bd4db0bc7c0564c2a1cf
7fa700026f65e76dc1e8ab1f1a09c3b12bc781059e93fddf91668f1a8d9f9028
81e64118f1bf09843324b9d9b13fbbab22a0cad9edbda5737f42fb124e04a4c8
8313d3e169121893e826bc2506e89df9d60c93f701d48e2e2bc52cc1c2594d61
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
992bba83c91506222322122d55e57b2a0b966f9e2362ddd604703bac3de4172e
99c5b0c4dda4c118c47a981dc88aa3e607a81dc978456cb652cfefb6a4b09a1d
a18aa92dea997bd71eb540d5f931620591e9dee27e5f817978bb385bab924d21
ab387ca7a44566e97d712d42512cd007ec6a7a082a9fcf228ce48fd4d57702ab
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc0667bd6c77132026dedfab636ac0f95c517991b07068200f2a422a9ff4684
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b6a42551570efac6335b8af881b06a3519225e02ea845360512ee32f1846101f
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf9343f4c7423fe24aecb5b52ebbe160bdb67159b6bbe10a780a0932d4b175e1
bfe1a1aaaf5de956cb5184c28713e80e8a972deb118e580f48ece4c2036ccf79
c114b978529bb527ee145a76e49651f83cb774274f510f7856499916b493f4fe
c67d7ca12d73af6ffe244067f12675e4f7830d2c4c0b86ec1e7829b30783ff3d
c9d9f5594a673ab4cf310c708e7d5ce3e8246225429a6225abd9026dc9907ccc
d5184d24cb91ce0e98b123e5d01b21ea34bbe213a5893053ec4f5da0382e314d
da18b063a5ad4fd3b2ab2119a89c13f04089ce5b294672bcd7c7f9cc91e2878d
dbda4e32c2422a0c9a346a5ce6f039f7f17a27991b31d248d748574c0aa19120
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfabc4d333e327c32d9d62163c51df7b15e4d8a5a04683e9f024262ab9e3356d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e616576797f5545a063665255eb3d8a9de5bd7a57b0f09d1aabb764bd264ab76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8a91d7e9984a2615372222eee92dd55dd0ff1011db66acbe8cfc5ed380e63d
f54f48bed0d5056a57db5e71efaa1692a5e889acff2f69f3422a5ebc516ee99a
fafe8561b29ed51ec8d31a7820abf8e09aac6c6400f56de53b697003702d1370

report.bitninja.io Open in urlscan Pro 2606:4700:3031::ac43:c0bd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

100 %HTTPS

65 %IPv6

35 Domains

49 Subdomains

49 IPs

6 Countries

1413 kBTransfer

4192 kBSize

23 Cookies

6 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

report.bitninja.io Open in urlscan Pro
2606:4700:3031::ac43:c0bd Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

100 %
HTTPS

65 %
IPv6

35
Domains

49
Subdomains

49
IPs

6
Countries

1413 kB
Transfer

4192 kB
Size

23
Cookies

103 HTTP transactions
1 data transactions